Merge remote-tracking branch 'Upstream/develop' into develop-57

Conflicts:
	htdocs/install/mysql/migration/3.8.0-3.9.0.sql

COPYRIGHT

@@ -22,7 +22,7 @@ NuSoap                 0.9.5         LGPL 2.1+                   Yes
 PEAR Mail_MIME         1.8.9         BSD                         Yes             NuSoap dependency
 odtPHP                 1.0.1         GPL-2+  b                   Yes             Library to build/edit ODT files
 PHPExcel               1.8.0         LGPL-2.1+                   Yes             Read/Write XLS files, read ODS files
-php-iban               1.4.6         LGPL-3+                     Yes             Parse and validate IBAN (and IIBAN) bank account information in PHP
+php-iban               1.4.7         LGPL-3+                     Yes             Parse and validate IBAN (and IIBAN) bank account information in PHP
 PHPPrintIPP            1.3           GPL-2+                      Yes             Library to send print IPP requests
 Restler                3.0           LGPL-3+                     Yes             Library to develop REST Web services
 TCPDF                  6.2.6         LGPL-3+                     Yes             PDF generation

ChangeLog

@@ -224,7 +224,7 @@ Dolibarr better:
   hook afterLogin or afterLoginFailed instead.
 - The trigger USER_CREATE_FROM_CONTACT has been replace with USER_CREATE and property context is now filled
   to make difference between creation from contact or not.
-
+- Function get_exdir require now 6 parameters. This is to prepare a future feature.
 
 ***** ChangeLog for 3.7.2 compared to 3.7.1 *****
 FIX [ bug #2855 ] Wrong translation key in localtax report page
@@ -238,6 +238,7 @@ FIX: Not showing delivery date on rouget pdf
 FIX: Not showing task extrafields when creating from left menu
 FIX [ bug #3288 ] Tasks box is not properly drawn
 FIX [ bug #3211 ] Outstading bill amount of a client showed wrong amounts
+FIX [ bug #3321 ] Users with certain permissions were shown a "forbidden access" page even if they had the rights
 
 NEW: Created new ContratLigne::insert function
 

build.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!-- Script build for hudson CI -->
 <project name="dolibarr" default="hudson" basedir=".">
-fdfds
 <!-- Exclude/ignore paths -->
  <property name="ignorepaths" value="${basedir}/htdocs/conf,${basedir}/htdocs/core/filemanagerdol,${basedir}/htdocs/includes" />
  <property name="ignoreregexp" value="**/PEAR/*,**/NET/*,**/HTTP/*,**/zendgdata/*,**/reportico/*" />

build/debian/README.howto

@@ -117,7 +117,7 @@ http://bugs.debian.org/package
 severity 123 xxx
 
 
-##### Update but tracker system
+##### Update bug tracker system
 
 To set status of a bug to "pending"
 > bts --smtp-host=yoursmtpserver tag 999999 +pending
@@ -249,7 +249,7 @@ from git clone dir and make link to git.
 * If local branch upstream and pristine-tar does not exists, create it
 from origin/upstream and origin/pristine.
 
-* If new upstream is available onto sourceforge, launch:
+* When new upstream is available onto sourceforge, launch:
 > debian/get-orig-source.sh
 If script fails with error Bad certificate, you can set "export PERL_LWP_SSL_VERIFY_HOSTNAME=0" to solve this.
 
@@ -273,8 +273,8 @@ Note: If there was errors solved manually after get-orig-sources.sh, you may nee
 * Fix debian/* files used to build package.
 Add an entry into debian/changelog
 > dch -v x.y.z+dfsgw-v "My comment" will add entry.
-For example: dch -v x.y.z+dfsgw-1 "New upstream release." for a new version (x.y.z = version, w start from 1 and increaed for each new import)
-Then modify changelog to replace "version" or "unstable" with "UNRELEASED".
+For example: dch -v x.y.z+dfsgw-1 "New upstream release." for a new version (x.y.z = version, w start from 1 and increased for each new import)
+Then check/modify changelog to replace "version" or "unstable" with "UNRELEASED".
 Then check/modify also the user/date signature:
 - Date must have format reported by "date -R"
 - Name and email must match value into debian/control file (Entry added here is used by next step).
@@ -299,7 +299,7 @@ Note: Package is built into directory ../build-area
 
 * If package .deb is ok:
 Note: If there was errors managed manually, you may need to make a git commit but do not use option "amend" previous commit
-> git push --all ou git push origin --all
+> git push --all
 
 * If ok, you can tag.
 > Edit debian/changelog to replace "UNRELEASED" into "unstable", then push

dev/fixdosfiles.sh

@@ -24,7 +24,7 @@ fi
 # To convert
 if [ "x$1" = "xfix" ]
 then
-	for fic in `find . \( -iname "*.md" -o -iname "*.html" -o -iname "*.htm" -o -iname "*.php" -o -iname "*.sh" -o -iname "*.cml" -o -iname "*.css" -o -iname "*.js" -o -iname "*.lang" -o -iname "*.pl" -o -iname "*.txt" -o -iname "*.xml"\) -exec file "{}" + | grep CRLF | awk -F':' '{ print $1 }' `
+	for fic in `find . \( -iname "*.md" -o -iname "*.html" -o -iname "*.htm" -o -iname "*.php" -o -iname "*.sh" -o -iname "*.cml" -o -iname "*.css" -o -iname "*.js" -o -iname "*.lang" -o -iname "*.pl" -o -iname "*.txt" -o -iname "*.xml" \) -exec file "{}" + | grep CRLF | awk -F':' '{ print $1 }' `
 	do
 		echo "Fix file $fic"
 		dos2unix $fic

htdocs/accountancy/customer/list.php

@@ -53,6 +53,7 @@
 $search_amount = GETPOST('search_amount', 'alpha');
 $search_account = GETPOST('search_account', 'alpha');
 $search_vat = GETPOST('search_vat', 'alpha');
+$btn_ventil = GETPOST('ventil', 'alpha');
 
 // Getpost Order and column and limit page
 $sortfield = GETPOST('sortfield', 'alpha');
@@ -129,7 +130,7 @@
  * Action
  */
 
-if ($action == 'ventil') {
+if ($action == 'ventil' && !empty($btn_ventil)) {
 	print '<div><font color="red">' . $langs->trans("Processing") . '...</font></div>';
 	if (! empty($codeventil) && ! empty($mesCasesCochees)) {
 		print '<div><font color="red">' . count($mesCasesCochees) . ' ' . $langs->trans("SelectedLines") . '</font></div>';
@@ -337,7 +338,7 @@
 	}
 
 	print '</table>';
-	print '<br><div align="center"><input type="submit" class="butAction" value="' . $langs->trans("Ventilate") . '"></div>';
+	print '<br><div align="center"><input type="submit" class="butAction" value="' . $langs->trans("Ventilate") . '" name="ventil"></div>';
 	print '</form>';
 } else {
 	print $db->error();

htdocs/accountancy/journal/sellsjournal.php

@@ -89,8 +89,8 @@
 $sql = "SELECT f.rowid, f.facnumber, f.type, f.datef as df, f.ref_client,";
 $sql .= " fd.rowid as fdid, fd.description, fd.product_type, fd.total_ht, fd.total_tva, fd.tva_tx, fd.total_ttc,";
 $sql .= " s.rowid as socid, s.nom as name, s.code_compta, s.code_client,";
-$sql .= " p.rowid as pid, p.ref as pref, p.accountancy_code_sell, aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte, ";
-$sql .= " ct.accountancy_code_sell as account_tva";
+$sql .= " p.rowid as pid, p.ref as pref, p.accountancy_code_sell, aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte,";
+$sql .= " fd.situation_percent,ct.accountancy_code_sell as account_tva";
 $sql .= " FROM " . MAIN_DB_PREFIX . "facturedet as fd";
 $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product as p ON p.rowid = fd.fk_product";
 $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accountingaccount as aa ON aa.rowid = fd.fk_code_ventilation";
@@ -102,16 +102,18 @@
 	$sql .= " AND f.entity IN (" . getEntity("facture", 1) . ")";
 }
 $sql .= " AND f.fk_statut > 0";
-if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS))
-	$sql .= " AND f.type IN (0,1,2,5)";
-else
-	$sql .= " AND f.type IN (0,1,2,3,5)";
+if (! empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
+	$sql.= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_SITUATION.")";
+}
+else {
+	$sql.= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_STANDARD.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_DEPOSIT.",".Facture::TYPE_SITUATION.")";
+}
 $sql .= " AND fd.product_type IN (0,1)";
 if ($date_start && $date_end)
 	$sql .= " AND f.datef >= '" . $db->idate($date_start) . "' AND f.datef <= '" . $db->idate($date_end) . "'";
 $sql .= " ORDER BY f.datef";
 
-dol_syslog('accountancy/journal/sellsjournal.php:: $sql=' . $sql);
+dol_syslog('accountancy/journal/sellsjournal.php', LOG_DEBUG);
 $result = $db->query($sql);
 if ($result) {
 	$tabfac = array ();
@@ -143,10 +145,15 @@
 		$line = new FactureLigne($db);
 		$line->fetch($obj->rowid);
 		$prev_progress = $line->get_prev_progress();
-		if ($obj->situation_percent == 0) { // Avoid divide by 0
-			$situation_ratio = 0;
+		if ($obj->type==Facture::TYPE_SITUATION) {
+			// Avoid divide by 0
+			if ($obj->situation_percent == 0) {
+				$situation_ratio = 0;
+			} else {
+				$situation_ratio = ($obj->situation_percent - $prev_progress) / $obj->situation_percent;
+			}
 		} else {
-			$situation_ratio = ($obj->situation_percent - $prev_progress) / $obj->situation_percent;
+			$situation_ratio = 1;
 		}
 
 		// Invoice lines

htdocs/admin/tools/listevents.php

@@ -182,7 +182,8 @@
 		$formquestion=array();
 		print $form->formconfirm($_SERVER["PHP_SELF"].'?noparam=noparam', $langs->trans('PurgeAuditEvents'), $langs->trans('ConfirmPurgeAuditEvents'),'confirm_purge',$formquestion,'no',1);
 	}
-
+
+	print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
 	print '<table class="liste" width="100%">';
 	print '<tr class="liste_titre">';
 	print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"e.dateevent","","",'align="left"',$sortfield,$sortorder);
@@ -195,7 +196,6 @@
 
 
 	// Lignes des champs de filtres
-	print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
 	print '<tr class="liste_titre">';
 
 	print '<td class="liste_titre" width="15%">'.$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).$form->select_date($date_end,'date_end',0,0,0,'',1,0,1).'</td>';
@@ -222,7 +222,6 @@
 	print '</td>';
 
 	print "</tr>\n";
-	print '</form>';
 
 	$var=True;
 
@@ -283,7 +282,7 @@
 		if ($usefilter) print '<tr><td colspan="6">'.$langs->trans("NoEventFoundWithCriteria").'</td></tr>';
 		else print '<tr><td colspan="6">'.$langs->trans("NoEventOrNoAuditSetup").'</td></tr>';
 	}
-	print "</table>";
+	print "</table></form>";
 	$db->free($result);
 
 	if ($num)

htdocs/comm/askpricesupplier/index.php

@@ -61,15 +61,15 @@
  * Search form
  */
 $var=false;
-print '<table class="noborder nohover" width="100%">';
 print '<form method="post" action="'.DOL_URL_ROOT.'/comm/askpricesupplier/list.php">';
 print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+print '<table class="noborder nohover" width="100%">';
 print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("SearchRequest").'</td></tr>';
 print '<tr '.$bc[$var].'><td>';
 print $langs->trans("Ref").':</td><td><input type="text" class="flat" name="sref" size=18></td><td rowspan="2"><input type="submit" value="'.$langs->trans("Search").'" class="button"></td></tr>';
 print '<tr '.$bc[$var].'><td class="nowrap">'.$langs->trans("Other").':</td><td><input type="text" class="flat" name="sall" size="18"></td>';
 print '</tr>';
-print "</form></table><br>\n";
+print "</table></form><br>\n";
 
 
 /*

htdocs/comm/mailing/list.php

@@ -96,7 +96,8 @@
 
 	$param = "&sall=".$sall;
 	if ($filteremail) $param.='&filteremail='.urlencode($filteremail);
-
+
+	print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
 	print '<table class="liste">';
 	print '<tr class="liste_titre">';
 	print_liste_field_titre($langs->trans("Ref"),$_SERVER["PHP_SELF"],"m.rowid",$param,"","",$sortfield,$sortorder);
@@ -108,7 +109,6 @@
 	print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],($filteremail?"mc.statut":"m.statut"),$param,"",'align="right"',$sortfield,$sortorder);
 	print "</tr>\n";
 
-	print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
 	print '<tr class="liste_titre">';
 	print '<td class="liste_titre">';
 	print '<input type="text" class="flat" name="sref" value="'.$sref.'" size="6">';
@@ -123,7 +123,6 @@
 	print '<td class="liste_titre" align="right"><input class="liste_titre" type="image" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
 	print "</td>";
 	print "</tr>\n";
-	print '</form>';
 
 	$var=True;
 
@@ -177,7 +176,7 @@
 		print "</tr>\n";
 		$i++;
 	}
-	print "</table>";
+	print '</table></form>';
 	$db->free($result);
 }
 else

htdocs/comm/propal/index.php

@@ -63,15 +63,15 @@
  * Search form
  */
 $var=false;
-print '<table class="noborder nohover" width="100%">';
 print '<form method="post" action="'.DOL_URL_ROOT.'/comm/propal/list.php">';
 print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+print '<table class="noborder nohover" width="100%">';
 print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("SearchPropal").'</td></tr>';
 print '<tr '.$bc[$var].'><td>';
 print $langs->trans("Ref").':</td><td><input type="text" class="flat" name="sref" size=18></td><td rowspan="2"><input type="submit" value="'.$langs->trans("Search").'" class="button"></td></tr>';
 print '<tr '.$bc[$var].'><td class="nowrap">'.$langs->trans("Other").':</td><td><input type="text" class="flat" name="sall" size="18"></td>';
 print '</tr>';
-print "</form></table><br>\n";
+print "</table></form><br>\n";
 
 
 /*

htdocs/comm/prospect/index.php

@@ -54,15 +54,15 @@
 if (! empty($conf->propal->enabled))
 {
 	$var=false;
-	print '<table class="noborder nohover" width="100%">';
 	print '<form method="post" action="'.DOL_URL_ROOT.'/comm/propal.php">';
 	print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
+	print '<table class="noborder nohover" width="100%">';
 	print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("SearchAProposal").'</td></tr>';
 	print '<tr '.$bc[$var].'><td>';
 	print $langs->trans("Ref").':</td><td><input type="text" class="flat" name="sf_ref" size="18"></td><td rowspan="2"><input type="submit" value="'.$langs->trans("Search").'" class="button"></td></tr>';
 	print '<tr '.$bc[$var].'><td class="nowrap">'.$langs->trans("Other").':</td><td><input type="text" class="flat" name="sall" size="18"></td>';
 	print '</tr>';
-	print "</form></table><br>\n";
+	print "</table></form><br>\n";
 }
 
 /*