From a0444ef55d379a633554dfd32f1d914e2df07abc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 4 Mar 2024 17:58:43 +0100 Subject: [PATCH 01/79] fix can't delete pdf if ref is not encoded (#28630) --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index ea9b87b1de6e7..c156eccb5f38d 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -4477,7 +4477,7 @@ function setRadioForTypeOfInvoice() { $file = GETPOST('file', 'alpha'); $formconfirm = $form->formconfirm( - $_SERVER["PHP_SELF"].'?facid='.$object->id.'&file='.$file, + $_SERVER["PHP_SELF"].'?facid='.$object->id.'&file='.urlencode($file), $langs->trans('DeleteFileHeader'), $langs->trans('DeleteFileText')."

".$file, 'remove_file', From d0c0dee616968d13f14385d975266c9857ba97a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 4 Mar 2024 18:23:03 +0100 Subject: [PATCH 02/79] fix typo in ChangeLog (#28613) * fix typo in ChangeLog * Update ChangeLog --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index de0cb66b9686a..bb3afe1e22edc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,7 +24,7 @@ FIX: Bad column for total in bom list FIX: Bad condition on button back to draft on recruitment job. FIX: Bad CRLF when sending text only content. Fix dol_htmlwithnojs() FIX: Bad picto on list of permission of a user when user not admin -FIX: bad timzeone for the start/end date of an event +FIX: bad timezone for the start/end date of an event FIX: Better test on validity of compute field syntax with parenthesis FIX: close #28279 FIX: disabled pito of menu must be greyed. @@ -47,7 +47,7 @@ FIX: Shipment closing action has wrong value (#28174) FIX: some tooltips has disappeared on invoice action button FIX: Special code is now transmitted by args only in order supplier (#28546) FIX: subscription must be editable when accounting isn't reconciled (#28469) -FIX: Value of field int = 0 from modulebuilder must nto be set to null +FIX: Value of field int = 0 from modulebuilder must not be set to null ***** ChangeLog for 19.0.0 compared to 18.0.0 ***** From 6cc9ac55429f37b83f058993875e62181bfec534 Mon Sep 17 00:00:00 2001 From: Christian Humpel <78662388+Humml87@users.noreply.github.com> Date: Mon, 4 Mar 2024 18:59:37 +0100 Subject: [PATCH 03/79] FIX: Count of virtual stock at Services and MoLine with disabled stock change (#28580) * fix the count of virtual stock * - fix "Found non sanitized string" ? --------- Co-authored-by: christian.humpel --- htdocs/product/class/product.class.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 5288300c443cc..b959d87063f2d 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -3469,6 +3469,8 @@ public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirt // phpcs:enable global $conf, $user, $hookmanager, $action; + $serviceStockIsEnabled = isModEnabled("service") && getDolGlobalString('STOCK_SUPPORTS_SERVICES'); + $sql = "SELECT COUNT(DISTINCT m.fk_soc) as nb_customers, COUNT(DISTINCT m.rowid) as nb,"; $sql .= " COUNT(mp.rowid) as nb_rows, SUM(mp.qty) as qty, role"; $sql .= " FROM ".$this->db->prefix()."mrp_production as mp"; @@ -3480,6 +3482,7 @@ public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirt $sql .= " WHERE m.rowid = mp.fk_mo"; $sql .= " AND m.entity IN (".getEntity($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE') ? 'stock' : 'mrp').")"; $sql .= " AND mp.fk_product = ".((int) $this->id); + $sql .= " AND mp.disable_stock_change IN (0)"; if (!$user->hasRight('societe', 'client', 'voir') && !$socid && !$forVirtualStock) { $sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -3492,6 +3495,9 @@ public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirt if (!empty($dateofvirtualstock)) { $sql .= " AND m.date_valid <= '".$this->db->idate($dateofvirtualstock)."'"; // better date to code ? end of production ? } + if (!$serviceStockIsEnabled) { + $sql .= "AND EXISTS (SELECT p.rowid FROM ".$this->db->prefix()."product AS p WHERE p.rowid = ".((int) $this->id)." AND p.fk_product_type IN (0))"; + } $sql .= " GROUP BY role"; $this->stats_mrptoconsume['customers'] = 0; From d7f3feba747b9177a80d11384cbb3bae84dc9642 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Mar 2024 03:57:56 +0100 Subject: [PATCH 04/79] Merge branch '18.0' of git@github.com:Dolibarr/dolibarr.git into 19.0 --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f21e08e8261ab..6fe032f545666 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -2224,7 +2224,7 @@ function dol_get_fiche_head($links = array(), $active = '', $title = '', $notab $tabsname = str_replace("@", "", $picto); } $out .= '
'; - $out .= '
'.$langs->trans("More").'... ('.$nbintab.')
'; // Do not use "reposition" class in the "More". + $out .= '
'.$langs->trans("More").'... ('.$nbintab.')
'; // Do not use "reposition" class in the "More". $out .= '
'; $out .= $outmore; $out .= '
'; From 26c307c0a422558d6224b9366bd938ccd3b6fb9d Mon Sep 17 00:00:00 2001 From: John BOTELLA Date: Tue, 5 Mar 2024 17:16:11 +0100 Subject: [PATCH 05/79] Fix extrafield ajax search default on edit (#28631) --- htdocs/core/class/html.form.class.php | 49 +++++++++++++++++---------- 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 29cb68f171d67..40e9391877132 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -8014,22 +8014,22 @@ protected function constructMemberListOption(&$objp, &$opt, &$optJson, $selected * Can use autocomplete with ajax after x key pressed or a full combo, depending on setup. * This is the generic method that will replace all specific existing methods. * - * @param string $objectdesc 'ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter[:Sortfield]]]'. For hard coded custom needs. Try to prefer method using $objectfield instead of $objectdesc. - * @param string $htmlname Name of HTML select component - * @param int $preselectedvalue Preselected value (ID of element) - * @param string $showempty ''=empty values not allowed, 'string'=value show if we allow empty values (for example 'All', ...) - * @param string $searchkey Search criteria - * @param string $placeholder Place holder - * @param string $morecss More CSS - * @param string $moreparams More params provided to ajax call - * @param int $forcecombo Force to load all values and output a standard combobox (with no beautification) - * @param int $disabled 1=Html component is disabled - * @param string $selected_input_value Value of preselected input text (for use with ajax) - * @param string $objectfield Object:Field that contains the definition (in table $fields or $extrafields). Example: 'Object:xxx' or 'Module_Object:xxx' or 'Object:options_xxx' or 'Module_Object:options_xxx' + * @param string $objectdesc 'ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter[:Sortfield]]]'. For hard coded custom needs. Try to prefer method using $objectfield instead of $objectdesc. + * @param string $htmlname Name of HTML select component + * @param int $preSelectedValue Preselected value (ID of element) + * @param string $showempty ''=empty values not allowed, 'string'=value show if we allow empty values (for example 'All', ...) + * @param string $searchkey Search criteria + * @param string $placeholder Place holder + * @param string $morecss More CSS + * @param string $moreparams More params provided to ajax call + * @param int $forcecombo Force to load all values and output a standard combobox (with no beautification) + * @param int $disabled 1=Html component is disabled + * @param string $selected_input_value Value of preselected input text (for use with ajax) + * @param string $objectfield Object:Field that contains the definition (in table $fields or $extrafields). Example: 'Object:xxx' or 'Module_Object:xxx' or 'Object:options_xxx' or 'Module_Object:options_xxx' * @return string Return HTML string * @see selectForFormsList(), select_thirdparty_list() */ - public function selectForForms($objectdesc, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $disabled = 0, $selected_input_value = '', $objectfield = '') + public function selectForForms($objectdesc, $htmlname, $preSelectedValue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $disabled = 0, $selected_input_value = '', $objectfield = '') { global $conf, $extrafields, $user; @@ -8128,10 +8128,23 @@ public function selectForForms($objectdesc, $htmlname, $preselectedvalue, $showe if (!empty($conf->use_javascript_ajax) && getDolGlobalString($confkeyforautocompletemode) && !$forcecombo) { // No immediate load of all database $placeholder = ''; - if ($preselectedvalue && empty($selected_input_value)) { - $objecttmp->fetch($preselectedvalue); + + if ($preSelectedValue && empty($selected_input_value)) { + $objecttmp->fetch($preSelectedValue); $selected_input_value = ($prefixforautocompletemode == 'company' ? $objecttmp->name : $objecttmp->ref); - //unset($objecttmp); + + $oldValueForShowOnCombobox = 0; + foreach ($objecttmp->fields as $fieldK => $fielV) { + if (!$fielV['showoncombobox'] || empty($objecttmp->$fieldK)) continue; + + if (!$oldValueForShowOnCombobox) { + $selected_input_value = ''; + } + + $selected_input_value .= $oldValueForShowOnCombobox ? ' - ' : ''; + $selected_input_value .= $objecttmp->$fieldK; + $oldValueForShowOnCombobox = empty($fielV['showoncombobox']) ? 0 : $fielV['showoncombobox']; + } } // Set url and param to call to get json of the search results @@ -8139,12 +8152,12 @@ public function selectForForms($objectdesc, $htmlname, $preselectedvalue, $showe $urloption = 'htmlname=' . urlencode($htmlname) . '&outjson=1&objectdesc=' . urlencode($objectdescorig) . '&objectfield='.urlencode($objectfield) . ($sortfield ? '&sortfield=' . urlencode($sortfield) : ''); // Activate the auto complete using ajax call. - $out .= ajax_autocompleter($preselectedvalue, $htmlname, $urlforajaxcall, $urloption, getDolGlobalString($confkeyforautocompletemode), 0, array()); + $out .= ajax_autocompleter($preSelectedValue, $htmlname, $urlforajaxcall, $urloption, getDolGlobalString($confkeyforautocompletemode), 0); $out .= ''; $out .= ''; } else { // Immediate load of table record. - $out .= $this->selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $showempty, $searchkey, $placeholder, $morecss, $moreparams, $forcecombo, 0, $disabled, $sortfield, $filter); + $out .= $this->selectForFormsList($objecttmp, $htmlname, $preSelectedValue, $showempty, $searchkey, $placeholder, $morecss, $moreparams, $forcecombo, 0, $disabled, $sortfield, $filter); } return $out; From cb20a1d0335561c8c5eb1d1d35bd1c3ec88c10d9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Mar 2024 21:18:14 +0100 Subject: [PATCH 06/79] Fix css --- htdocs/theme/eldy/global.inc.php | 6 +++--- htdocs/theme/md/style.css.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index d1799aae1c30d..7b3cd0697cb5c 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -8155,11 +8155,11 @@ + ?> select[multiple] { - height: 42px; + height: 42px; } - + ?> select[multiple] { - height: 42px; + height: 42px; } - Date: Tue, 5 Mar 2024 21:19:42 +0100 Subject: [PATCH 07/79] Fix phpcs --- htdocs/product/class/product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 28d9e7a1ce8fc..80e85cf734157 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -3563,7 +3563,7 @@ public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirt } if (!$serviceStockIsEnabled) { $sql .= "AND EXISTS (SELECT p.rowid FROM ".$this->db->prefix()."product AS p WHERE p.rowid = ".((int) $this->id)." AND p.fk_product_type IN (0))"; - } + } if (!empty($warehouseid)) { $sql.= " AND m.fk_warehouse = ".((int) $warehouseid); } From fd2352645de445716eeaa5a72c8415f9da45d1a9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Mar 2024 22:59:55 +0100 Subject: [PATCH 08/79] Fix warning --- htdocs/accountancy/class/accountingaccount.class.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index b31f39c366d12..057c307e1f6b0 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -173,13 +173,13 @@ public function __construct($db) /** * Load record in memory * - * @param int $rowid Id - * @param string $account_number Account number - * @param int|boolean $limittocurrentchart 1 or true=Load record only if it is into current active chart of account - * @param string $limittoachartaccount 'ABC'=Load record only if it is into chart account with code 'ABC' (better and faster than previous parameter if you have chart of account code). - * @return int Return integer <0 if KO, 0 if not found, Id of record if OK and found + * @param int $rowid Id + * @param string $account_number Account number + * @param int|boolean $limittocurrentchart 1 or true=Load record only if it is into current active chart of account + * @param string $limittoachartaccount 'ABC'=Load record only if it is into chart account with code 'ABC' (better and faster than previous parameter if you have chart of account code). + * @return int Return integer <0 if KO, 0 if not found, Id of record if OK and found */ - public function fetch($rowid = null, $account_number = null, $limittocurrentchart = 0, $limittoachartaccount = '') + public function fetch($rowid = 0, $account_number = null, $limittocurrentchart = 0, $limittoachartaccount = '') { global $conf; From 64093cc3786d2439b90833cf0155d0c3809b9437 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Mar 2024 23:00:51 +0100 Subject: [PATCH 09/79] Fix warning --- htdocs/accountancy/admin/productaccount.php | 24 ++++++++++----------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/htdocs/accountancy/admin/productaccount.php b/htdocs/accountancy/admin/productaccount.php index a0556a5753ac9..e93164b01be2e 100644 --- a/htdocs/accountancy/admin/productaccount.php +++ b/htdocs/accountancy/admin/productaccount.php @@ -267,18 +267,18 @@ // so we need to get those the rowid of those default value first $accounting = new AccountingAccount($db); // TODO: we should need to check if result is already exists accountaccount rowid..... -$aarowid_servbuy = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_ACCOUNT'), 1); -$aarowid_servbuy_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT'), 1); -$aarowid_servbuy_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT'), 1); -$aarowid_prodbuy = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_ACCOUNT'), 1); -$aarowid_prodbuy_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT'), 1); -$aarowid_prodbuy_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT'), 1); -$aarowid_servsell = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_ACCOUNT'), 1); -$aarowid_servsell_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT'), 1); -$aarowid_servsell_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT'), 1); -$aarowid_prodsell = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_ACCOUNT'), 1); -$aarowid_prodsell_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT'), 1); -$aarowid_prodsell_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT'), 1); +$aarowid_servbuy = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_BUY_ACCOUNT'), 1); +$aarowid_servbuy_intra = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT'), 1); +$aarowid_servbuy_export = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT'), 1); +$aarowid_prodbuy = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_BUY_ACCOUNT'), 1); +$aarowid_prodbuy_intra = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT'), 1); +$aarowid_prodbuy_export = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT'), 1); +$aarowid_servsell = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_SOLD_ACCOUNT'), 1); +$aarowid_servsell_intra = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT'), 1); +$aarowid_servsell_export = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT'), 1); +$aarowid_prodsell = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_ACCOUNT'), 1); +$aarowid_prodsell_intra = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT'), 1); +$aarowid_prodsell_export = $accounting->fetch(0, getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT'), 1); $aacompta_servbuy = getDolGlobalString('ACCOUNTING_SERVICE_BUY_ACCOUNT', $langs->trans("CodeNotDef")); $aacompta_servbuy_intra = getDolGlobalString('ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT', $langs->trans("CodeNotDef")); From c27551cbb7673c2136f21ca91df256d26d682d93 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Mar 2024 23:29:41 +0100 Subject: [PATCH 10/79] Add a more complete message --- htdocs/public/payment/paymentok.php | 10 +++++----- htdocs/public/stripe/ipn.php | 4 +++- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/htdocs/public/payment/paymentok.php b/htdocs/public/payment/paymentok.php index d31715b03cafc..f5950f629d775 100644 --- a/htdocs/public/payment/paymentok.php +++ b/htdocs/public/payment/paymentok.php @@ -882,7 +882,7 @@ } else { $paiement->multicurrency_amounts = array($object->id => $FinalPaymentAmt); // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency that currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; $error++; // Not yet supported } @@ -1011,7 +1011,7 @@ } else { $paiement->multicurrency_amounts = array($invoice->id => $FinalPaymentAmt); // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency that currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; $error++; } @@ -1278,7 +1278,7 @@ } else { $paiement->multicurrency_amounts = array($object->id => $FinalPaymentAmt); // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency that currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; $error++; // Not yet supported } @@ -1508,7 +1508,7 @@ } else { $paiement->multicurrency_amounts = array($object->id => $FinalPaymentAmt); // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency that currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; $error++; // Not yet supported } @@ -1719,7 +1719,7 @@ } else { $paiement->multicurrency_amounts = array($invoice->id => $FinalPaymentAmt); // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency that currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; $error++; } diff --git a/htdocs/public/stripe/ipn.php b/htdocs/public/stripe/ipn.php index 3888b24700638..1cbedcc9342e0 100644 --- a/htdocs/public/stripe/ipn.php +++ b/htdocs/public/stripe/ipn.php @@ -404,6 +404,8 @@ $payment_amount = $payment_amountInDolibarr; // TODO Check payment_amount in Stripe (received) is same than the one in Dolibarr + $postactionmessages = array(); + if ($paymentTypeId == "CB" && ($paymentTypeIdInDolibarr == 'card' || empty($paymentTypeIdInDolibarr))) { // Case payment type in Stripe and into prelevement_demande are both CARD. // For this case, payment should already have been recorded so we just update flag of payment request if not yet 1 @@ -422,7 +424,7 @@ } else { $paiement->multicurrency_amounts = [$invoice_id => $payment_amount]; // Array with all payments dispatching - $postactionmessages[] = 'Payment was done in a different currency than currency expected of company'; + $postactionmessages[] = 'Payment was done in a currency ('.$currencyCodeType.') other than the expected currency of company ('.$conf->currency.')'; $ispostactionok = -1; // Not yet supported, so error $error++; From 5c4c39da2ac62db2e2188bc9526f8dfbbe6e0380 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 00:46:04 +0100 Subject: [PATCH 11/79] Debug module AI --- htdocs/ai/admin/custom_prompt.php | 98 ++++++++++++---------- htdocs/ai/admin/setup.php | 9 +- htdocs/ai/ajax/generate_content.php | 10 ++- htdocs/ai/class/ai.class.php | 62 ++++++++++---- htdocs/core/class/html.formsetup.class.php | 4 + htdocs/langs/en_US/admin.lang | 8 +- 6 files changed, 125 insertions(+), 66 deletions(-) diff --git a/htdocs/ai/admin/custom_prompt.php b/htdocs/ai/admin/custom_prompt.php index 56c29fa0e5ead..c784e9ae3b8ff 100644 --- a/htdocs/ai/admin/custom_prompt.php +++ b/htdocs/ai/admin/custom_prompt.php @@ -38,11 +38,6 @@ $action = 'edit'; } -$value = GETPOST('value', 'alpha'); -$label = GETPOST('label', 'alpha'); -$scandir = GETPOST('scan_dir', 'alpha'); -$type = 'myobject'; - $error = 0; $setupnotempty = 0; @@ -71,8 +66,12 @@ // List of AI features $arrayofaifeatures = array( - 'emailing' => 'Emailing', - 'imagegeneration' => 'ImageGeneration' + 'textgeneration' => array('label' => 'TextGeneration', 'picto'=>'', 'status'=>'development'), + 'imagegeneration' => array('label' => 'ImageGeneration', 'picto'=>'', 'status'=>'notused'), + 'videogeneration' => array('label' => 'VideoGeneration', 'picto'=>'', 'status'=>'notused'), + 'transcription' => array('label' => 'Transcription', 'picto'=>'', 'status'=>'notused'), + 'translation' => array('label' => 'Translation', 'picto'=>'', 'status'=>'notused'), + 'audiotext' => array('label' => 'AudioText', 'picto'=>'', 'status'=>'notused') ); @@ -80,12 +79,12 @@ * Actions */ -$modulename = GETPOST('module_name'); +$functioncode = GETPOST('functioncode', 'alpha'); $pre_prompt = GETPOST('prePrompt', 'alpha'); $post_prompt = GETPOST('postPrompt', 'alpha'); // get all configs in const AI -$currentConfigurationsJson = dolibarr_get_const($db, 'AI_CONFIGURATIONS_PROMPT', $conf->entity); +$currentConfigurationsJson = getDolGlobalString('AI_CONFIGURATIONS_PROMPT'); $currentConfigurations = json_decode($currentConfigurationsJson, true); if ($action == 'update' && GETPOST('cancel')) { @@ -93,7 +92,7 @@ } if ($action == 'update' && !GETPOST('cancel')) { $error = 0; - if (empty($modulename)) { + if (empty($functioncode)) { $error++; setEventMessages($langs->trans('ErrorInputRequired'), null, 'errors'); } @@ -101,12 +100,12 @@ $currentConfigurations = []; } - if (empty($modulename) || (empty($pre_prompt) && empty($post_prompt))) { - if (isset($currentConfigurations[$modulename])) { - unset($currentConfigurations[$modulename]); + if (empty($functioncode) || (empty($pre_prompt) && empty($post_prompt))) { + if (isset($currentConfigurations[$functioncode])) { + unset($currentConfigurations[$functioncode]); } } else { - $currentConfigurations[$modulename] = [ + $currentConfigurations[$functioncode] = [ 'prePrompt' => $pre_prompt, 'postPrompt' => $post_prompt, ]; @@ -172,10 +171,12 @@ $out .= ''; $out .= ''; // Combo list of AI features - $out .= ''; $out .= ''; foreach ($arrayofaifeatures as $key => $val) { - $out .= ''; + $labelhtml = $langs->trans($arrayofaifeatures[$key]['label']).($arrayofaifeatures[$key]['status'] == 'notused' ? ' ('.$langs->trans("NotUsed").')' : ""); + $labeltext = $langs->trans($arrayofaifeatures[$key]['label']); + $out .= ''; } /* $sql = "SELECT name FROM llx_const WHERE name LIKE 'MAIN_MODULE_%' AND value = '1'"; @@ -191,7 +192,7 @@ } */ $out .= ''; - $out .= ajax_combobox("module_select"); + $out .= ajax_combobox("functioncode"); $out .= ''; $out .= ''; @@ -223,37 +224,42 @@ if ($action == 'edit' || $action == 'create') { - $out = ''; - foreach ($currentConfigurations as $key => $config) { - if (!preg_match('/^[a-z]+$/i', $key)) { // Ignore empty saved setup - continue; + $out = ''; + + if (!empty($currentConfigurations)) { + $out = '
'; + foreach ($currentConfigurations as $key => $config) { + if (!empty($key) && !preg_match('/^[a-z]+$/i', $key)) { // Ignore empty saved setup + continue; + } + + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; + $out .= ''; } - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; - $out .= ''; + $out .= ''; + $out .= '
'.$arrayofaifeatures[$key]['picto'].' '.$langs->trans($arrayofaifeatures[$key]['label']).'
'; + $out .= 'pre-Prompt'; + $out .= ''; + $out .= ''; + $out .= '
'; + $out .= 'Post-prompt'; + $out .= ''; + $out .= ''; + $out .= '
'.$langs->trans($arrayofaifeatures[$key]).'
'; - $out .= 'pre-Prompt'; - $out .= ''; - $out .= ''; - $out .= '
'; - $out .= 'Post-prompt'; - $out .= ''; - $out .= ''; - $out .= '
'; } - $out .= ''; - $out .= ''; $out .= ''; diff --git a/htdocs/ai/admin/setup.php b/htdocs/ai/admin/setup.php index 4fdb1f024358d..73e4765d7a457 100644 --- a/htdocs/ai/admin/setup.php +++ b/htdocs/ai/admin/setup.php @@ -61,14 +61,19 @@ $formSetup = new FormSetup($db); +// List all available IA $arrayofia = array('chatgpt'); foreach ($arrayofia as $ia) { // Setup conf AI_PUBLIC_INTERFACE_TOPIC - $item = $formSetup->newItem('AI_KEY_API_'.strtoupper($ia)); + /*$item = $formSetup->newItem('AI_API_'.strtoupper($ia).'_ENDPOINT'); // Name of constant must end with _KEY so it is encrypted when saved into database. $item->defaultFieldValue = ''; -} + $item->cssClass = 'minwidth500';*/ + $item = $formSetup->newItem('AI_API_'.strtoupper($ia).'_KEY'); // Name of constant must end with _KEY so it is encrypted when saved into database. + $item->defaultFieldValue = ''; + $item->cssClass = 'minwidth500'; +} $setupnotempty =+ count($formSetup->items); diff --git a/htdocs/ai/ajax/generate_content.php b/htdocs/ai/ajax/generate_content.php index 34d7f1967530d..9b1adf13b84e0 100644 --- a/htdocs/ai/ajax/generate_content.php +++ b/htdocs/ai/ajax/generate_content.php @@ -45,6 +45,11 @@ require_once DOL_DOCUMENT_ROOT.'/ai/class/ai.class.php'; + +/* + * View + */ + top_httphead(); //get data from AJAX @@ -54,11 +59,12 @@ if (is_null($jsonData)) { dol_print_error('data with format JSON valide.'); } -$chatGPT = new Ai($db); +$ai = new Ai($db); $instructions = dol_string_nohtmltag($jsonData['instructions'], 1, 'UTF-8'); +$function = 'textgeneration'; -$generatedContent = $chatGPT->generateContent($instructions, 'gpt-3.5-turbo', 'MAILING'); +$generatedContent = $ai->generateContent($instructions, 'auto', $function); if (is_array($generatedContent) && $generatedContent['error']) { print "Error : " . $generatedContent['message']; diff --git a/htdocs/ai/class/ai.class.php b/htdocs/ai/class/ai.class.php index 2771c1b0e0610..399b3adb1ee4b 100644 --- a/htdocs/ai/class/ai.class.php +++ b/htdocs/ai/class/ai.class.php @@ -50,38 +50,72 @@ class Ai public function __construct($db) { $this->db = $db; - $this->apiEndpoint = dolibarr_get_const($this->db, 'AI_API_ENDPOINT'); - $this->apiKey = dolibarr_get_const($this->db, 'AI_KEY_API_CHATGPT'); + + $this->apiKey = getDolGlobalString('AI_API_CHATGPT_KEY'); } /** * Generate response of instructions - * @param string $instructions instruction for generate content - * @param string $model model name (chat,text,image...) - * @param string $moduleName Name of module - * @return mixed $response + * + * @param string $instructions instruction for generate content + * @param string $model model name ('gpt-3.5-turbo') + * @param string $function code of the feature we want to use ('emailing', 'transcription', 'audiotext', 'imagegeneration', 'translation') + * @return mixed $response */ - public function generateContent($instructions, $model = 'gpt-3.5-turbo', $moduleName = 'MAILING') + public function generateContent($instructions, $model = 'auto', $function = 'textgeneration') { - global $conf; + if (empty($this->apiEndpoint)) { + if ($function == 'textgeneration') { + $this->apiEndpoint = 'https://api.openai.com/v1/chat/completions'; + if ($model == 'auto') { + $model = getDolGlobalString('AI_API_CHATGPT_MODEL_TEXT', 'gpt-3.5-turbo'); + } + } + if ($function == 'imagegeneration') { + $this->apiEndpoint = 'https://api.openai.com/v1/images/generations'; + if ($model == 'auto') { + $model = getDolGlobalString('AI_API_CHATGPT_MODEL_IMAGE', 'dall-e-3'); + } + } + if ($function == 'audiotext') { + $this->apiEndpoint = 'https://api.openai.com/v1/audio/speech'; + if ($model == 'auto') { + $model = getDolGlobalString('AI_API_CHATGPT_MODEL_AUDIO', 'tts-1'); + } + } + if ($function == 'transcription') { + $this->apiEndpoint = 'https://api.openai.com/v1/audio/transcriptions'; + if ($model == 'auto') { + $model = getDolGlobalString('AI_API_CHATGPT_MODEL_TRANSCRIPT', 'whisper-1'); + } + } + if ($function == 'translation') { + $this->apiEndpoint = 'https://api.openai.com/v1/audio/translations'; + if ($model == 'auto') { + $model = getDolGlobalString('AI_API_CHATGPT_MODEL_TRANSLATE', 'whisper-1'); + } + } + } + try { - $configurationsJson = dolibarr_get_const($this->db, 'AI_CONFIGURATIONS_PROMPT', $conf->entity); + $configurationsJson = getDolGlobalString('AI_CONFIGURATIONS_PROMPT'); $configurations = json_decode($configurationsJson, true); $prePrompt = ''; $postPrompt = ''; - if (isset($configurations[$moduleName])) { - if (isset($configurations[$moduleName]['prePrompt'])) { - $prePrompt = $configurations[$moduleName]['prePrompt']; + if (isset($configurations[$function])) { + if (isset($configurations[$function]['prePrompt'])) { + $prePrompt = $configurations[$function]['prePrompt']; } - if (isset($configurations[$moduleName]['postPrompt'])) { - $postPrompt = $configurations[$moduleName]['postPrompt']; + if (isset($configurations[$function]['postPrompt'])) { + $postPrompt = $configurations[$function]['postPrompt']; } } $fullInstructions = $prePrompt.' '.$instructions.' .'.$postPrompt; + // TODO Replace this with a simple call of getDolURLContent(); $ch = curl_init($this->apiEndpoint); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([ diff --git a/htdocs/core/class/html.formsetup.class.php b/htdocs/core/class/html.formsetup.class.php index 3221587152927..e5199267d311b 100644 --- a/htdocs/core/class/html.formsetup.class.php +++ b/htdocs/core/class/html.formsetup.class.php @@ -573,6 +573,7 @@ public function itemSort(FormSetupItem $a, FormSetupItem $b) } } + /** * This class help to create item for class formSetup */ @@ -646,6 +647,9 @@ class FormSetupItem public $enabled = 1; + /** + * @var string The css to use on the input field of item + */ public $cssClass = ''; /** diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 6182aa8f97b9d..b7dd42c84e2c4 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -2437,11 +2437,15 @@ ExportUseForce=Use the parameter -f ExportUseForceHelp=Force to continue the export even when an error is found (Backup may not be reliable) CustomPrompt=Custom prompts AiDescription=AI (Artificial Intelligence) features -AiDescriptionLong=Provides AI (Artificial Intelligence) features in different parts of the application. Need external AI API. -AI_KEY_API_CHATGPT= Key for ChatGPT AI api +AiDescriptionLong=Provides AI (Artificial Intelligence) features in different parts of the application. Need external AI API. +AI_API_CHATGPT_ENDPOINT=Endpoint for ChatGPT AI api +AI_API_CHATGPT_KEY=Key for ChatGPT AI api AiSetup=AI module setup AiCustomPrompt=AI custom prompt AI_CONFIGURATIONS_PROMPT=Custom prompt +TextGeneration=Text generation ImageGeneration=Image generation +VideoGeneration=Video generation +AudioText=Audio - Text AIPromptForFeatures=AI custom prompts for features EnterAnIP=Enter an IP address From 43b1adb4c6551cf26d5cd516f609af80b21301a9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 01:40:06 +0100 Subject: [PATCH 12/79] Fix bad var name in security setup page --- htdocs/admin/system/security.php | 4 ++-- htdocs/langs/en_US/errors.lang | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 6ad04701a522e..199b715d2ef63 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -272,7 +272,7 @@ if (file_exists($installlock)) { // If install not locked, no need to show this. if (file_exists($upgradeunlock)) { print ''.$langs->trans("DolibarrUpgrade").': '; - print img_warning().' '.$langs->trans("UpgradeHasBeenUnlocked", $upgradeunlock); + print img_warning().' '.$langs->trans("WarningUpgradeHasBeenUnlocked", $upgradeunlock); print '
'; } } @@ -756,7 +756,7 @@ print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCESTS = '.getDolGlobalString('>WEBSITE_MAIN_SECURITY_FORCESTS', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCESTS = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCESTS', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCEPP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCEPP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"camera: (); microphone: ();\")
"; diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index b4883e7f6f49f..625cb2bfc51a6 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -343,6 +343,7 @@ WarningConfFileMustBeReadOnly=Warning, your config file (htdocs/conf/conf.php WarningsOnXLines=Warnings on %s source record(s) WarningNoDocumentModelActivated=No model, for document generation, has been activated. A model will be chosen by default until you check your module setup. WarningLockFileDoesNotExists=Warning, once setup is finished, you must disable the installation/migration tools by adding a file install.lock into directory %s. Omitting the creation of this file is a grave security risk. +WarningUpgradeHasBeenUnlocked=Warning, upgrade process has been unlocked for everybody WarningUntilDirRemoved=This security warning will remain active as long as the vulnerability is present. WarningCloseAlways=Warning, closing is done even if amount differs between source and target elements. Enable this feature with caution. WarningUsingThisBoxSlowDown=Warning, using this box slow down seriously all pages showing the box. From 1552fac711177f376dee15e39812107619d681db Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 01:54:41 +0100 Subject: [PATCH 13/79] Fix strict-origin --- htdocs/admin/system/security.php | 2 +- htdocs/main.inc.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 199b715d2ef63..fce38310605aa 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -753,7 +753,7 @@ print '   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self' 'unsafe-inline'; style-src https://cdnjs.cloudflare.com *.googleapis.com; script-src *.transifex.com *.google-analytics.com *.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src * data:;\")
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").'=\"strict-origin\" '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCESTS = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCESTS', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")
"; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 548d2fb2099df..44b62e8bb8f3a 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1669,9 +1669,9 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0) // Referrer-Policy // Say if we must provide the referrer when we jump onto another web page. - // Default browser are 'strict-origin-when-cross-origin' (only domain is sent on other domain switching), we want more so we use 'same-origin' so browser doesn't send any referrer when going into another web site domain. + // Default browser are 'strict-origin-when-cross-origin' (only domain is sent on other domain switching), we want more so we use 'strict-origin' so browser doesn't send any referrer when going into another web site domain. if (!defined('MAIN_SECURITY_FORCERP')) { - $referrerpolicy = getDolGlobalString('MAIN_SECURITY_FORCERP', "same-origin"); + $referrerpolicy = getDolGlobalString('MAIN_SECURITY_FORCERP', "strict-origin"); header("Referrer-Policy: ".$referrerpolicy); } From 1a9fa740a5fbe8301a83851c76cdc7bd166be540 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 13:32:15 +0100 Subject: [PATCH 14/79] Fix quote --- htdocs/admin/system/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index fce38310605aa..8aee55d46ba4d 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -753,7 +753,7 @@ print '   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self' 'unsafe-inline'; style-src https://cdnjs.cloudflare.com *.googleapis.com; script-src *.transifex.com *.google-analytics.com *.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src * data:;\")
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").'=\"strict-origin\" '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined")."=\"strict-origin\" ".$langs->trans("or")." \"strict-origin-when-cross-origin\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCESTS = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCESTS', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")
"; From f1aa29507a62786c8de29fb0afc5c38e477f04bc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 15:01:25 +0100 Subject: [PATCH 15/79] Fix sec more complete list of forbidden function --- htdocs/core/lib/functions.lib.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 6fe032f545666..0298ce0d439fc 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -9738,6 +9738,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("get_defined_functions", "get_defined_vars", "get_defined_constants", "get_declared_classes")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("eval", "create_function", "assert", "mb_ereg_replace")); // function with eval capabilities $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function From 7866ee472bb7e825a949ab537a65b4efbe763ecf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 17:07:24 +0100 Subject: [PATCH 16/79] QUAL Clean code around dol_eval use --- ChangeLog | 1 + htdocs/adherents/list.php | 10 +-- htdocs/admin/emailcollector_list.php | 2 +- htdocs/admin/mails_senderprofile_list.php | 2 +- htdocs/admin/mails_templates.php | 2 +- htdocs/admin/menus/edit.php | 4 +- htdocs/admin/perms.php | 2 +- .../class/assetdepreciationoptions.class.php | 2 +- htdocs/asset/list.php | 2 +- htdocs/asset/model/list.php | 2 +- .../tpl/depreciation_options_edit.tpl.php | 2 +- htdocs/bom/bom_list.php | 2 +- htdocs/bookcal/availabilities_list.php | 2 +- htdocs/bookcal/calendar_list.php | 2 +- htdocs/comm/mailing/cibles.php | 2 +- htdocs/comm/propal/list.php | 2 +- .../compta/cashcontrol/cashcontrol_list.php | 2 +- htdocs/compta/facture/list.php | 2 +- htdocs/compta/resultat/result.php | 20 +---- htdocs/contact/list.php | 2 +- htdocs/core/boxes/box_scheduled_jobs.php | 2 +- htdocs/core/class/commonobject.class.php | 16 ++-- htdocs/core/class/extrafields.class.php | 14 +-- htdocs/core/class/html.form.class.php | 2 +- htdocs/core/class/menu.class.php | 1 - htdocs/core/class/menubase.class.php | 6 +- htdocs/core/class/translate.class.php | 4 - htdocs/core/lib/company.lib.php | 4 +- htdocs/core/lib/customreports.lib.php | 12 +-- htdocs/core/lib/functions.lib.php | 88 ++++++++----------- .../core/tpl/admin_extrafields_view.tpl.php | 2 +- .../tpl/extrafields_list_array_fields.tpl.php | 4 +- .../tpl/extrafields_list_print_fields.tpl.php | 2 +- htdocs/core/tpl/extrafields_view.tpl.php | 6 +- ...terface_50_modTicket_TicketEmail.class.php | 4 +- .../conferenceorbooth_list.php | 2 +- .../conferenceorboothattendee_list.php | 2 +- htdocs/exports/class/export.class.php | 2 +- htdocs/fourn/commande/list.php | 2 +- htdocs/hrm/evaluation_list.php | 2 +- htdocs/hrm/job_list.php | 2 +- htdocs/hrm/position.php | 2 +- htdocs/hrm/position_list.php | 2 +- htdocs/hrm/skill_card.php | 2 +- htdocs/hrm/skill_list.php | 2 +- .../knowledgerecord_list.php | 2 +- htdocs/loan/list.php | 2 +- .../modulebuilder/template/myobject_list.php | 2 +- htdocs/mrp/mo_list.php | 4 +- htdocs/partnership/partnership_list.php | 2 +- htdocs/product/inventory/list.php | 2 +- htdocs/product/list.php | 2 +- htdocs/product/stock/list.php | 2 +- htdocs/product/stock/productlot_list.php | 2 +- .../stocktransfer/stocktransfer_list.php | 2 +- htdocs/projet/list.php | 2 +- htdocs/public/ticket/list.php | 2 +- .../recruitmentcandidature_list.php | 2 +- .../recruitmentjobposition_list.php | 2 +- htdocs/salaries/list.php | 2 +- htdocs/salaries/payments.php | 2 +- htdocs/societe/price.php | 2 +- htdocs/ticket/list.php | 2 +- htdocs/user/group/perms.php | 2 +- htdocs/user/perms.php | 2 +- htdocs/variants/list.php | 2 +- htdocs/webhook/target_list.php | 2 +- .../class/html.formlistwebportal.class.php | 2 +- .../class/html.formwebportal.class.php | 4 +- htdocs/workstation/workstation_list.php | 6 +- 70 files changed, 140 insertions(+), 172 deletions(-) diff --git a/ChangeLog b/ChangeLog index 278fc2984c030..66fc896615a64 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,7 @@ The following changes may create regressions for some external modules, but were * All CLI tools (into /scripts) return a positive value to the shell if error (0 remains success) for a better cross platform compatibility. On linux the exit(-1) was caught as 255, it may be now exit(1) so will be caught as 1. * the parameter $filter of method fetchAll does not accept array of SQL but must be a string of an Universal Search Filter syntax. +* Use of dol_eval with parameter $returnvalue=0 is deprecated. ***** ChangeLog for 19.0.1 compared to 19.0.0 ***** diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 45b3e121d9917..9e193f1052cd9 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -194,11 +194,11 @@ if (!empty($val['visible'])) { $visible = (int) dol_eval($val['visible'], 1); $arrayfields[$tableprefix.'.'.$key] = array( - 'label'=>$val['label'], - 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>dol_eval($val['enabled'], 1), - 'position'=>$val['position'], - 'help'=> isset($val['help']) ? $val['help'] : '' + 'label' => $val['label'], + 'checked' =>(($visible < 0) ? 0 : 1), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), + 'position' => $val['position'], + 'help' => isset($val['help']) ? $val['help'] : '' ); } } diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index 8d0c4ff1f273b..8470610221606 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -121,7 +121,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index e57e3794d3fd4..0f314ba993a48 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -110,7 +110,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index 9bbeade4cdd12..6e651307207df 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -1176,7 +1176,7 @@ continue; // It means this is a type of template not into elementList (may be because enabled condition of this type is false because module is not enabled) } // Test on 'enabled' - if (!dol_eval($obj->enabled, 1, 1, '1')) { + if (! (int) dol_eval($obj->enabled, 1, 1, '1')) { $i++; continue; // Email template not qualified } diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index f2969e5ed69a0..ac40bfd21d0a3 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -505,7 +505,7 @@ function init_topleft() print ''.$langs->trans('Enabled').''; print ''.$langs->trans('DetailEnabled'); if (!empty($menu->enabled)) { - print ' ('.$langs->trans("ConditionIsCurrently").': '.yn(dol_eval($menu->enabled, 1, 1, '1')).')'; + print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->enabled, 1, 1, '1')).')'; } print ''; @@ -513,7 +513,7 @@ function init_topleft() print ''.$langs->trans('Rights').''; print ''.$langs->trans('DetailRight'); if (!empty($menu->perms)) { - print ' ('.$langs->trans("ConditionIsCurrently").': '.yn(dol_eval($menu->perms, 1, 1, '1')).')'; + print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->perms, 1, 1, '1')).')'; } print ''; diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index b74904f0a9fa0..774cb17336460 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -262,7 +262,7 @@ if ($user->admin) { print ''; $htmltext = $langs->trans("ID").': '.$obj->id; - $htmltext .= '
'.$langs->trans("Permission").': user->hasRight(\''.$obj->module.'\', \''.$obj->perms.'\''.($obj->subperms ? ', \''.$obj->subperms.'\'' : '').')'; + $htmltext .= '
'.$langs->trans("Permission").': user->hasRight(\''.dol_escape_htmltag($obj->module).'\', \''.dol_escape_htmltag($obj->perms).'\''.($obj->subperms ? ', \''.dol_escape_htmltag($obj->subperms).'\'' : '').')'; print $form->textwithpicto('', $htmltext); //print ''.$obj->id.''; print ''; diff --git a/htdocs/asset/class/assetdepreciationoptions.class.php b/htdocs/asset/class/assetdepreciationoptions.class.php index 99497d1b23a06..e6aa273060c8b 100644 --- a/htdocs/asset/class/assetdepreciationoptions.class.php +++ b/htdocs/asset/class/assetdepreciationoptions.class.php @@ -268,7 +268,7 @@ public function setDeprecationOptionsFromPost($class_type = 0) if ($field_info['notnull'] > 0 && $field_value == '' && !is_null($field_info['default']) && $field_info['default'] == '(PROV)') { $field_value = '(PROV)'; } elseif ((!empty($field_info['required']) || $field_info['notnull'] > 0) && $field_value == '' && !empty($field_info['default'])) { - $field_value = dol_eval($field_info['default'], 1); + $field_value = $field_info['default']; } if ($field_info['notnull'] > 0 && $field_value == '' && is_null($field_info['default'])) { $error++; diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index c8c105ab5c8d2..c35fe38027955 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -109,7 +109,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/asset/model/list.php b/htdocs/asset/model/list.php index f5c987e15f73f..cb61803017cfc 100644 --- a/htdocs/asset/model/list.php +++ b/htdocs/asset/model/list.php @@ -109,7 +109,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/asset/tpl/depreciation_options_edit.tpl.php b/htdocs/asset/tpl/depreciation_options_edit.tpl.php index 8031d3576f12d..ea55ab5999af0 100644 --- a/htdocs/asset/tpl/depreciation_options_edit.tpl.php +++ b/htdocs/asset/tpl/depreciation_options_edit.tpl.php @@ -136,7 +136,7 @@ } $value = GETPOSTISSET($html_name) ? GETPOST($html_name, $check) : $assetdepreciationoptions->$field_key; } elseif ($field_info['type'] == 'price') { - $value = GETPOSTISSET($html_name) ? price2num(GETPOST($html_name)) : ($assetdepreciationoptions->$field_key ? price2num($assetdepreciationoptions->$field_key) : (!empty($field_info['default']) ? dol_eval($field_info['default'], 1) : 0)); + $value = GETPOSTISSET($html_name) ? price2num(GETPOST($html_name)) : ($assetdepreciationoptions->$field_key ? price2num($assetdepreciationoptions->$field_key) : (!empty($field_info['default']) ? $field_info['default'] : 0)); } elseif ($field_key == 'lang') { $value = GETPOSTISSET($html_name) ? GETPOST($html_name, 'aZ09') : $assetdepreciationoptions->lang; } else { diff --git a/htdocs/bom/bom_list.php b/htdocs/bom/bom_list.php index cbf1f8cccf5fe..b7b6be62f2e01 100644 --- a/htdocs/bom/bom_list.php +++ b/htdocs/bom/bom_list.php @@ -111,7 +111,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/bookcal/availabilities_list.php b/htdocs/bookcal/availabilities_list.php index 83df6105c7756..d27b46dd02c2a 100644 --- a/htdocs/bookcal/availabilities_list.php +++ b/htdocs/bookcal/availabilities_list.php @@ -122,7 +122,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/bookcal/calendar_list.php b/htdocs/bookcal/calendar_list.php index a513aab7d3194..781cad7732edc 100644 --- a/htdocs/bookcal/calendar_list.php +++ b/htdocs/bookcal/calendar_list.php @@ -120,7 +120,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index d38984a2b799a..d1bde067b1e26 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -480,7 +480,7 @@ $obj = new $classname($db); // Check if qualified - $qualified = (is_null($obj->enabled) ? 1 : dol_eval($obj->enabled, 1)); + $qualified = (is_null($obj->enabled) ? 1 : (int) dol_eval($obj->enabled, 1)); // Check dependencies foreach ($obj->require_module as $key) { diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 8618b1049fded..88cec01487879 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -268,7 +268,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index a6c9cf5a361ff..c3cd5cd37a1fd 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -110,7 +110,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 1a82e95d19d80..7c2f594906a5e 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -282,7 +282,7 @@ $arrayfields[$newkey] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'], 'help' => empty($val['help']) ? '' : $val['help'], ); diff --git a/htdocs/compta/resultat/result.php b/htdocs/compta/resultat/result.php index 0a38507ccb6c6..72bb5428b758c 100644 --- a/htdocs/compta/resultat/result.php +++ b/htdocs/compta/resultat/result.php @@ -351,10 +351,7 @@ } else { //var_dump($result); //$r = $AccCat->calculate($result); - $r = dol_eval($result, 1, 1, '1'); - if (is_nan($r)) { - $r = 0; - } + $r = (float) dol_eval($result, 1, 1, '1'); print ''.price($r).''; } @@ -378,10 +375,7 @@ $result = str_replace('--', '+', $result); //$r = $AccCat->calculate($result); - $r = dol_eval($result, 1, 1, '1'); - if (is_nan($r)) { - $r = 0; - } + $r = (float) dol_eval($result, 1, 1, '1'); print ''.price($r).''; if (empty($sommes[$code]['N'])) { @@ -400,10 +394,7 @@ $result = str_replace('--', '+', $result); //$r = $AccCat->calculate($result); - $r = dol_eval($result, 1, 1, '1'); - if (is_nan($r)) { - $r = 0; - } + $r = (float) dol_eval($result, 1, 1, '1'); print ''.price($r).''; if (empty($sommes[$code]['M'][$k])) { @@ -423,10 +414,7 @@ $result = str_replace('--', '+', $result); //$r = $AccCat->calculate($result); - $r = dol_eval($result, 1, 1, '1'); - if (is_nan($r)) { - $r = 0; - } + $r = (float) dol_eval($result, 1, 1, '1'); print ''.price($r).''; if (empty($sommes[$code]['M'][$k])) { diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 6ae0192bfe17a..96e5814074239 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -227,7 +227,7 @@ $arrayfields['p.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/core/boxes/box_scheduled_jobs.php b/htdocs/core/boxes/box_scheduled_jobs.php index 6bcb71d53114b..539781c0da933 100644 --- a/htdocs/core/boxes/box_scheduled_jobs.php +++ b/htdocs/core/boxes/box_scheduled_jobs.php @@ -89,7 +89,7 @@ public function loadBox($max = 5) while ($i < $num) { $objp = $this->db->fetch_object($result); - if (dol_eval($objp->test, 1, 1, '2')) { + if ((int) dol_eval($objp->test, 1, 1, '2')) { $nextrun = $this->db->jdate($objp->datenextrun); if (empty($nextrun)) { $nextrun = $this->db->jdate($objp->datestart); diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 564f7d8449305..c947e4e7c53b4 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -921,14 +921,14 @@ public function getTooltipContent($params) } $enabled = 1; if ($enabled && isset($extrafields->attributes[$this->table_element]['enabled'][$key])) { - $enabled = dol_eval($extrafields->attributes[$this->table_element]['enabled'][$key], 1, 1, '2'); + $enabled = (int) dol_eval($extrafields->attributes[$this->table_element]['enabled'][$key], 1, 1, '2'); } if ($enabled && isset($extrafields->attributes[$this->table_element]['list'][$key])) { - $enabled = dol_eval($extrafields->attributes[$this->table_element]['list'][$key], 1, 1, '2'); + $enabled = (int) dol_eval($extrafields->attributes[$this->table_element]['list'][$key], 1, 1, '2'); } $perms = 1; if ($perms && isset($extrafields->attributes[$this->table_element]['perms'][$key])) { - $perms = dol_eval($extrafields->attributes[$this->table_element]['perms'][$key], 1, 1, '2'); + $perms = (int) dol_eval($extrafields->attributes[$this->table_element]['perms'][$key], 1, 1, '2'); } if (empty($enabled)) { continue; // 0 = Never visible field @@ -6180,12 +6180,12 @@ public function setValuesForExtraLanguages($onlykey = '') $enabled = 1; if (isset($this->fields[$key]['enabled'])) { - $enabled = dol_eval($this->fields[$key]['enabled'], 1, 1, '1'); + $enabled = (int) dol_eval($this->fields[$key]['enabled'], 1, 1, '1'); } /*$perms = 1; if (isset($this->fields[$key]['perms'])) { - $perms = dol_eval($this->fields[$key]['perms'], 1, 1, '1'); + $perms = (int) dol_eval($this->fields[$key]['perms'], 1, 1, '1'); }*/ if (empty($enabled)) { continue; @@ -8596,7 +8596,7 @@ public function showOptionals($extrafields, $mode = 'view', $params = null, $key // Test on 'enabled' ('enabled' is different than 'list' = 'visibility') $enabled = 1; if ($enabled && isset($extrafields->attributes[$this->table_element]['enabled'][$key])) { - $enabled = dol_eval($extrafields->attributes[$this->table_element]['enabled'][$key], 1, 1, '2'); + $enabled = (int) dol_eval($extrafields->attributes[$this->table_element]['enabled'][$key], 1, 1, '2'); } if (empty($enabled)) { continue; @@ -8604,12 +8604,12 @@ public function showOptionals($extrafields, $mode = 'view', $params = null, $key $visibility = 1; if ($visibility && isset($extrafields->attributes[$this->table_element]['list'][$key])) { - $visibility = dol_eval($extrafields->attributes[$this->table_element]['list'][$key], 1, 1, '2'); + $visibility = (int) dol_eval($extrafields->attributes[$this->table_element]['list'][$key], 1, 1, '2'); } $perms = 1; if ($perms && isset($extrafields->attributes[$this->table_element]['perms'][$key])) { - $perms = dol_eval($extrafields->attributes[$this->table_element]['perms'][$key], 1, 1, '2'); + $perms = (int) dol_eval($extrafields->attributes[$this->table_element]['perms'][$key], 1, 1, '2'); } if (($mode == 'create') && abs($visibility) != 1 && abs($visibility) != 3) { diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 7bcdab198e0fb..a7b6cc9ac22a4 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -966,9 +966,9 @@ public function showInputField($key, $value, $moreparam = '', $keysuffix = '', $ $unique = $this->attributes[$extrafieldsobjectkey]['unique'][$key]; $required = $this->attributes[$extrafieldsobjectkey]['required'][$key]; $param = $this->attributes[$extrafieldsobjectkey]['param'][$key]; - $perms = dol_eval($this->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '2'); + $perms = (int) dol_eval($this->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '2'); $langfile = $this->attributes[$extrafieldsobjectkey]['langfile'][$key]; - $list = dol_eval($this->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '2'); + $list = (string) dol_eval($this->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '2'); $totalizable = $this->attributes[$extrafieldsobjectkey]['totalizable'][$key]; $help = $this->attributes[$extrafieldsobjectkey]['help'][$key]; $hidden = (empty($list) ? 1 : 0); // If empty, we are sure it is hidden, otherwise we show. If it depends on mode (view/create/edit form or list, this must be filtered by caller) @@ -1649,9 +1649,9 @@ public function showOutputField($key, $value, $moreparam = '', $extrafieldsobjec $unique = $this->attributes[$extrafieldsobjectkey]['unique'][$key]; $required = $this->attributes[$extrafieldsobjectkey]['required'][$key]; $param = $this->attributes[$extrafieldsobjectkey]['param'][$key]; - $perms = dol_eval($this->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '2'); + $perms = (int) dol_eval($this->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '2'); $langfile = $this->attributes[$extrafieldsobjectkey]['langfile'][$key]; - $list = dol_eval($this->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '2'); + $list = (string) dol_eval($this->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '2'); $help = $this->attributes[$extrafieldsobjectkey]['help'][$key]; $hidden = (empty($list) ? 1 : 0); // If $list empty, we are sure it is hidden, otherwise we show. If it depends on mode (view/create/edit form or list, this must be filtered by caller) @@ -2154,17 +2154,17 @@ public function setOptionalsFromPost($extralabels, &$object, $onlykey = '', $tod $enabled = 1; if (isset($this->attributes[$object->table_element]['enabled'][$key])) { // 'enabled' is often a condition on module enabled or not - $enabled = dol_eval($this->attributes[$object->table_element]['enabled'][$key], 1, 1, '2'); + $enabled = (int) dol_eval($this->attributes[$object->table_element]['enabled'][$key], 1, 1, '2'); } $visibility = 1; if (isset($this->attributes[$object->table_element]['list'][$key])) { // 'list' is option for visibility - $visibility = intval(dol_eval($this->attributes[$object->table_element]['list'][$key], 1, 1, '2')); + $visibility = (int) dol_eval($this->attributes[$object->table_element]['list'][$key], 1, 1, '2'); } $perms = 1; if (isset($this->attributes[$object->table_element]['perms'][$key])) { - $perms = dol_eval($this->attributes[$object->table_element]['perms'][$key], 1, 1, '2'); + $perms = (int) dol_eval($this->attributes[$object->table_element]['perms'][$key], 1, 1, '2'); } if (empty($enabled) || ( diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index cc55f91e44855..21e33db578ee0 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -8235,7 +8235,7 @@ public function selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $sh if (!empty($objecttmp->fields)) { // For object that declare it, it is better to use declared fields (like societe, contact, ...) $tmpfieldstoshow = ''; foreach ($objecttmp->fields as $key => $val) { - if (!dol_eval($val['enabled'], 1, 1, '1')) { + if (! (int) dol_eval($val['enabled'], 1, 1, '1')) { continue; } if (!empty($val['showoncombobox'])) { diff --git a/htdocs/core/class/menu.class.php b/htdocs/core/class/menu.class.php index 0b908997d157b..6b93331127e12 100644 --- a/htdocs/core/class/menu.class.php +++ b/htdocs/core/class/menu.class.php @@ -119,7 +119,6 @@ public function getNbOfVisibleMenuEntries() { $nb = 0; foreach ($this->liste as $val) { - //if (dol_eval($val['enabled'], 1, 1, '1')) $nb++; if (!empty($val['enabled'])) { $nb++; // $val['enabled'] is already evaluated to 0 or 1, no need for dol_eval() } diff --git a/htdocs/core/class/menubase.class.php b/htdocs/core/class/menubase.class.php index ebda232e331f6..25dc836be3c5f 100644 --- a/htdocs/core/class/menubase.class.php +++ b/htdocs/core/class/menubase.class.php @@ -434,7 +434,7 @@ public function fetch($id, $user = null) $this->title = $obj->title; $this->prefix = $obj->prefix; $this->langs = $obj->langs; - $this->perms = $obj->perms; + $this->perms = str_replace("\"", "'", $obj->perms); $this->enabled = str_replace("\"", "'", $obj->enabled); $this->user = $obj->user; $this->tms = $this->db->jdate($obj->tms); @@ -665,7 +665,7 @@ public function menuLoad($mymainmenu, $myleftmenu, $type_user, $menu_handler, &$ if (isset($menu['perms'])) { $tmpcond = $menu['perms']; if ($leftmenu == 'all') { - $tmpcond = preg_replace('/\$leftmenu\s*==\s*["\'a-zA-Z_]+/', '1==1', $tmpcond); // Force part of condition to true + $tmpcond = preg_replace('/\$leftmenu\s*==\s*["\'a-zA-Z_]+/', '1==1', $tmpcond); // Force the part of condition on leftmenu to true } $perms = verifCond($tmpcond); //print "verifCond rowid=".$menu['rowid']." ".$tmpcond.":".$perms."
\n"; @@ -676,7 +676,7 @@ public function menuLoad($mymainmenu, $myleftmenu, $type_user, $menu_handler, &$ if (isset($menu['enabled'])) { $tmpcond = $menu['enabled']; if ($leftmenu == 'all') { - $tmpcond = preg_replace('/\$leftmenu\s*==\s*["\'a-zA-Z_]+/', '1==1', $tmpcond); // Force part of condition to true + $tmpcond = preg_replace('/\$leftmenu\s*==\s*["\'a-zA-Z_]+/', '1==1', $tmpcond); // Force the part of condition on leftmenu to true } $enabled = verifCond($tmpcond); //var_dump($menu['type'].' - '.$menu['titre'].' - '.$menu['enabled'].' => '.$enabled); diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index 5cd303acaa08f..96daa0479f880 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -727,7 +727,6 @@ public function trans($key, $param1 = '', $param2 = '', $param3 = '', $param4 = return $str; } else { // Translation is not available - //if ($key[0] == '$') { return dol_eval($key, 1, 1, '1'); } return $this->getTradFromKey($key); } } @@ -796,9 +795,6 @@ public function transnoentitiesnoconv($key, $param1 = '', $param2 = '', $param3 return $str; } else { - /*if ($key[0] == '$') { - return dol_eval($key, 1, 1, '1'); - }*/ return $this->getTradFromKey($key); } } diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index c5209a3790d7e..d18aa3c8fd2bc 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -1089,9 +1089,9 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl if (!empty($extrafields->attributes[$contactstatic->table_element]['list'][$key])) { $arrayfields["ef.".$key] = array( 'label'=>$extrafields->attributes[$contactstatic->table_element]['label'][$key], - 'checked'=>((dol_eval($extrafields->attributes[$contactstatic->table_element]['list'][$key], 1, 1, '1') < 0) ? 0 : 1), + 'checked'=>(((int) dol_eval($extrafields->attributes[$contactstatic->table_element]['list'][$key], 1, 1, '1') < 0) ? 0 : 1), 'position'=>1000 + $extrafields->attributes[$contactstatic->table_element]['pos'][$key], - 'enabled' => (abs((int) dol_eval($extrafields->attributes[$contactstatic->table_element]['list'][$key], 1)) != 3 && dol_eval($extrafields->attributes[$contactstatic->table_element]['perms'][$key], 1, 1, '1')) + 'enabled' => (abs((int) dol_eval($extrafields->attributes[$contactstatic->table_element]['list'][$key], 1)) != 3 && (int) dol_eval($extrafields->attributes[$contactstatic->table_element]['perms'][$key], 1, 1, '1')) ); } } diff --git a/htdocs/core/lib/customreports.lib.php b/htdocs/core/lib/customreports.lib.php index 496b5a605ac2f..1359fae99a19c 100644 --- a/htdocs/core/lib/customreports.lib.php +++ b/htdocs/core/lib/customreports.lib.php @@ -65,7 +65,7 @@ function fillArrayOfMeasures($object, $tablealias, $labelofobject, &$arrayofmesu // Add main fields of object foreach ($object->fields as $key => $val) { - if (!empty($val['isameasure']) && (!isset($val['enabled']) || dol_eval($val['enabled'], 1, 1, '1'))) { + if (!empty($val['isameasure']) && (!isset($val['enabled']) || (int) dol_eval($val['enabled'], 1, 1, '1'))) { $position = (empty($val['position']) ? 0 : intval($val['position'])); $arrayofmesures[$tablealias.'.'.$key.'-sum'] = array( 'label' => img_picto('', (empty($object->picto) ? 'generic' : $object->picto), 'class="pictofixedwidth"').$labelofobject.': '.$langs->trans($val['label']).' ('.$langs->trans("Sum").')', @@ -100,7 +100,7 @@ function fillArrayOfMeasures($object, $tablealias, $labelofobject, &$arrayofmesu // Add extrafields to Measures if (!empty($object->isextrafieldmanaged) && isset($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - if (!empty($extrafields->attributes[$object->table_element]['totalizable'][$key]) && (!isset($extrafields->attributes[$object->table_element]['enabled'][$key]) || dol_eval($extrafields->attributes[$object->table_element]['enabled'][$key], 1, 1, '1'))) { + if (!empty($extrafields->attributes[$object->table_element]['totalizable'][$key]) && (!isset($extrafields->attributes[$object->table_element]['enabled'][$key]) || (int) dol_eval($extrafields->attributes[$object->table_element]['enabled'][$key], 1, 1, '1'))) { $position = (!empty($val['position']) ? $val['position'] : 0); $arrayofmesures[preg_replace('/^t/', 'te', $tablealias).'.'.$key.'-sum'] = array( 'label' => img_picto('', (empty($object->picto) ? 'generic' : $object->picto), 'class="pictofixedwidth"').$labelofobject.': '.$langs->trans($extrafields->attributes[$object->table_element]['label'][$key]).' ('.$langs->trans("Sum").')', @@ -206,10 +206,10 @@ function fillArrayOfXAxis($object, $tablealias, $labelofobject, &$arrayofxaxis, 'parent', 'photo', 'socialnetworks', 'webservices_url', 'webservices_key'))) { continue; } - if (isset($val['enabled']) && !dol_eval($val['enabled'], 1, 1, '1')) { + if (isset($val['enabled']) && ! (int) dol_eval($val['enabled'], 1, 1, '1')) { continue; } - if (isset($val['visible']) && !dol_eval($val['visible'], 1, 1, '1')) { + if (isset($val['visible']) && ! (int) dol_eval($val['visible'], 1, 1, '1')) { continue; } if (preg_match('/^fk_/', $key) && !preg_match('/^fk_statu/', $key)) { @@ -371,10 +371,10 @@ function fillArrayOfGroupBy($object, $tablealias, $labelofobject, &$arrayofgroup 'parent', 'photo', 'socialnetworks', 'webservices_url', 'webservices_key'))) { continue; } - if (isset($val['enabled']) && !dol_eval($val['enabled'], 1, 1, '1')) { + if (isset($val['enabled']) && ! (int) dol_eval($val['enabled'], 1, 1, '1')) { continue; } - if (isset($val['visible']) && !dol_eval($val['visible'], 1, 1, '1')) { + if (isset($val['visible']) && ! (int) dol_eval($val['visible'], 1, 1, '1')) { continue; } if (preg_match('/^fk_/', $key) && !preg_match('/^fk_statu/', $key)) { diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index c6795f8c777e7..25cc81e664cfe 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -9786,9 +9786,9 @@ function isStringVarMatching($var, $regextext, $matchrule = 1) * Verify if condition in string is ok or not * * @param string $strToEvaluate String with condition to check - * @param string $onlysimplestring '0' (deprecated, used for computed property of extrafields)=Accept all chars, + * @param string $onlysimplestring '0' (deprecated, do not use it anymore)=Accept all chars, * '1' (most common use)=Accept only simple string with char 'a-z0-9\s^$_+-.*>&|=!?():"\',/@';', - * '2' (rarely used)=Accept also '[]' + * '2' (used for example for the compute property of extrafields)=Accept also '[]' * @return boolean True or False. Note: It returns also True if $strToEvaluate is ''. False if error */ function verifCond($strToEvaluate, $onlysimplestring = '1') @@ -9798,7 +9798,7 @@ function verifCond($strToEvaluate, $onlysimplestring = '1') if (isset($strToEvaluate) && $strToEvaluate !== '') { //var_dump($strToEvaluate); //$rep = dol_eval($strToEvaluate, 1, 0, '1'); // to show the error - $rep = dol_eval($strToEvaluate, 1, 1, $onlysimplestring); // The dol_eval() must contains all the "global $xxx;" for all variables $xxx found into the string condition + $rep = (int) dol_eval($strToEvaluate, 1, 1, $onlysimplestring); // The dol_eval() must contains all the "global $xxx;" for all variables $xxx found into the string condition $rights = $rep && (!is_string($rep) || strpos($rep, 'Bad string syntax to evaluate') === false); //var_dump($rights); } @@ -9810,15 +9810,15 @@ function verifCond($strToEvaluate, $onlysimplestring = '1') * This function is called by verifCond() or trans() and transnoentitiesnoconv(). * * @param string $s String to evaluate - * @param int $returnvalue 0=No return (used to execute eval($a=something)). 1=Value of eval is returned (used to eval($something)). + * @param int $returnvalue 0=No return (deprecated, used to execute eval($a=something)). 1=Value of eval is returned (used to eval($something)). * @param int $hideerrors 1=Hide errors - * @param string $onlysimplestring '0' (deprecated, used for computed property of extrafields)=Accept all chars, + * @param string $onlysimplestring '0' (deprecated, do not use it anymore)=Accept all chars, * '1' (most common use)=Accept only simple string with char 'a-z0-9\s^$_+-.*>&|=!?():"\',/@';', - * '2' (rarely used)=Accept also '[]' + * '2' (used for example for the compute property of extrafields)=Accept also '[]' * @return mixed Nothing or return result of eval * @see verifCond() */ -function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1') +function dol_eval($s, $returnvalue = 1, $hideerrors = 1, $onlysimplestring = '1') { // Only this global variables can be read by eval function and returned to caller global $conf; // Read of const is done with getDolGlobalString() but we need $conf->currency for example @@ -9837,46 +9837,14 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' try { // Test on dangerous char (used for RCE), we allow only characters to make PHP variable testing - if ($onlysimplestring == '1') { - // We must accept: '1 && getDolGlobalInt("doesnotexist1") && getDolGlobalString("MAIN_FEATURES_LEVEL")' - // We must accept: '$user->hasRight("cabinetmed", "read") && !$object->canvas=="patient@cabinetmed"' + if ($onlysimplestring == '1' || $onlysimplestring == '2') { + // We must accept with 1: '1 && getDolGlobalInt("doesnotexist1") && getDolGlobalString("MAIN_FEATURES_LEVEL")' + // We must accept with 1: '$user->hasRight("cabinetmed", "read") && !$object->canvas=="patient@cabinetmed"' + // We must accept with 2: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found" $specialcharsallowed = '^$_+-.*>&|=!?():"\',/@'; - if (getDolGlobalString('MAIN_ALLOW_UNSECURED_SPECIAL_CHARS_IN_DOL_EVAL')) { - $specialcharsallowed .= getDolGlobalString('MAIN_ALLOW_UNSECURED_SPECIAL_CHARS_IN_DOL_EVAL'); - } - if (preg_match('/[^a-z0-9\s'.preg_quote($specialcharsallowed, '/').']/i', $s)) { - if ($returnvalue) { - return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s); - return ''; - } + if ($onlysimplestring == '2') { + $specialcharsallowed .= '[]'; } - $savescheck = ''; - $scheck = $s; - while ($scheck && $savescheck != $scheck) { - $savescheck = $scheck; - $scheck = preg_replace('/->[a-zA-Z0-9_]+\(/', '->__METHOD__', $scheck); // accept parenthesis in '...->method(...' - $scheck = preg_replace('/^\(/', '__PARENTHESIS__ ', $scheck); // accept parenthesis in '(...'. Must replace with __PARENTHESIS__ with a space after to allow following substitutions - $scheck = preg_replace('/\s\(/', '__PARENTHESIS__ ', $scheck); // accept parenthesis in '... ('. Must replace with __PARENTHESIS__ with a space after to allow following substitutions - $scheck = preg_replace('/^!?[a-zA-Z0-9_]+\(/', '__FUNCTION__', $scheck); // accept parenthesis in 'function(' and '!function(' - $scheck = preg_replace('/\s!?[a-zA-Z0-9_]+\(/', '__FUNCTION__', $scheck); // accept parenthesis in '... function(' and '... !function(' - $scheck = preg_replace('/(\^|\')\(/', '__REGEXSTART__', $scheck); // To allow preg_match('/^(aaa|bbb)/'... or isStringVarMatching('leftmenu', '(aaa|bbb)') - } - //print 'scheck='.$scheck." : ".strpos($scheck, '(')."
\n"; - if (strpos($scheck, '(') !== false) { - if ($returnvalue) { - return 'Bad string syntax to evaluate (mode 1, found call of a function or method without using the direct name of the function): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (mode 1, found call of a function or method without using the direct name of the function): '.$s); - return ''; - } - } - // TODO - // We can exclude $ char that are not: $db, $langs, $leftmenu, $topmenu, $user, $langs, $objectoffield, $object..., - } elseif ($onlysimplestring == '2') { - // We must accept: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found" - $specialcharsallowed = '^$_+-.*>&|=!?():"\',/@[]'; if (getDolGlobalString('MAIN_ALLOW_UNSECURED_SPECIAL_CHARS_IN_DOL_EVAL')) { $specialcharsallowed .= getDolGlobalString('MAIN_ALLOW_UNSECURED_SPECIAL_CHARS_IN_DOL_EVAL'); } @@ -9897,19 +9865,20 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' $scheck = preg_replace('/\s\(/', '__PARENTHESIS__ ', $scheck); // accept parenthesis in '... ('. Must replace with __PARENTHESIS__ with a space after to allow following substitutions $scheck = preg_replace('/^!?[a-zA-Z0-9_]+\(/', '__FUNCTION__', $scheck); // accept parenthesis in 'function(' and '!function(' $scheck = preg_replace('/\s!?[a-zA-Z0-9_]+\(/', '__FUNCTION__', $scheck); // accept parenthesis in '... function(' and '... !function(' - $scheck = preg_replace('/(\^|\')\(/', '__REGEXSTART__', $scheck); // To allow preg_match('/^(aaa|bbb)/'... or isStringVarMatching('leftmenu', '(aaa|bbb)') + $scheck = preg_replace('/(\^|\')\(/', '__REGEXSTART__', $scheck); // To allow preg_match('/^(aaa|bbb)/'... or isStringVarMatching('leftmenu', '(aaa|bbb)') } //print 'scheck='.$scheck." : ".strpos($scheck, '(')."
\n"; if (strpos($scheck, '(') !== false) { if ($returnvalue) { - return 'Bad string syntax to evaluate (mode 2, found call of a function or method without using the direct name of the function): '.$s; + return 'Bad string syntax to evaluate (mode '.$onlysimplestring.', found call of a function or method without using the direct name of the function): '.$s; } else { - dol_syslog('Bad string syntax to evaluate (mode 2, found call of a function or method without using the direct name of the function): '.$s); + dol_syslog('Bad string syntax to evaluate (mode '.$onlysimplestring.', found call of a function or method without using the direct name of the function): '.$s); return ''; } } // TODO - // We can exclude $ char that are not: $db, $leftmenu, $topmenu, $user, $langs, $object..., + // We can exclude $ char that are not: + // $db, $langs, $leftmenu, $topmenu, $user, $langs, $objectoffield, $object..., } if (is_array($s) || $s === 'Array') { return 'Bad string syntax to evaluate (value is Array) '.var_export($s, true); @@ -9949,7 +9918,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("get_defined_functions", "get_defined_vars", "get_defined_constants", "get_declared_classes")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); + //$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("eval", "create_function", "assert", "mb_ereg_replace")); // function with eval capabilities $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function @@ -9979,11 +9948,26 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' //print $s."
\n"; if ($returnvalue) { if ($hideerrors) { - return @eval('return '.$s.';'); + ob_start(); // An evaluation has no reason to output data + $tmps = @eval('return '.$s.';'); + $tmpo = ob_get_contents(); + ob_clean(); // End of interception of data + if ($tmpo) { + print 'Bad string syntax to evaluate. Some data were output when it should not when evaluating: '.$s; + } + return $tmps; } else { - return eval('return '.$s.';'); + ob_start(); // An evaluation has no reason to output data + $tmps = eval('return '.$s.';'); + $tmpo = ob_get_contents(); + ob_clean(); // End of interception of data + if ($tmpo) { + print 'Bad string syntax to evaluate. Some data were output when it should not when evaluating: '.$s; + } + return $tmps; } } else { + dol_syslog('Do not use anymore dol_eval with param returnvalue=0', LOG_WARNING); if ($hideerrors) { @eval($s); } else { diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index 7c1f4a94a15fa..04d75f0e844ef 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -99,7 +99,7 @@ if (isset($extrafields->attributes[$elementtype]['type']) && is_array($extrafields->attributes[$elementtype]['type']) && count($extrafields->attributes[$elementtype]['type'])) { foreach ($extrafields->attributes[$elementtype]['type'] as $key => $value) { - /*if (! dol_eval($extrafields->attributes[$elementtype]['enabled'][$key], 1, 1, '1')) { + /*if (! (int) dol_eval($extrafields->attributes[$elementtype]['enabled'][$key], 1, 1, '1')) { // TODO Uncomment this to exclude extrafields of modules not enabled. Add a link to "Show extrafields disabled" // continue; }*/ diff --git a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php index 46ad5391035bc..e7f745cedf7a1 100644 --- a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php @@ -24,9 +24,9 @@ $arrayfields[$extrafieldsobjectprefix.$key] = array( 'label' => $extrafields->attributes[$extrafieldsobjectkey]['label'][$key], 'type' => $extrafields->attributes[$extrafieldsobjectkey]['type'][$key], - 'checked' => ((dol_eval($extrafields->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '1') <= 0) ? 0 : 1), + 'checked' => (((int) dol_eval($extrafields->attributes[$extrafieldsobjectkey]['list'][$key], 1, 1, '1') <= 0) ? 0 : 1), 'position' => $extrafields->attributes[$extrafieldsobjectkey]['pos'][$key], - 'enabled' => (abs((int) dol_eval($extrafields->attributes[$extrafieldsobjectkey]['list'][$key], 1)) != 3 && dol_eval($extrafields->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '1')), + 'enabled' => (abs((int) dol_eval($extrafields->attributes[$extrafieldsobjectkey]['list'][$key], 1)) != 3 && (int) dol_eval($extrafields->attributes[$extrafieldsobjectkey]['perms'][$key], 1, 1, '1')), 'langfile' => $extrafields->attributes[$extrafieldsobjectkey]['langfile'][$key], 'help' => $extrafields->attributes[$extrafieldsobjectkey]['help'][$key], ); diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index 679a420df8cdf..b44df7273622a 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -35,7 +35,7 @@ // If field is a computed field, we make computation to get value if ($extrafields->attributes[$extrafieldsobjectkey]['computed'][$key]) { $objectoffield = $object; //For compatibility with the computed formula - $value = dol_eval($extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2'); + $value = dol_eval((int) $extrafields->attributes[$extrafieldsobjectkey]['computed'][$key], 1, 1, '2'); if (is_numeric(price2num($value)) && $extrafields->attributes[$extrafieldsobjectkey]['totalizable'][$key]) { $obj->$tmpkey = price2num($value); } diff --git a/htdocs/core/tpl/extrafields_view.tpl.php b/htdocs/core/tpl/extrafields_view.tpl.php index 2867f2ec15e39..347e611b8bf8b 100644 --- a/htdocs/core/tpl/extrafields_view.tpl.php +++ b/htdocs/core/tpl/extrafields_view.tpl.php @@ -74,15 +74,15 @@ $enabled = 1; if ($enabled && isset($extrafields->attributes[$object->table_element]['enabled'][$tmpkeyextra])) { - $enabled = dol_eval($extrafields->attributes[$object->table_element]['enabled'][$tmpkeyextra], 1, 1, '2'); + $enabled = (int) dol_eval($extrafields->attributes[$object->table_element]['enabled'][$tmpkeyextra], 1, 1, '2'); } if ($enabled && isset($extrafields->attributes[$object->table_element]['list'][$tmpkeyextra])) { - $enabled = dol_eval($extrafields->attributes[$object->table_element]['list'][$tmpkeyextra], 1, 1, '2'); + $enabled = (int) dol_eval($extrafields->attributes[$object->table_element]['list'][$tmpkeyextra], 1, 1, '2'); } $perms = 1; if ($perms && isset($extrafields->attributes[$object->table_element]['perms'][$tmpkeyextra])) { - $perms = dol_eval($extrafields->attributes[$object->table_element]['perms'][$tmpkeyextra], 1, 1, '2'); + $perms = (int) dol_eval($extrafields->attributes[$object->table_element]['perms'][$tmpkeyextra], 1, 1, '2'); } //print $tmpkeyextra.'-'.$enabled.'-'.$perms.'
'."\n"; diff --git a/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php b/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php index b04026109f3a2..273b560fa274b 100644 --- a/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php +++ b/htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php @@ -399,11 +399,11 @@ private function composeAndSendCustomerMessage($sendto, $base_subject, $body, $s foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $value) { $enabled = 1; if ($enabled && isset($extrafields->attributes[$object->table_element]['list'][$key])) { - $enabled = dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1); + $enabled = (int) dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1); } $perms = 1; if ($perms && isset($extrafields->attributes[$object->table_element]['perms'][$key])) { - $perms = dol_eval($extrafields->attributes[$object->table_element]['perms'][$key], 1); + $perms = (int) dol_eval($extrafields->attributes[$object->table_element]['perms'][$key], 1); } $qualified = true; diff --git a/htdocs/eventorganization/conferenceorbooth_list.php b/htdocs/eventorganization/conferenceorbooth_list.php index 41caf186654d9..a2b370ba6f461 100644 --- a/htdocs/eventorganization/conferenceorbooth_list.php +++ b/htdocs/eventorganization/conferenceorbooth_list.php @@ -122,7 +122,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/eventorganization/conferenceorboothattendee_list.php b/htdocs/eventorganization/conferenceorboothattendee_list.php index 94145c852e120..afb8f29d9425f 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_list.php +++ b/htdocs/eventorganization/conferenceorboothattendee_list.php @@ -130,7 +130,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php index c49cf2fbf14a7..c25fd3bff9c78 100644 --- a/htdocs/exports/class/export.class.php +++ b/htdocs/exports/class/export.class.php @@ -764,7 +764,7 @@ public function build_file($user, $model, $datatoexport, $array_selected, $array // Export of compute field does not work. $obj contains $obj->alias_field and formula may contains $obj->field // Also the formula may contains objects of class that are not loaded. $computestring = $this->array_export_special[$indice][$key]; - //$tmp = dol_eval($computestring, 1, 0, '1'); + //$tmp = (string) dol_eval($computestring, 1, 0, '2'); //$obj->$alias = $tmp; $this->error = "ERROPNOTSUPPORTED. Operation ".$computestring." not supported. Export of 'computed' extrafields is not yet supported, please remove field."; diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index d412fa6d6ee37..68f6d8f0af2fb 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -200,7 +200,7 @@ $arrayfields['cf.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/evaluation_list.php b/htdocs/hrm/evaluation_list.php index 861b25a1507b2..20b8ee4359c59 100644 --- a/htdocs/hrm/evaluation_list.php +++ b/htdocs/hrm/evaluation_list.php @@ -121,7 +121,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/job_list.php b/htdocs/hrm/job_list.php index 24686b4271508..9191162e97923 100644 --- a/htdocs/hrm/job_list.php +++ b/htdocs/hrm/job_list.php @@ -120,7 +120,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/position.php b/htdocs/hrm/position.php index 69807b143f104..6c227add8296d 100644 --- a/htdocs/hrm/position.php +++ b/htdocs/hrm/position.php @@ -127,7 +127,7 @@ $arrayfields['t.' . $key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => ($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/position_list.php b/htdocs/hrm/position_list.php index c72b7d2af20e5..4b9666e4c79ba 100644 --- a/htdocs/hrm/position_list.php +++ b/htdocs/hrm/position_list.php @@ -121,7 +121,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/skill_card.php b/htdocs/hrm/skill_card.php index 7ae07c6a26f96..d7b8e3d49ead6 100644 --- a/htdocs/hrm/skill_card.php +++ b/htdocs/hrm/skill_card.php @@ -570,7 +570,7 @@ $arrayfields['t.' . $key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => ($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/hrm/skill_list.php b/htdocs/hrm/skill_list.php index 344e91be8ddaa..ea155ac684fda 100644 --- a/htdocs/hrm/skill_list.php +++ b/htdocs/hrm/skill_list.php @@ -128,7 +128,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/knowledgemanagement/knowledgerecord_list.php b/htdocs/knowledgemanagement/knowledgerecord_list.php index 9e77ee2e30ebd..f2ee512c0046d 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_list.php +++ b/htdocs/knowledgemanagement/knowledgerecord_list.php @@ -123,7 +123,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/loan/list.php b/htdocs/loan/list.php index 5fad24be65140..013c41e3cce56 100644 --- a/htdocs/loan/list.php +++ b/htdocs/loan/list.php @@ -84,7 +84,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 06cd5c81f7afa..476a429d97278 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -176,7 +176,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/mrp/mo_list.php b/htdocs/mrp/mo_list.php index 535576c789c24..c88168ed1b931 100644 --- a/htdocs/mrp/mo_list.php +++ b/htdocs/mrp/mo_list.php @@ -116,7 +116,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); @@ -127,7 +127,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible <= 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/partnership/partnership_list.php b/htdocs/partnership/partnership_list.php index 452e03be496de..c810e09f554e8 100644 --- a/htdocs/partnership/partnership_list.php +++ b/htdocs/partnership/partnership_list.php @@ -138,7 +138,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 8b57061e08e4e..d9ff6026f0d75 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -115,7 +115,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 2d47c9a7e5ed3..88248cc0d8a0e 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -279,7 +279,7 @@ $arrayfields['p.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'] ); } diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php index d41180191b7b7..ca5bcb5fdedc9 100644 --- a/htdocs/product/stock/list.php +++ b/htdocs/product/stock/list.php @@ -124,7 +124,7 @@ $arrayfields['t.'.$key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => (abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 0b61dffa99dca..bd1733bdf81f3 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -115,7 +115,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/product/stock/stocktransfer/stocktransfer_list.php b/htdocs/product/stock/stocktransfer/stocktransfer_list.php index 864a9957c7fbf..d798b7556ac85 100644 --- a/htdocs/product/stock/stocktransfer/stocktransfer_list.php +++ b/htdocs/product/stock/stocktransfer/stocktransfer_list.php @@ -111,7 +111,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index aa1d3218a22e7..4477b2ad2180d 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -229,7 +229,7 @@ $arrayfields['p.'.$key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => ($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php index f257972f69cb8..11a1c5fa5c536 100644 --- a/htdocs/public/ticket/list.php +++ b/htdocs/public/ticket/list.php @@ -267,7 +267,7 @@ if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { if ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate') { - $enabled = abs(dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1, 1, '2')); + $enabled = abs((int) dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1, 1, '2')); $enabled = (($enabled == 0 || $enabled == 3) ? 0 : $enabled); $arrayfields["ef.".$key] = array('label' => $extrafields->attributes[$object->table_element]['label'][$key], 'checked' => ($extrafields->attributes[$object->table_element]['list'][$key] < 0) ? 0 : 1, 'position' => $extrafields->attributes[$object->table_element]['pos'][$key], 'enabled' => $enabled && $extrafields->attributes[$object->table_element]['perms'][$key]); } diff --git a/htdocs/recruitment/recruitmentcandidature_list.php b/htdocs/recruitment/recruitmentcandidature_list.php index 53f3ee7451123..3284710c7eb01 100644 --- a/htdocs/recruitment/recruitmentcandidature_list.php +++ b/htdocs/recruitment/recruitmentcandidature_list.php @@ -119,7 +119,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/recruitment/recruitmentjobposition_list.php b/htdocs/recruitment/recruitmentjobposition_list.php index b1e24a0fc523b..bf62f0beb62be 100644 --- a/htdocs/recruitment/recruitmentjobposition_list.php +++ b/htdocs/recruitment/recruitmentjobposition_list.php @@ -108,7 +108,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/salaries/list.php b/htdocs/salaries/list.php index aa8e62caf5239..80e4dd7baf183 100644 --- a/htdocs/salaries/list.php +++ b/htdocs/salaries/list.php @@ -130,7 +130,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/salaries/payments.php b/htdocs/salaries/payments.php index a2e98275e2cac..db0865ba994b7 100644 --- a/htdocs/salaries/payments.php +++ b/htdocs/salaries/payments.php @@ -142,7 +142,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php index e7ba363e0458e..fdafc97e55bf3 100644 --- a/htdocs/societe/price.php +++ b/htdocs/societe/price.php @@ -546,7 +546,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php index a5ea8eaf13b26..1233793cd7da6 100644 --- a/htdocs/ticket/list.php +++ b/htdocs/ticket/list.php @@ -146,7 +146,7 @@ $arrayfields['t.'.$key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => (abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 0b4d80bcefbb8..ea7a4ef554b99 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -438,7 +438,7 @@ if ($user->admin) { print ''; $htmltext = $langs->trans("ID").': '.$obj->id; - $htmltext .= '
'.$langs->trans("Permission").': user->rights->'.$obj->module.'->'.$obj->perms.($obj->subperms ? '->'.$obj->subperms : ''); + $htmltext .= '
'.$langs->trans("Permission").': user->hasRights(\''.$obj->module.'\', \''.$obj->perms.'\''.($obj->subperms ? ', \''.$obj->subperms.'\'' : '').')'; print $form->textwithpicto('', $htmltext); //print ''.$obj->id.''; print ''; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 77ad13f1f7543..d6372cfb6a60f 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -695,7 +695,7 @@ if ($user->admin) { print ''; $htmltext = $langs->trans("ID").': '.$obj->id; - $htmltext .= '
'.$langs->trans("Permission").': user->rights->'.$obj->module.'->'.$obj->perms.($obj->subperms ? '->'.$obj->subperms : ''); + $htmltext .= '
'.$langs->trans("Permission").': user->hasRight(\''.dol_escape_htmltag($obj->module).'\', \''.dol_escape_htmltag($obj->perms).'\''.($obj->subperms ? ', \''.dol_escape_htmltag($obj->subperms).'\'' : '').')'; print $form->textwithpicto('', $htmltext); //print ''.$obj->id.''; print ''; diff --git a/htdocs/variants/list.php b/htdocs/variants/list.php index 3fd8e4b3b4c5d..0bee01ba154d7 100644 --- a/htdocs/variants/list.php +++ b/htdocs/variants/list.php @@ -114,7 +114,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/webhook/target_list.php b/htdocs/webhook/target_list.php index d1c307ba73078..cbcca8fbfe81c 100644 --- a/htdocs/webhook/target_list.php +++ b/htdocs/webhook/target_list.php @@ -117,7 +117,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/webportal/class/html.formlistwebportal.class.php b/htdocs/webportal/class/html.formlistwebportal.class.php index c850c42437781..7bdd0bc43115b 100644 --- a/htdocs/webportal/class/html.formlistwebportal.class.php +++ b/htdocs/webportal/class/html.formlistwebportal.class.php @@ -189,7 +189,7 @@ public function init($elementEn) $arrayfields['t.' . $key] = array( 'label' => $val['label'], 'checked' => (($visible < 0) ? 0 : 1), - 'enabled' => (abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled' => (abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position' => $val['position'], 'help' => isset($val['help']) ? $val['help'] : '' ); diff --git a/htdocs/webportal/class/html.formwebportal.class.php b/htdocs/webportal/class/html.formwebportal.class.php index eb1a26ceb7098..ea4debb23487e 100644 --- a/htdocs/webportal/class/html.formwebportal.class.php +++ b/htdocs/webportal/class/html.formwebportal.class.php @@ -447,7 +447,7 @@ public function selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $sh if (!empty($objecttmp->fields)) { // For object that declare it, it is better to use declared fields (like societe, contact, ...) $tmpfieldstoshow = ''; foreach ($objecttmp->fields as $key => $val) { - if (!dol_eval($val['enabled'], 1, 1, '1')) { + if (! (int) dol_eval($val['enabled'], 1, 1, '1')) { continue; } if (!empty($val['showoncombobox'])) { @@ -1021,7 +1021,7 @@ public function showOutputFieldForObject($object, $val, $key, $value, $moreparam if ($computed) { // Make the eval of compute string //var_dump($computed); - $value = dol_eval($computed, 1, 0, ''); + $value = (string) dol_eval($computed, 1, 0, '2'); } // Format output value differently according to properties of field diff --git a/htdocs/workstation/workstation_list.php b/htdocs/workstation/workstation_list.php index 3ee747367d99b..fb749bd6a4c95 100644 --- a/htdocs/workstation/workstation_list.php +++ b/htdocs/workstation/workstation_list.php @@ -118,7 +118,7 @@ $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>(abs($visible) != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>$val['position'], 'help'=> isset($val['help']) ? $val['help'] : '' ); @@ -128,7 +128,7 @@ $arrayfields['wug.fk_usergroup'] = array( 'label'=>$langs->trans('UserGroups'), 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1)), 'position'=>1000, 'help' => empty($val['help']) ? '' : $val['help'], 'csslist' => 'minwidth100' @@ -138,7 +138,7 @@ $arrayfields['wr.fk_resource'] = array( 'label'=>$langs->trans('Resources'), 'checked'=>(($visible < 0) ? 0 : 1), - 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')), + 'enabled'=>(abs($visible) != 3 && (int) dol_eval($val['enabled'], 1, 1, '1')), 'position'=>1001, 'help' => empty($val['help']) ? '' : $val['help'] ); From c0ee90aa7d8d5094f01e04cc11b6d0ee3f6115b0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 17:13:05 +0100 Subject: [PATCH 17/79] Exclude require, include into dol_eval --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 25cc81e664cfe..8dac59762894f 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -9918,7 +9918,7 @@ function dol_eval($s, $returnvalue = 1, $hideerrors = 1, $onlysimplestring = '1' $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("get_defined_functions", "get_defined_vars", "get_defined_constants", "get_declared_classes")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); - //$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("require", "include", "require_once", "include_once")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("eval", "create_function", "assert", "mb_ereg_replace")); // function with eval capabilities $forbiddenphpmethods = array('invoke', 'invokeArgs'); // Method of ReflectionFunction to execute a function From 8bc7027ced65668b942b18f07972882cb69e932d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Mar 2024 17:17:24 +0100 Subject: [PATCH 18/79] Fix help on status of menu condition --- htdocs/admin/menus/edit.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index ac40bfd21d0a3..42892fbb8b685 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -505,7 +505,7 @@ function init_topleft() print ''.$langs->trans('Enabled').''; print ''.$langs->trans('DetailEnabled'); if (!empty($menu->enabled)) { - print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->enabled, 1, 1, '1')).')'; + print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->enabled, 1, 1, '1') <= 0 ? 0 : 1).')'; } print ''; @@ -513,7 +513,7 @@ function init_topleft() print ''.$langs->trans('Rights').''; print ''.$langs->trans('DetailRight'); if (!empty($menu->perms)) { - print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->perms, 1, 1, '1')).')'; + print ' ('.$langs->trans("ConditionIsCurrently").': '.yn((int) dol_eval($menu->perms, 1, 1, '1') <= 0 ? 0 : 1).')'; } print ''; From 21ef87777230a746face1119830d9b873b483511 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 7 Mar 2024 11:07:28 +0100 Subject: [PATCH 19/79] Remove not used email layout --- htdocs/core/class/html.formmail.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index 606becf17c22b..8c998f0cc5091 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -1521,7 +1521,7 @@ public function getModelEmailTemplate() 'basic' => 'basic', 'news' => 'news', 'commerce' => 'commerce', - 'text' => 'text' + //'text' => 'text' ); foreach ($templates as $template => $templateFunction) { From f00d3ff6ddd9b76b4dfd83076efe044b78c6b816 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 7 Mar 2024 14:57:41 +0100 Subject: [PATCH 20/79] Fix route not complete --- .../template/class/api_mymodule.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/modulebuilder/template/class/api_mymodule.class.php b/htdocs/modulebuilder/template/class/api_mymodule.class.php index 1908a2a0b4b38..e29e1a08911ff 100644 --- a/htdocs/modulebuilder/template/class/api_mymodule.class.php +++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php @@ -64,7 +64,7 @@ public function __construct() * @param int $id ID of myobject * @return Object Object with cleaned properties * - * @url GET myobjects/{id} + * @url GET mymodule/myobjects/{id} * * @throws RestException 403 Not allowed * @throws RestException 404 Not found @@ -103,7 +103,7 @@ public function get($id) * @throws RestException 403 Not allowed * @throws RestException 503 System error * - * @url GET /myobjects/ + * @url GET /mymodule/myobjects/ */ public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '', $properties = '') { @@ -191,7 +191,7 @@ public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, * @throws RestException 403 Not allowed * @throws RestException 500 System error * - * @url POST myobjects/ + * @url POST mymodule/myobjects/ */ public function post($request_data = null) { @@ -232,7 +232,7 @@ public function post($request_data = null) * @throws RestException 404 Not found * @throws RestException 500 System error * - * @url PUT myobjects/{id} + * @url PUT mymodule/myobjects/{id} */ public function put($id, $request_data = null) { @@ -282,7 +282,7 @@ public function put($id, $request_data = null) * @throws RestException 409 Nothing to do * @throws RestException 500 System error * - * @url DELETE myobjects/{id} + * @url DELETE mymodule/myobjects/{id} */ public function delete($id) { From f45f1f6cfd787179c8acb590a7954ad452a1d00d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 7 Mar 2024 15:00:08 +0100 Subject: [PATCH 21/79] Fix separator block for modulebuilder --- htdocs/modulebuilder/template/class/api_mymodule.class.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/modulebuilder/template/class/api_mymodule.class.php b/htdocs/modulebuilder/template/class/api_mymodule.class.php index e29e1a08911ff..7ff746c21fb13 100644 --- a/htdocs/modulebuilder/template/class/api_mymodule.class.php +++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php @@ -54,7 +54,7 @@ public function __construct() $this->myobject = new MyObject($this->db); } - /*begin methods CRUD*/ + /* BEGIN MODULEBUILDER API MYOBJECT */ /** * Get properties of a myobject object @@ -336,7 +336,9 @@ private function _validate($data) return $myobject; } - /*end methods CRUD*/ + /* END MODULEBUILDER API MYOBJECT */ + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore /** From 18cc09fae69936cf194d83a699b2dbb2563bcacd Mon Sep 17 00:00:00 2001 From: thibdrev Date: Thu, 7 Mar 2024 16:02:14 +0100 Subject: [PATCH 22/79] qual: phan for htdocs/core/lib/ajax.lib.php (#28672) 29 entries for: Argument 3 ($entity) is null of type null but \ajax_constantonoff() takes int (no real type) defined at htdocs/core/lib/ajax.lib.php:645 --- htdocs/core/lib/ajax.lib.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php index 91f76b66cdd40..81fe78a073ccc 100644 --- a/htdocs/core/lib/ajax.lib.php +++ b/htdocs/core/lib/ajax.lib.php @@ -628,19 +628,19 @@ function(response) { /** * On/off button for constant * - * @param string $code Name of constant - * @param array $input Array of complementary actions to do if success ("disabled"|"enabled'|'set'|'del') => CSS element to switch, 'alert' => message to show, ... Example: array('disabled'=>array(0=>'cssid')) - * @param int $entity Entity. Current entity is used if null. - * @param int $revertonoff 1=Revert on/off - * @param int $strict Use only "disabled" with delConstant and "enabled" with setConstant - * @param int $forcereload Force to reload page if we click/change value (this is supported only when there is no 'alert' option in input) - * @param int $marginleftonlyshort 1 = Add a short left margin on picto, 2 = Add a larger left margin on picto, 0 = No left margin. - * @param int $forcenoajax 1 = Force to use a ahref link instead of ajax code. - * @param int $setzeroinsteadofdel 1 = Set constantto '0' instead of deleting it - * @param string $suffix Suffix to use on the name of the switch_on picto. Example: '', '_red' - * @param string $mode Add parameter &mode= to the href link (Used for href link) - * @param string $morecss More CSS - * @return string + * @param string $code Name of constant + * @param array $input Array of complementary actions to do if success ("disabled"|"enabled'|'set'|'del') => CSS element to switch, 'alert' => message to show, ... Example: array('disabled'=>array(0=>'cssid')) + * @param int|null $entity Entity. Current entity is used if null. + * @param int $revertonoff 1=Revert on/off + * @param int $strict Use only "disabled" with delConstant and "enabled" with setConstant + * @param int $forcereload Force to reload page if we click/change value (this is supported only when there is no 'alert' option in input) + * @param int $marginleftonlyshort 1 = Add a short left margin on picto, 2 = Add a larger left margin on picto, 0 = No left margin. + * @param int $forcenoajax 1 = Force to use a ahref link instead of ajax code. + * @param int $setzeroinsteadofdel 1 = Set constantto '0' instead of deleting it + * @param string $suffix Suffix to use on the name of the switch_on picto. Example: '', '_red' + * @param string $mode Add parameter &mode= to the href link (Used for href link) + * @param string $morecss More CSS + * @return string */ function ajax_constantonoff($code, $input = array(), $entity = null, $revertonoff = 0, $strict = 0, $forcereload = 0, $marginleftonlyshort = 2, $forcenoajax = 0, $setzeroinsteadofdel = 0, $suffix = '', $mode = '', $morecss = 'inline-block') { From fcfc70e02a2145caf359b597c46cde6220bd4692 Mon Sep 17 00:00:00 2001 From: thibdrev Date: Thu, 7 Mar 2024 16:02:57 +0100 Subject: [PATCH 23/79] qual: phpstan for htdocs/loan/class/loan.class.php (#28673) htdocs/loan/class/loan.class.php 113 PHPDoc type int of property Loan::$totalpaid is not covariant with PHPDoc type float of overridden property CommonObject::$totalpaid. --- htdocs/loan/class/loan.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/loan/class/loan.class.php b/htdocs/loan/class/loan.class.php index 3eb5b1bdc4518..20f51e90e78cf 100644 --- a/htdocs/loan/class/loan.class.php +++ b/htdocs/loan/class/loan.class.php @@ -108,7 +108,7 @@ class Loan extends CommonObject public $fk_project; /** - * @var int totalpaid + * @var float totalpaid */ public $totalpaid; From 38e69184d1a4943fb787b5502a3ce31adc688e28 Mon Sep 17 00:00:00 2001 From: MDW Date: Thu, 7 Mar 2024 16:04:39 +0100 Subject: [PATCH 24/79] Fix typing hints (#28676) --- htdocs/core/lib/functions.lib.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 8dac59762894f..30f5dc3b5b416 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6890,7 +6890,7 @@ function get_product_vat_for_country($idprod, $thirdpartytouse, $idprodfournpric if (($mysoc->country_code == $thirdpartytouse->country_code) || (in_array($mysoc->country_code, array('FR', 'MC')) && in_array($thirdpartytouse->country_code, array('FR', 'MC'))) || (in_array($mysoc->country_code, array('MQ', 'GP')) && in_array($thirdpartytouse->country_code, array('MQ', 'GP'))) - ) { + ) { // If country of thirdparty to consider is ours if ($idprodfournprice > 0) { // We want vat for product for a "supplier" object $result = $product->get_buyprice($idprodfournprice, 0, 0, 0); @@ -9756,13 +9756,13 @@ function dol_getIdFromCode($db, $key, $tablename, $fieldkey = 'code', $fieldid = } /** - * Check if a variable with name $var start with $text. + * Check if a variable with name $var startx with $text. * Can be used to forge dol_eval() conditions. * - * @param $var string Variable - * @param $regextext string Text that must be a valid regex string - * @param $matchrule int 1=Test if start with, 0=Test if equal - * @return boolean|string True or False, text if bad use. + * @param string $var Variable + * @param string $regextext Text that must be a valid regex string + * @param int $matchrule 1=Test if start with, 0=Test if equal + * @return boolean|string True or False, text if bad usage. */ function isStringVarMatching($var, $regextext, $matchrule = 1) { @@ -13078,6 +13078,8 @@ function show_actions_messaging($conf, $langs, $db, $filterobj, $objcon = '', $n } $histo = array(); + '@phan-var-force array $histo'; + $numaction = 0; $now = dol_now(); @@ -13157,7 +13159,7 @@ function show_actions_messaging($conf, $langs, $db, $filterobj, $objcon = '', $n } $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; - if ($force_filter_contact === false) { + if (!$force_filter_contact) { if (is_object($filterobj) && in_array(get_class($filterobj), array('Societe', 'Client', 'Fournisseur')) && $filterobj->id) { $sql .= " AND a.fk_soc = ".((int) $filterobj->id); } elseif (is_object($filterobj) && get_class($filterobj) == 'Project' && $filterobj->id) { @@ -13285,6 +13287,7 @@ function show_actions_messaging($conf, $langs, $db, $filterobj, $objcon = '', $n while ($i < $imaxinloop) { $obj = $db->fetch_object($resql); + '@phan-var-force array{apicto:string,contact_id:string,dp:string,dp2:string,firstname:string,label:string,message:string,msg_from:string,ref:string,type:string,user_lastname:string} $obj'; if ($obj->type == 'action') { $contactaction = new ActionComm($db); $contactaction->id = $obj->id; From 5e9dfc80902eeb494fd1399ee3e7a26cc643a0c7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 7 Mar 2024 16:38:02 +0100 Subject: [PATCH 25/79] Fix phan --- htdocs/accountancy/class/bookkeeping.class.php | 2 +- htdocs/hrm/class/job.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 362728c367bc0..fe307fe8915f7 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -1231,7 +1231,7 @@ public function fetchAllBalance($sortorder = '', $sortfield = '', $limit = 0, $o } elseif ($key == 't.reconciled_option') { $sqlwhere[] = 't.lettering_code IS NULL'; } else { - $sqlwhere[] = $this->db->sanitize($key)." LIKE '%".$this->escape($this->db->escapeforlike($value))."%'"; + $sqlwhere[] = $this->db->sanitize($key)." LIKE '%".$this->db->escape($this->db->escapeforlike($value))."%'"; } } } diff --git a/htdocs/hrm/class/job.class.php b/htdocs/hrm/class/job.class.php index 684bc39b3c3dd..dbed9cad90291 100644 --- a/htdocs/hrm/class/job.class.php +++ b/htdocs/hrm/class/job.class.php @@ -365,7 +365,7 @@ public function fetchLines() * @param string $filtermode No more used * @return array|int int <0 if KO, array of pages if OK */ - public function fetchAll($sortorder = '', $sortfield = '', $limit = 0, $offset = 0, array $filter = array(), $filtermode = 'AND') + public function fetchAll($sortorder = '', $sortfield = '', $limit = 0, $offset = 0, $filter = '', $filtermode = 'AND') { dol_syslog(__METHOD__, LOG_DEBUG); From af9704acdcde8a9050b5fdd0cb4825456ec04f72 Mon Sep 17 00:00:00 2001 From: thibdrev Date: Thu, 7 Mar 2024 16:41:39 +0100 Subject: [PATCH 26/79] qual: phpdoc for htdocs/core/lib/pdf.lib.php (#28671) --- htdocs/core/lib/pdf.lib.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 4cfac0f441341..7d342e152a36c 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -429,7 +429,7 @@ function pdfBuildThirdpartyName($thirdparty, Translate $outputlangs, $includeali * @param Contact|string|null $targetcontact Target contact object * @param int $usecontact Use contact instead of company * @param string $mode Address type ('source', 'target', 'targetwithdetails', 'targetwithdetails_xxx': target but include also phone/fax/email/url) - * @param Object $object Object we want to build document for + * @param Object|null $object Object we want to build document for * @return string|int String with full address or -1 if KO */ function pdf_build_address($outputlangs, $sourcecompany, $targetcompany = '', $targetcontact = '', $usecontact = 0, $mode = 'source', $object = null) @@ -718,7 +718,7 @@ function pdf_build_address($outputlangs, $sourcecompany, $targetcompany = '', $t /** * Show header of page for PDF generation * - * @param TCPDF $pdf Object PDF + * @param TCPDF $pdf Object PDF * @param Translate $outputlangs Object lang for output * @param int $page_height Height of page * @return void @@ -752,11 +752,11 @@ function pdf_pagehead(&$pdf, $outputlangs, $page_height) /** * Return array of possible substitutions for PDF content (without external module substitutions). * - * @param Translate $outputlangs Output language - * @param array $exclude Array of family keys we want to exclude. For example array('mycompany', 'object', 'date', 'user', ...) - * @param Object $object Object - * @param int $onlykey 1=Do not calculate some heavy values of keys (performance enhancement when we need only the keys), 2=Values are truncated and html sanitized (to use for help tooltip) - * @param array $include Array of family keys we want to include. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) + * @param Translate $outputlangs Output language + * @param array|null $exclude Array of family keys we want to exclude. For example array('mycompany', 'object', 'date', 'user', ...) + * @param Object|null $object Object + * @param int $onlykey 1=Do not calculate some heavy values of keys (performance enhancement when we need only the keys), 2=Values are truncated and html sanitized (to use for help tooltip) + * @param array|null $include Array of family keys we want to include. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) * @return array Array of substitutions */ function pdf_getSubstitutionArray($outputlangs, $exclude = null, $object = null, $onlykey = 0, $include = null) @@ -2296,11 +2296,11 @@ function pdf_getlineremisepercent($object, $i, $outputlangs, $hidedetails = 0) /** * Return line percent * - * @param Object $object Object - * @param int $i Current line number - * @param Translate $outputlangs Object langs for output - * @param int $hidedetails Hide details (0=no, 1=yes, 2=just special lines) - * @param HookManager $hookmanager Hook manager instance + * @param Object $object Object + * @param int $i Current line number + * @param Translate $outputlangs Object langs for output + * @param int $hidedetails Hide details (0=no, 1=yes, 2=just special lines) + * @param HookManager|null $hookmanager Hook manager instance * @return string */ function pdf_getlineprogress($object, $i, $outputlangs, $hidedetails = 0, $hookmanager = null) From 1aa0f8227f2b5d872fbe9005dc95c90fd23a8c84 Mon Sep 17 00:00:00 2001 From: Rikard Bosnjakovic Date: Thu, 7 Mar 2024 16:43:04 +0100 Subject: [PATCH 27/79] Update card.php (#28679) Fix #25130 Co-authored-by: Laurent Destailleur --- htdocs/expedition/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index f0e85472b8021..4fdefef202b61 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -2763,7 +2763,7 @@ // Presend form $modelmail = 'shipping_send'; - $defaulttopic = $langs->trans('SendShippingRef'); + $defaulttopic = 'SendShippingRef'; $diroutput = $conf->expedition->dir_output.'/sending'; $trackid = 'shi'.$object->id; From 4fcbdf15ab3acdd163cd854de3c4da330f686723 Mon Sep 17 00:00:00 2001 From: HENRY Florian Date: Thu, 7 Mar 2024 16:49:41 +0100 Subject: [PATCH 28/79] fix: better inner join than comma for hook printFieldListFrom after (#28681) * better inner jion than comme for hook after * better inner jion than comme for hook after --------- Co-authored-by: Laurent Destailleur --- htdocs/comm/propal/list.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 88cec01487879..0a03d0cc1cdb5 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -77,6 +77,7 @@ // Search Fields $search_all = trim((GETPOST('search_all', 'alphanohtml') != '') ? GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); $search_user = GETPOSTINT('search_user'); +if ($search_user==-1) $search_user=0; $search_sale = GETPOSTINT('search_sale'); $search_ref = GETPOST('sf_ref') ? GETPOST('sf_ref', 'alpha') : GETPOST('search_ref', 'alpha'); $search_refcustomer = GETPOST('search_refcustomer', 'alpha'); @@ -587,7 +588,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; -$sql .= ', '.MAIN_DB_PREFIX.'propal as p'; +$sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'propal as p ON p.fk_soc = s.rowid'; if (!empty($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (p.rowid = ef.fk_object)"; } @@ -598,8 +599,10 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as pr ON pr.rowid = p.fk_projet"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_availability as ava on (ava.rowid = p.fk_availability)"; if ($search_user > 0) { - $sql .= ", ".MAIN_DB_PREFIX."element_contact as c"; - $sql .= ", ".MAIN_DB_PREFIX."c_type_contact as tc"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."element_contact as c"; + $sql .= " ON c.element_id = p.rowid AND c.fk_socpeople = ".((int) $search_user); + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."c_type_contact as tc"; + $sql .= " ON c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal'"; } // Add table from hooks @@ -607,8 +610,8 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -$sql .= ' WHERE p.fk_soc = s.rowid'; -$sql .= ' AND p.entity IN ('.getEntity('propal').')'; +$sql .= ' WHERE'; +$sql .= ' p.entity IN ('.getEntity('propal').')'; if ($search_town) { $sql .= natural_search('s.town', $search_town); } @@ -718,9 +721,6 @@ if ($search_date_delivery_end) { $sql .= " AND p.date_livraison <= '".$db->idate($search_date_delivery_end)."'"; } -if ($search_user > 0) { - $sql .= " AND c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal' AND c.element_id = p.rowid AND c.fk_socpeople = ".((int) $search_user); -} if ($search_date_signature_start) { $sql .= " AND p.date_signature >= '".$db->idate($search_date_signature_start)."'"; } @@ -1147,7 +1147,7 @@ if ($user->hasRight('user', 'user', 'lire')) { $moreforfilter .= '
'; $tmptitle = $langs->trans('LinkedToSpecificUsers'); - $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_user, 'search_user', $tmptitle, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250 widthcentpercentminusx'); + $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers((empty($search_user)?-2:0), 'search_user', $tmptitle, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250 widthcentpercentminusx'); $moreforfilter .= '
'; } // If the user can view products From 5659ba8de35a43715d1a53203a444bcb464f4a2b Mon Sep 17 00:00:00 2001 From: thibdrev Date: Thu, 7 Mar 2024 16:50:42 +0100 Subject: [PATCH 29/79] qual: phan for accountingaccount.class.php (#28669) htdocs/accountancy/admin/productaccount.php 196 TypeError PhanTypeMismatchArgumentProbablyReal Argument 2 ($account_number) is null of type null but \AccountingAccount::fetch() takes string (no real type) defined at htdocs/accountancy/class/accountingaccount.class.php:182 (the inferred real argument type has nothing in common with the parameter's phpdoc type) Co-authored-by: Laurent Destailleur --- htdocs/accountancy/class/accountingaccount.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 057c307e1f6b0..500fd4a7543f8 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -174,7 +174,7 @@ public function __construct($db) * Load record in memory * * @param int $rowid Id - * @param string $account_number Account number + * @param string|null $account_number Account number * @param int|boolean $limittocurrentchart 1 or true=Load record only if it is into current active chart of account * @param string $limittoachartaccount 'ABC'=Load record only if it is into chart account with code 'ABC' (better and faster than previous parameter if you have chart of account code). * @return int Return integer <0 if KO, 0 if not found, Id of record if OK and found From b9c843c08687c89631eb0d845ef90b5931396a85 Mon Sep 17 00:00:00 2001 From: thibdrev Date: Thu, 7 Mar 2024 16:55:12 +0100 Subject: [PATCH 30/79] qual: phan for functions.lib.php (#28653) * qual: phan for functions.lib.php 54 entries for: TypeError PhanTypeMismatchArgumentProbablyReal Argument 3 ($exclude) is null of type null but \getCommonSubstitutionArray() takes array (no real type) defined at htdocs/core/lib/functions.lib.php:8285 * phpcs --- htdocs/core/lib/functions.lib.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 30f5dc3b5b416..af156d0442f0e 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8274,12 +8274,13 @@ function dol_concatdesc($text1, $text2, $forxml = false, $invert = false) /** * Return array of possible common substitutions. This includes several families like: 'system', 'mycompany', 'object', 'objectamount', 'date', 'user' * - * @param Translate $outputlangs Output language - * @param int $onlykey 1=Do not calculate some heavy values of keys (performance enhancement when we need only the keys), 2=Values are trunc and html sanitized (to use for help tooltip) - * @param array $exclude Array of family keys we want to exclude. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) - * @param Object $object Object for keys on object - * @param array $include Array of family keys we want to include. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) - * @return array Array of substitutions + * @param Translate $outputlangs Output language + * @param int $onlykey 1=Do not calculate some heavy values of keys (performance enhancement when we need only the keys), + * 2=Values are trunc and html sanitized (to use for help tooltip) + * @param array|null $exclude Array of family keys we want to exclude. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) + * @param Object|null $object Object for keys on object + * @param array|null $include Array of family keys we want to include. For example array('system', 'mycompany', 'object', 'objectamount', 'date', 'user', ...) + * @return array Array of substitutions * @see setSubstitFromObject() */ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $object = null, $include = null) From 14ffa142aa7d4e7b1b5d6787008a0472e4bd4456 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 7 Mar 2024 16:57:29 +0100 Subject: [PATCH 31/79] fix precommit and clean code (#28651) * fix precommit * fix precommit * fix missing include * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * fix phpstan * clean code * clean code --- htdocs/bookcal/lib/bookcal.lib.php | 7 ++- .../lib/bookcal_availabilities.lib.php | 21 +++---- htdocs/bookcal/lib/bookcal_calendar.lib.php | 23 ++++---- htdocs/comm/card.php | 1 + htdocs/core/class/html.formsms.class.php | 22 ++++++- .../doc/pdf_aurore.modules.php | 2 +- .../doc/pdf_zenith.modules.php | 2 +- .../emailcollector/lib/emailcollector.lib.php | 5 +- ...ventorganization_conferenceorbooth.lib.php | 57 ++++++++++--------- htdocs/loan/class/paymentloan.class.php | 7 ++- htdocs/mrp/ajax/interface.php | 17 ++++++ htdocs/mrp/lib/mrp.lib.php | 11 ++-- htdocs/mrp/lib/mrp_mo.lib.php | 27 ++++----- htdocs/mrp/mo_agenda.php | 6 +- htdocs/mrp/mo_document.php | 7 ++- htdocs/mrp/mo_movements.php | 5 +- htdocs/mrp/mo_note.php | 5 +- htdocs/mrp/mo_production.php | 3 +- htdocs/partnership/lib/partnership.lib.php | 31 +++++----- htdocs/product/class/product.class.php | 13 ++++- htdocs/recruitment/lib/recruitment.lib.php | 18 +++--- ...recruitment_recruitmentcandidature.lib.php | 21 +++---- ...recruitment_recruitmentjobposition.lib.php | 33 +++++------ htdocs/societe/class/client.class.php | 9 ++- htdocs/theme/eldy/flags-sprite.inc.php | 24 +++++++- htdocs/theme/eldy/global.inc.php | 22 +++++++ htdocs/theme/eldy/main_menu_fa_icons.inc.php | 30 +++++++++- htdocs/webhook/lib/webhook.lib.php | 7 ++- htdocs/webhook/lib/webhook_target.lib.php | 7 ++- htdocs/webportal/lib/webportal.lib.php | 6 +- htdocs/website/lib/websiteaccount.lib.php | 6 +- htdocs/zapier/lib/zapier.lib.php | 10 ++-- 32 files changed, 302 insertions(+), 163 deletions(-) diff --git a/htdocs/bookcal/lib/bookcal.lib.php b/htdocs/bookcal/lib/bookcal.lib.php index 3f809da08d898..049de3c64728e 100644 --- a/htdocs/bookcal/lib/bookcal.lib.php +++ b/htdocs/bookcal/lib/bookcal.lib.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +17,7 @@ */ /** - * \file bookcal/lib/bookcal.lib.php + * \file htdocs/bookcal/lib/bookcal.lib.php * \ingroup bookcal * \brief Library files with common functions for BookCal */ @@ -35,13 +36,13 @@ function bookcalAdminPrepareHead() $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/bookcal/admin/setup.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/bookcal/admin/setup.php'; $head[$h][1] = $langs->trans("Settings"); $head[$h][2] = 'settings'; $h++; /* - $head[$h][0] = dol_buildpath("/bookcal/admin/myobject_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT.'/bookcal/admin/myobject_extrafields.php'; $head[$h][1] = $langs->trans("ExtraFields"); $head[$h][2] = 'myobject_extrafields'; $h++; diff --git a/htdocs/bookcal/lib/bookcal_availabilities.lib.php b/htdocs/bookcal/lib/bookcal_availabilities.lib.php index 1fb93187f9469..674c0ea70bb9c 100644 --- a/htdocs/bookcal/lib/bookcal_availabilities.lib.php +++ b/htdocs/bookcal/lib/bookcal_availabilities.lib.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,13 +42,13 @@ function availabilitiesPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/bookcal/availabilities_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/availabilities_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("Card"); $head[$h][2] = 'card'; $h++; if ($showtabofpagecontact) { - $head[$h][0] = dol_buildpath("/bookcal/availabilities_contact.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/availabilities_contact.php?id=' . $object->id; $head[$h][1] = $langs->trans("Contacts"); $head[$h][2] = 'contact'; $h++; @@ -62,10 +63,10 @@ function availabilitiesPrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/bookcal/availabilities_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/availabilities_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= (!getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER') ? ''.$nbNote.'' : ''); + $head[$h][1] .= (!getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER') ? '' . $nbNote . '' : ''); } $head[$h][2] = 'note'; $h++; @@ -73,22 +74,22 @@ function availabilitiesPrepareHead($object) } if ($showtabofpagedocument) { - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->bookcal->dir_output."/availabilities/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->bookcal->dir_output . "/availabilities/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/bookcal/availabilities_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/availabilities_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; } if ($showtabofpageagenda) { - $head[$h][0] = dol_buildpath("/bookcal/availabilities_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/availabilities_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; diff --git a/htdocs/bookcal/lib/bookcal_calendar.lib.php b/htdocs/bookcal/lib/bookcal_calendar.lib.php index f586c8845df5c..d81d0f85d2e5a 100644 --- a/htdocs/bookcal/lib/bookcal_calendar.lib.php +++ b/htdocs/bookcal/lib/bookcal_calendar.lib.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,13 +42,13 @@ function calendarPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/bookcal/calendar_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/calendar_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("Calendar"); $head[$h][2] = 'card'; $h++; if ($object->status == Calendar::STATUS_VALIDATED) { - $head[$h][0] = dol_buildpath("/bookcal/booking_list.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/booking_list.php?id=' . $object->id; $head[$h][1] = $langs->trans("Bookings"); $head[$h][2] = 'booking'; $h++; @@ -55,7 +56,7 @@ function calendarPrepareHead($object) if ($showtabofpagecontact) { - $head[$h][0] = dol_buildpath("/bookcal/calendar_contact.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/calendar_contact.php?id=' . $object->id; $head[$h][1] = $langs->trans("Contacts"); $head[$h][2] = 'contact'; $h++; @@ -70,10 +71,10 @@ function calendarPrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/bookcal/calendar_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/calendar_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= (!getDolGlobalInt('MAIN_OPTIMIZEFORTEXTBROWSER') ? ''.$nbNote.'' : ''); + $head[$h][1] .= (!getDolGlobalInt('MAIN_OPTIMIZEFORTEXTBROWSER') ? '' . $nbNote . '' : ''); } $head[$h][2] = 'note'; $h++; @@ -81,22 +82,22 @@ function calendarPrepareHead($object) } if ($showtabofpagedocument) { - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->bookcal->dir_output."/calendar/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->bookcal->dir_output . "/calendar/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/bookcal/calendar_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/calendar_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; } if ($showtabofpageagenda) { - $head[$h][0] = dol_buildpath("/bookcal/calendar_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/bookcal/calendar_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 0b07926aad804..4a20bf2dc9e3e 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -36,6 +36,7 @@ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/core/class/html.formsms.class.php b/htdocs/core/class/html.formsms.class.php index f9cecb968674c..4aa0bd0ed6185 100644 --- a/htdocs/core/class/html.formsms.class.php +++ b/htdocs/core/class/html.formsms.class.php @@ -1,7 +1,7 @@ * Copyright (C) 2010 Juanjo Menent - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,6 +41,10 @@ class FormSms public $fromid; public $fromname; public $fromsms; + + /** + * @var string + */ public $fromtype; public $replytoname; public $replytomail; @@ -48,9 +52,25 @@ class FormSms public $tomail; public $withsubstit; // Show substitution array + + /** + * @var int + */ public $withfrom; + + /** + * @var int + */ public $withto; + + /** + * @var int + */ public $withtopic; + + /** + * @var int + */ public $withbody; /** diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php index f53f7eba87126..be2c6e389376f 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php @@ -714,7 +714,7 @@ protected function _tableau_versements(&$pdf, $object, $posy, $outputlangs) * @param Object $object Object to show * @param int|float $posy Y * @param Translate $outputlangs Langs object - * @return int + * @return int|float */ protected function _tableau_info(&$pdf, $object, $posy, $outputlangs) { diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php index 2c10cdefc1cc3..f42c862bb9e26 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_zenith.modules.php @@ -844,7 +844,7 @@ protected function _tableau_versements(&$pdf, $object, $posy, $outputlangs) * @param SupplierProposal $object Object to show * @param int|float $posy Y * @param Translate $outputlangs Langs object - * @return integer + * @return int|float */ protected function _tableau_info(&$pdf, $object, $posy, $outputlangs) { diff --git a/htdocs/emailcollector/lib/emailcollector.lib.php b/htdocs/emailcollector/lib/emailcollector.lib.php index 8bb69da5f3be2..3549f20a5a58d 100644 --- a/htdocs/emailcollector/lib/emailcollector.lib.php +++ b/htdocs/emailcollector/lib/emailcollector.lib.php @@ -38,13 +38,12 @@ function emailcollectorPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/admin/emailcollector_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/admin/emailcollector_card.php?id='.$object->id; $head[$h][1] = $langs->trans("EmailCollector"); $head[$h][2] = 'card'; $h++; - /*if (isset($object->fields['note_public']) || isset($object->fields['note_private'])) - { + /*if (isset($object->fields['note_public']) || isset($object->fields['note_private'])) { $nbNote = 0; if (!empty($object->note_private)) $nbNote++; if (!empty($object->note_public)) $nbNote++; diff --git a/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php b/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php index 1f89e43eaba04..b0efb0602c585 100644 --- a/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php +++ b/htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php @@ -1,5 +1,6 @@ * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +17,7 @@ */ /** - * \file lib/eventorganization_conferenceorbooth.lib.php + * \file htdocs/eventorganization/lib/eventorganization_conferenceorbooth.lib.php * \ingroup eventorganization * \brief Library files with common functions for ConferenceOrBooth */ @@ -37,18 +38,18 @@ function conferenceorboothPrepareHead($object, $with_project = 0) $h = 0; $head = array(); - $withProjectUrl=''; - if ($with_project>0) { + $withProjectUrl = ''; + if ($with_project > 0) { $withProjectUrl = "&withproject=1"; } - $head[$h][0] = DOL_URL_ROOT.'/eventorganization/conferenceorbooth_card.php?id='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT . '/eventorganization/conferenceorbooth_card.php?id=' . $object->id . $withProjectUrl; $head[$h][1] = $langs->trans("Card"); $head[$h][2] = 'card'; $h++; if (getDolGlobalString('MAIN_FEATURES_LEVEL') && getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) { - $head[$h][0] = DOL_URL_ROOT.'/eventorganization/conferenceorbooth_contact.php?id='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT . '/eventorganization/conferenceorbooth_contact.php?id=' . $object->id . $withProjectUrl; $head[$h][1] = $langs->trans("ContactsAddresses"); $head[$h][2] = 'contact'; $h++; @@ -82,15 +83,15 @@ function conferenceorboothPrepareHead($object, $with_project = 0) $h++; */ - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->eventorganization->dir_output."/conferenceorbooth/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->eventorganization->dir_output . "/conferenceorbooth/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorbooth_document.php", 1).'?id='.$object->id.$withProjectUrl; + $head[$h][0] = DOL_URL_ROOT . '/eventorganization/conferenceorbooth_document.php?id=' . $object->id . $withProjectUrl; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; @@ -125,22 +126,22 @@ function conferenceorboothProjectPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorbooth_list.php", 1).'?projectid='.$object->id; + $head[$h][0] = DOL_URL_ROOT . 'eventorganization/conferenceorbooth_list.php?projectid=' . $object->id; $head[$h][1] = $langs->trans("ConferenceOrBooth"); $head[$h][2] = 'conferenceorbooth'; // Enable caching of conf or booth count attendees $nbAttendees = 0; - $nbConferenceOrBooth= 0; - require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; - $cachekey = 'count_conferenceorbooth_project_'.$object->id; + $nbConferenceOrBooth = 0; + require_once DOL_DOCUMENT_ROOT . '/core/lib/memory.lib.php'; + $cachekey = 'count_conferenceorbooth_project_' . $object->id; $dataretrieved = dol_getcache($cachekey); if (!is_null($dataretrieved)) { $nbAttendees = $dataretrieved; } else { - require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorbooth.class.php'; - $conforbooth=new ConferenceOrBooth($db); - $result = $conforbooth->fetchAll('', '', 0, 0, '(t.fk_project:=:'.((int) $object->id).')'); - if (!is_array($result) && $result<0) { + require_once DOL_DOCUMENT_ROOT . '/eventorganization/class/conferenceorbooth.class.php'; + $conforbooth = new ConferenceOrBooth($db); + $result = $conforbooth->fetchAll('', '', 0, 0, '(t.fk_project:=:' . ((int) $object->id) . ')'); + if (!is_array($result) && $result < 0) { setEventMessages($conforbooth->error, $conforbooth->errors, 'errors'); } else { $nbConferenceOrBooth = count($result); @@ -148,25 +149,25 @@ function conferenceorboothProjectPrepareHead($object) dol_setcache($cachekey, $nbConferenceOrBooth, 120); // If setting cache fails, this is not a problem, so we do not test result. } if ($nbConferenceOrBooth > 0) { - $head[$h][1] .= ''.$nbConferenceOrBooth.''; + $head[$h][1] .= '' . $nbConferenceOrBooth . ''; } $h++; - $head[$h][0] = dol_buildpath("/eventorganization/conferenceorboothattendee_list.php", 1).'?fk_project='.$object->id.'&withproject=1'; + $head[$h][0] = DOL_URL_ROOT . '/eventorganization/conferenceorboothattendee_list.php?fk_project=' . $object->id . '&withproject=1'; $head[$h][1] = $langs->trans("Attendees"); $head[$h][2] = 'attendees'; // Enable caching of conf or booth count attendees $nbAttendees = 0; - require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; - $cachekey = 'count_attendees_conferenceorbooth_project_'.$object->id; + require_once DOL_DOCUMENT_ROOT . '/core/lib/memory.lib.php'; + $cachekey = 'count_attendees_conferenceorbooth_project_' . $object->id; $dataretrieved = dol_getcache($cachekey); if (!is_null($dataretrieved)) { $nbAttendees = $dataretrieved; } else { - require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php'; - $attendees=new ConferenceOrBoothAttendee($db); - $result = $attendees->fetchAll('', '', 0, 0, '(t.fk_project:=:'.((int) $object->id).')'); - if (!is_array($result) && $result<0) { + require_once DOL_DOCUMENT_ROOT . '/eventorganization/class/conferenceorboothattendee.class.php'; + $attendees = new ConferenceOrBoothAttendee($db); + $result = $attendees->fetchAll('', '', 0, 0, '(t.fk_project:=:' . ((int) $object->id) . ')'); + if (!is_array($result) && $result < 0) { setEventMessages($attendees->error, $attendees->errors, 'errors'); } else { $nbAttendees = count($result); @@ -174,7 +175,7 @@ function conferenceorboothProjectPrepareHead($object) dol_setcache($cachekey, $nbAttendees, 120); // If setting cache fails, this is not a problem, so we do not test result. } if ($nbAttendees > 0) { - $head[$h][1] .= ''.$nbAttendees.''; + $head[$h][1] .= '' . $nbAttendees . ''; } complete_head_from_modules($conf, $langs, $object, $head, $h, 'conferenceorboothproject@eventorganization'); @@ -200,7 +201,7 @@ function conferenceorboothAttendeePrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = DOL_URL_ROOT."/eventorganization/conferenceorboothattendee_card.php?id=".((int) $object->id).($object->fk_actioncomm > 0 ? '&conforboothid='.((int) $object->fk_actioncomm) : '').($object->fk_project > 0 ? '&withproject=1&fk_project='.((int) $object->fk_project) : ''); + $head[$h][0] = DOL_URL_ROOT . "/eventorganization/conferenceorboothattendee_card.php?id=" . ((int) $object->id) . ($object->fk_actioncomm > 0 ? '&conforboothid=' . ((int) $object->fk_actioncomm) : '') . ($object->fk_project > 0 ? '&withproject=1&fk_project=' . ((int) $object->fk_project) : ''); $head[$h][1] = $langs->trans("Card"); $head[$h][2] = 'card'; $h++; diff --git a/htdocs/loan/class/paymentloan.class.php b/htdocs/loan/class/paymentloan.class.php index b0064f2a62c75..3ec3fda1f0e4b 100644 --- a/htdocs/loan/class/paymentloan.class.php +++ b/htdocs/loan/class/paymentloan.class.php @@ -1,6 +1,6 @@ - * Copyright (C) 2015-2023 Frederic France + * Copyright (C) 2015-2024 Frédéric France * Copyright (C) 2020 Maxime DEMAREST * * This program is free software; you can redistribute it and/or modify @@ -61,7 +61,10 @@ class PaymentLoan extends CommonObject */ public $datep = ''; - public $amounts = array(); // Array of amounts + /** + * @var array Array of amounts + */ + public $amounts = array(); public $amount_capital; // Total amount of payment diff --git a/htdocs/mrp/ajax/interface.php b/htdocs/mrp/ajax/interface.php index 17000dd0207e5..afb2a33d7df8d 100644 --- a/htdocs/mrp/ajax/interface.php +++ b/htdocs/mrp/ajax/interface.php @@ -1,7 +1,24 @@ + * Copyright (C) 2024 Frédéric France + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ /** * \file htdocs/mrp/ajax/interface.php + * \brief Ajax search component for Mrp. */ if (!defined('NOREQUIRESOC')) { diff --git a/htdocs/mrp/lib/mrp.lib.php b/htdocs/mrp/lib/mrp.lib.php index c650c4dd02b4d..20840d40e1b4f 100644 --- a/htdocs/mrp/lib/mrp.lib.php +++ b/htdocs/mrp/lib/mrp.lib.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +17,7 @@ */ /** - * \file mrp/lib/mrp.lib.php + * \file htdocs/mrp/lib/mrp.lib.php * \ingroup mrp * \brief Library files with common functions for Mrp */ @@ -38,21 +39,21 @@ function mrpAdminPrepareHead() $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/admin/mrp.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/admin/mrp.php'; $head[$h][1] = $langs->trans("Settings"); $head[$h][2] = 'settings'; $h++; - $head[$h][0] = dol_buildpath("/admin/mrp_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/admin/mrp_extrafields.php'; $head[$h][1] = $langs->trans("ExtraFields"); $nbExtrafields = $extrafields->attributes['mrp_mo']['count']; if ($nbExtrafields > 0) { - $head[$h][1] .= ''.$nbExtrafields.''; + $head[$h][1] .= '' . $nbExtrafields . ''; } $head[$h][2] = 'mrp_extrafields'; $h++; - $head[$h][0] = dol_buildpath("/admin/mrp_production_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/admin/mrp_production_extrafields.php'; $head[$h][1] = $langs->trans("ExtraFieldsLines"); $head[$h][2] = 'mrp_production_extrafields'; $h++; diff --git a/htdocs/mrp/lib/mrp_mo.lib.php b/htdocs/mrp/lib/mrp_mo.lib.php index f78f5da91669d..63f39445e910d 100644 --- a/htdocs/mrp/lib/mrp_mo.lib.php +++ b/htdocs/mrp/lib/mrp_mo.lib.php @@ -1,5 +1,6 @@ * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,26 +37,26 @@ function moPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = DOL_URL_ROOT.'/mrp/mo_card.php?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("ManufacturingOrder"); $head[$h][2] = 'card'; $h++; - $head[$h][0] = DOL_URL_ROOT.'/mrp/mo_production.php?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_production.php?id=' . $object->id; $head[$h][1] = $langs->trans("Production"); $arrayproduced = $object->fetchLinesLinked('produced', 0); $nbProduced = 0; foreach ($arrayproduced as $lineproduced) { $nbProduced += $lineproduced['qty']; } - $head[$h][1] .= ''.$nbProduced.' / '.$object->qty.''; + $head[$h][1] .= '' . $nbProduced . ' / ' . $object->qty . ''; $head[$h][2] = 'production'; $h++; - $head[$h][0] = DOL_URL_ROOT.'/mrp/mo_movements.php?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_movements.php?id=' . $object->id; $head[$h][1] = $langs->trans("StockMovements"); $nbMove = $object->countMovements(); - $head[$h][1] .= ''.$nbMove.''; + $head[$h][1] .= '' . $nbMove . ''; $head[$h][2] = 'stockmovement'; $h++; @@ -67,29 +68,29 @@ function moPrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/mrp/mo_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= ''.$nbNote.''; + $head[$h][1] .= '' . $nbNote . ''; } $head[$h][2] = 'note'; $h++; } - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->mrp->dir_output."/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->mrp->dir_output . "/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/mrp/mo_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; - $head[$h][0] = dol_buildpath("/mrp/mo_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/mrp/mo_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; diff --git a/htdocs/mrp/mo_agenda.php b/htdocs/mrp/mo_agenda.php index 86f8778e79995..d4c87b7015ea7 100644 --- a/htdocs/mrp/mo_agenda.php +++ b/htdocs/mrp/mo_agenda.php @@ -1,6 +1,6 @@ - * Copyright (C) ---Put here your own copyright and developer email--- + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -30,8 +30,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; -dol_include_once('/mrp/class/mo.class.php'); -dol_include_once('/mrp/lib/mrp_mo.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; +require_once DOL_DOCUMENT_ROOT.'/mrp/lib/mrp_mo.lib.php'; // Load translation files required by the page diff --git a/htdocs/mrp/mo_document.php b/htdocs/mrp/mo_document.php index c8f09b37a9beb..6afe0f356866a 100644 --- a/htdocs/mrp/mo_document.php +++ b/htdocs/mrp/mo_document.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +17,7 @@ */ /** - * \file mo_document.php + * \file htdocs/mrp/mo_document.php * \ingroup mrp * \brief Tab for documents linked to Mo */ @@ -30,8 +31,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; -dol_include_once('/mrp/class/mo.class.php'); -dol_include_once('/mrp/lib/mrp_mo.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; +require_once DOL_DOCUMENT_ROOT.'/mrp/lib/mrp_mo.lib.php'; // Load translation files required by the page $langs->loadLangs(array("mrp", "companies", "other", "mails")); diff --git a/htdocs/mrp/mo_movements.php b/htdocs/mrp/mo_movements.php index deb9d39a97a5b..b5395b9b04bec 100644 --- a/htdocs/mrp/mo_movements.php +++ b/htdocs/mrp/mo_movements.php @@ -1,6 +1,7 @@ * Copyright (C) 2022 Ferran Marcet + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -33,8 +34,8 @@ require_once DOL_DOCUMENT_ROOT.'/product/stock/class/mouvementstock.class.php'; require_once DOL_DOCUMENT_ROOT.'/product/stock/class/productlot.class.php'; -dol_include_once('/mrp/class/mo.class.php'); -dol_include_once('/mrp/lib/mrp_mo.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; +require_once DOL_DOCUMENT_ROOT.'/mrp/lib/mrp_mo.lib.php'; // Load translation files required by the page $langs->loadLangs(array("mrp", "stocks", "other")); diff --git a/htdocs/mrp/mo_note.php b/htdocs/mrp/mo_note.php index 19b630aaf5397..9d24201da2e30 100644 --- a/htdocs/mrp/mo_note.php +++ b/htdocs/mrp/mo_note.php @@ -1,5 +1,6 @@ + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,8 +27,8 @@ require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; -dol_include_once('/mrp/class/mo.class.php'); -dol_include_once('/mrp/lib/mrp_mo.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; +require_once DOL_DOCUMENT_ROOT.'/mrp/lib/mrp_mo.lib.php'; // Load translation files required by the page $langs->loadLangs(array("mrp", "companies")); diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index 11e6ce992ce8e..c13813c342f59 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -2,6 +2,7 @@ /* Copyright (C) 2019-2020 Laurent Destailleur * Copyright (C) 2023 Christian Humpel * Copyright (C) 2023 Vincent de Grandpré + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -96,7 +97,7 @@ $permissionnote = $user->hasRight('mrp', 'write'); // Used by the include of actions_setnotes.inc.php $permissiondellink = $user->hasRight('mrp', 'write'); // Used by the include of actions_dellink.inc.php $permissiontoadd = $user->hasRight('mrp', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->mrp->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissiontodelete = $user->hasRight('mrp', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); $permissiontoproduce = $permissiontoadd; $permissiontoupdatecost = $user->hasRight('bom', 'read'); // User who can define cost must have knowledge of pricing diff --git a/htdocs/partnership/lib/partnership.lib.php b/htdocs/partnership/lib/partnership.lib.php index ec8f7b80987fa..f5822e20a166f 100644 --- a/htdocs/partnership/lib/partnership.lib.php +++ b/htdocs/partnership/lib/partnership.lib.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2021 Dorian Laurent + * Copyright (C) 2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +17,7 @@ */ /** - * \file partnership/lib/partnership.lib.php + * \file htdocs/partnership/lib/partnership.lib.php * \ingroup partnership * \brief Library files with common functions for Partnership */ @@ -38,22 +39,22 @@ function partnershipAdminPrepareHead() $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/partnership/admin/setup.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/partnership/admin/setup.php'; $head[$h][1] = $langs->trans("Settings"); $head[$h][2] = 'settings'; $h++; - $head[$h][0] = dol_buildpath("/partnership/admin/partnership_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/partnership/admin/partnership_extrafields.php'; $head[$h][1] = $langs->trans("ExtraFields"); $nbExtrafields = $extrafields->attributes['partnership']['count']; if ($nbExtrafields > 0) { - $head[$h][1] .= ''.$nbExtrafields.''; + $head[$h][1] .= '' . $nbExtrafields . ''; } $head[$h][2] = 'partnership_extrafields'; $h++; - $head[$h][0] = dol_buildpath("/partnership/admin/website.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/partnership/admin/website.php'; $head[$h][1] = $langs->trans("BlankSubscriptionForm"); $head[$h][2] = 'website'; $h++; @@ -88,7 +89,7 @@ function partnershipPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/partnership/partnership_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/partnership/partnership_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("Card"); $head[$h][2] = 'card'; $h++; @@ -101,29 +102,29 @@ function partnershipPrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/partnership/partnership_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/partnership/partnership_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= (!getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER') ? ''.$nbNote.'' : ''); + $head[$h][1] .= (!getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER') ? '' . $nbNote . '' : ''); } $head[$h][2] = 'note'; $h++; } - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->partnership->dir_output."/partnership/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->partnership->dir_output . "/partnership/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/partnership/partnership_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/partnership/partnership_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; - $head[$h][0] = dol_buildpath("/partnership/partnership_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/partnership/partnership_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 722af2e74b2d0..2d664de7376d5 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -70,6 +70,11 @@ class Product extends CommonObject */ public $fk_element = 'fk_product'; + /** + * @var Product + */ + public $oldcopy; + /** * @var array List of child tables. To test if we can delete object. */ @@ -290,7 +295,7 @@ class Product extends CommonObject public $duration; /** - * Service Workstation + * @var int Service Workstation */ public $fk_default_workstation; @@ -487,6 +492,10 @@ class Product extends CommonObject public $fourn_qty; public $fourn_pu; public $fourn_price_base_type; + + /** + * @var int ID + */ public $fourn_socid; /** @@ -529,7 +538,7 @@ class Product extends CommonObject public $sousprods; /** - * Path of subproducts. Build from ->sousprods with get_arbo_each_prod() + * @var array Path of subproducts. Build from ->sousprods with get_arbo_each_prod() */ public $res; diff --git a/htdocs/recruitment/lib/recruitment.lib.php b/htdocs/recruitment/lib/recruitment.lib.php index 911c6abdb039d..97690d73ea71d 100644 --- a/htdocs/recruitment/lib/recruitment.lib.php +++ b/htdocs/recruitment/lib/recruitment.lib.php @@ -1,6 +1,6 @@ - * Copyright (C) 2022 Frédéric France + * Copyright (C) 2022-2024 Frédéric France * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ */ /** - * \file recruitment/lib/recruitment.lib.php + * \file htdocs/recruitment/lib/recruitment.lib.php * \ingroup recruitment * \brief Library files with common functions for Recruitment */ @@ -40,35 +40,35 @@ function recruitmentAdminPrepareHead() $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/recruitment/admin/setup.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/recruitment/admin/setup.php'; $head[$h][1] = $langs->trans("JobPositions"); $head[$h][2] = 'settings'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/admin/setup_candidatures.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/recruitment/admin/setup_candidatures.php'; $head[$h][1] = $langs->trans("RecruitmentCandidatures"); $head[$h][2] = 'settings_candidatures'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/admin/public_interface.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/recruitment/admin/public_interface.php'; $head[$h][1] = $langs->trans("PublicUrl"); $head[$h][2] = 'publicurl'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/admin/jobposition_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/recruitment/admin/jobposition_extrafields.php'; $head[$h][1] = $langs->trans("ExtrafieldsJobPosition"); $nbExtrafields = $extrafields->attributes['recruitment_recruitmentjobposition']['count']; if ($nbExtrafields > 0) { - $head[$h][1] .= ''.$nbExtrafields.''; + $head[$h][1] .= '' . $nbExtrafields . ''; } $head[$h][2] = 'jobposition_extrafields'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/admin/candidature_extrafields.php", 1); + $head[$h][0] = DOL_URL_ROOT . '/recruitment/admin/candidature_extrafields.php'; $head[$h][1] = $langs->trans("ExtrafieldsApplication"); $nbExtrafields = $extrafields->attributes['recruitment_recruitmentcandidature']['count']; if ($nbExtrafields > 0) { - $head[$h][1] .= ''.$nbExtrafields.''; + $head[$h][1] .= '' . $nbExtrafields . ''; } $head[$h][2] = 'candidature_extrafields'; $h++; diff --git a/htdocs/recruitment/lib/recruitment_recruitmentcandidature.lib.php b/htdocs/recruitment/lib/recruitment_recruitmentcandidature.lib.php index c4ad141bca68e..d6a0de449dcd4 100644 --- a/htdocs/recruitment/lib/recruitment_recruitmentcandidature.lib.php +++ b/htdocs/recruitment/lib/recruitment_recruitmentcandidature.lib.php @@ -1,5 +1,6 @@ * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,13 +37,13 @@ function recruitmentCandidaturePrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/recruitment/recruitmentcandidature_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentcandidature_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("RecruitmentCandidature"); $head[$h][2] = 'card'; $h++; // if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { - // $head[$h][0] = dol_buildpath("/recruitment/recruitmentrating_card.php", 1).'?id='.$object->id; + // $head[$h][0] = DOL_URL_ROOT.'/recruitment/recruitmentrating_card.php?id='.$object->id; // $head[$h][1] = $langs->trans("Rating"); // $head[$h][2] = 'rating'; // $h++; @@ -56,29 +57,29 @@ function recruitmentCandidaturePrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/recruitment/recruitmentcandidature_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentcandidature_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= ''.$nbNote.''; + $head[$h][1] .= '' . $nbNote . ''; } $head[$h][2] = 'note'; $h++; } - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->recruitment->dir_output."/recruitmentcandidature/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->recruitment->dir_output . "/recruitmentcandidature/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/recruitment/recruitmentcandidature_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentcandidature_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/recruitmentcandidature_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentcandidature_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; diff --git a/htdocs/recruitment/lib/recruitment_recruitmentjobposition.lib.php b/htdocs/recruitment/lib/recruitment_recruitmentjobposition.lib.php index a269bc6168336..8fafb1c3fdc44 100644 --- a/htdocs/recruitment/lib/recruitment_recruitmentjobposition.lib.php +++ b/htdocs/recruitment/lib/recruitment_recruitmentjobposition.lib.php @@ -1,5 +1,6 @@ * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,21 +37,21 @@ function recruitmentjobpositionPrepareHead($object) $h = 0; $head = array(); - $head[$h][0] = dol_buildpath("/recruitment/recruitmentjobposition_card.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentjobposition_card.php?id=' . $object->id; $head[$h][1] = $langs->trans("PositionToBeFilled"); $head[$h][2] = 'card'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/recruitmentcandidature_list.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentcandidature_list.php?id=' . $object->id; $head[$h][1] = $langs->trans("RecruitmentCandidatures"); - $sql = "SELECT COUNT(rowid) as nb FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature WHERE fk_recruitmentjobposition = ".((int) $object->id); + $sql = "SELECT COUNT(rowid) as nb FROM " . MAIN_DB_PREFIX . "recruitment_recruitmentcandidature WHERE fk_recruitmentjobposition = " . ((int) $object->id); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); if ($obj) { $nCandidature = $obj->nb; if ($nCandidature > 0) { - $head[$h][1] .= ''.$nCandidature.''; + $head[$h][1] .= '' . $nCandidature . ''; } } } else { @@ -67,29 +68,29 @@ function recruitmentjobpositionPrepareHead($object) if (!empty($object->note_public)) { $nbNote++; } - $head[$h][0] = dol_buildpath('/recruitment/recruitmentjobposition_note.php', 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentjobposition_note.php?id=' . $object->id; $head[$h][1] = $langs->trans('Notes'); if ($nbNote > 0) { - $head[$h][1] .= ''.$nbNote.''; + $head[$h][1] .= '' . $nbNote . ''; } $head[$h][2] = 'note'; $h++; } - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; - $upload_dir = $conf->recruitment->dir_output."/recruitmentjobposition/".dol_sanitizeFileName($object->ref); + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; + $upload_dir = $conf->recruitment->dir_output . "/recruitmentjobposition/" . dol_sanitizeFileName($object->ref); $nbFiles = count(dol_dir_list($upload_dir, 'files', 0, '', '(\.meta|_preview.*\.png)$')); $nbLinks = Link::count($db, $object->element, $object->id); - $head[$h][0] = dol_buildpath("/recruitment/recruitmentjobposition_document.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentjobposition_document.php?id=' . $object->id; $head[$h][1] = $langs->trans('Documents'); if (($nbFiles + $nbLinks) > 0) { - $head[$h][1] .= ''.($nbFiles + $nbLinks).''; + $head[$h][1] .= '' . ($nbFiles + $nbLinks) . ''; } $head[$h][2] = 'document'; $h++; - $head[$h][0] = dol_buildpath("/recruitment/recruitmentjobposition_agenda.php", 1).'?id='.$object->id; + $head[$h][0] = DOL_URL_ROOT . '/recruitment/recruitmentjobposition_agenda.php?id=' . $object->id; $head[$h][1] = $langs->trans("Events"); $head[$h][2] = 'agenda'; $h++; @@ -126,8 +127,8 @@ function getPublicJobPositionUrl($mode, $ref = '', $localorexternal = 0) $out = ''; // Define $urlwithroot - $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); - $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file + $urlwithouturlroot = preg_replace('/' . preg_quote(DOL_URL_ROOT, '/') . '$/i', '', trim($dolibarr_main_url_root)); + $urlwithroot = $urlwithouturlroot . DOL_URL_ROOT; // This is to use external domain name found into config file //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current $urltouse = DOL_MAIN_URL_ROOT; @@ -135,7 +136,7 @@ function getPublicJobPositionUrl($mode, $ref = '', $localorexternal = 0) $urltouse = $urlwithroot; } - $out = $urltouse.'/public/recruitment/view.php?ref='.($mode ? '' : '').$ref.($mode ? '' : ''); + $out = $urltouse . '/public/recruitment/view.php?ref=' . ($mode ? '' : '') . $ref . ($mode ? '' : ''); /*if (!empty($conf->global->RECRUITMENT_SECURITY_TOKEN)) { if (empty($conf->global->RECRUITMENT_SECURITY_TOKEN)) $out .= '&securekey='.urlencode($conf->global->RECRUITMENT_SECURITY_TOKEN); @@ -144,7 +145,7 @@ function getPublicJobPositionUrl($mode, $ref = '', $localorexternal = 0) // For multicompany if (!empty($out) && isModEnabled('multicompany')) { - $out .= "&entity=".$conf->entity; // Check the entity because we may have the same reference in several entities + $out .= "&entity=" . $conf->entity; // Check the entity because we may have the same reference in several entities } return $out; diff --git a/htdocs/societe/class/client.class.php b/htdocs/societe/class/client.class.php index b1fad2a4be887..9c858eb6da258 100644 --- a/htdocs/societe/class/client.class.php +++ b/htdocs/societe/class/client.class.php @@ -2,6 +2,7 @@ /* Copyright (C) 2004 Rodolphe Quiedeville * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2020 Open-Dsi + * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -30,8 +31,14 @@ */ class Client extends Societe { - public $next_prev_filter = "te.client in (1,2,3)"; // Used to add a filter in Form::showrefnav method + /** + * @var string Used to add a filter in Form::showrefnav method + */ + public $next_prev_filter = "te.client in (1,2,3)"; + /** + * @var array + */ public $cacheprospectstatus = array(); diff --git a/htdocs/theme/eldy/flags-sprite.inc.php b/htdocs/theme/eldy/flags-sprite.inc.php index 56300e37e3f10..274235f844a67 100644 --- a/htdocs/theme/eldy/flags-sprite.inc.php +++ b/htdocs/theme/eldy/flags-sprite.inc.php @@ -1,6 +1,28 @@ + * Copyright (C) 2024 Frédéric France + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/theme/eldy/flag-sprite.inc.php + * \brief File for CSS style sheet Eldy + */ if (!defined('ISLOADEDBYSTEELSHEET')) { - die('Must be call by steelsheet'); + die('Must be call by stylesheet'); } ?> /*