diff --git a/build/docker-compose.yml b/build/docker-compose.yml index 8826e34..f8eebaa 100644 --- a/build/docker-compose.yml +++ b/build/docker-compose.yml @@ -12,8 +12,7 @@ services: - ..\..\dolibarr_page_from_SQLtable\page_from_table:/var/www/build ports: - 18080:80 - env_file: - .env + env_file: .env links: - database database: @@ -22,15 +21,14 @@ services: volumes: - mysql_data_10:/var/lib/mysql - ./mount:/docker-entrypoint-initdb.d -## How to reset database -# 1 on the host download the right db (ver 9 bellow) because the container doesn't have wget -#wget https://github.com/Dolibarr/dolibarr/raw/develop/dev/initdemo/mysqldump_dolibarr_9.0.0.sql -o dump.sql -# 2 uncomment the line - ./dump.sql:/var/www/html/dump.sql -# 3 Attach shell to db containter and run those two commands -#mysql -u root -p -e "SELECT concat('DROP TABLE IF EXISTS `', table_name, '`;') FROM information_schema.tables WHERE table_schema = 'dolibarr';" -#mysql -u root -p dolibarr < /var/www/html/dump.sql - env_file: - .env + ## How to reset database + # 1 on the host download the right db (ver 9 bellow) because the container doesn't have wget + #wget https://github.com/Dolibarr/dolibarr/raw/develop/dev/initdemo/mysqldump_dolibarr_9.0.0.sql -o dump.sql + # 2 uncomment the line - ./dump.sql:/var/www/html/dump.sql + # 3 Attach shell to db containter and run those two commands + #mysql -u root -p -e "SELECT concat('DROP TABLE IF EXISTS `', table_name, '`;') FROM information_schema.tables WHERE table_schema = 'dolibarr';" + #mysql -u root -p dolibarr < /var/www/html/dump.sql + env_file: .env environment: MYSQL_ROOT_PASSWORD: ${DOLI_DB_PASSWORD} MYSQL_DATABASE: ${DOLI_DB_NAME} @@ -39,5 +37,4 @@ services: # ports: # - 3306:3306 volumes: - mysql_data_10: - # password admin adminadmin \ No newline at end of file + mysql_data_10: # password admin adminadmin diff --git a/htdocs/timesheet/AttendanceEventAdmin.php b/htdocs/timesheet/AttendanceEventAdmin.php index fdbe5dd..ead5310 100644 --- a/htdocs/timesheet/AttendanceEventAdmin.php +++ b/htdocs/timesheet/AttendanceEventAdmin.php @@ -505,7 +505,7 @@ function init_myfunc() $duration = ($obj->date_time_event_start <> "") ?$db->jdate($obj->date_time_event)-$db->jdate($obj->date_time_event_start):''; print "".formatTime($duration, 0).""; - print '' + print '' .img_delete().''; print ""; } diff --git a/htdocs/timesheet/Timesheet.php b/htdocs/timesheet/Timesheet.php index 491bd62..6eb7f0e 100644 --- a/htdocs/timesheet/Timesheet.php +++ b/htdocs/timesheet/Timesheet.php @@ -222,7 +222,7 @@ print $task_timesheet->getHTMLGetOtherUserTs($SubordiateIds, $userid, $admin, $token); } //$ajax = false; -$Form = $task_timesheet->getHTMLNavigation($optioncss); +$Form = $task_timesheet->getHTMLNavigation($optioncss, $token); $Form .= $task_timesheet->getHTMLFormHeader(); $Form .= $task_timesheet->getHTMLActions(); if (getConf('TIMESHEET_WHITELIST') == 1) { diff --git a/htdocs/timesheet/TimesheetFavouriteAdmin.php b/htdocs/timesheet/TimesheetFavouriteAdmin.php index 3f6710f..9cade79 100644 --- a/htdocs/timesheet/TimesheetFavouriteAdmin.php +++ b/htdocs/timesheet/TimesheetFavouriteAdmin.php @@ -290,7 +290,7 @@ function init_myfunc() $edit = 1; case 'delete'; if ($action == 'delete' && ($id>0 || $ref!="")) { - $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&id='.$id, + $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&token='.$token.'&id='.$id, $langs->trans('DeleteTimesheetwhitelist'), $langs->trans('ConfirmDeleteTimesheetwhitelist'), 'confirm_delete', '', 0, 1); if ($ret == 'html') print '
'; @@ -492,9 +492,9 @@ function init_myfunc() $userId = (is_object($user)?$user->id:$user); if (empty($reshook) && ($admin || $userId == $object->user)) { print '
'; - print '' + print '' .$langs->trans('Update').''; - print '' + print '' .$langs->trans('Delete').''; print '
'; } @@ -502,7 +502,7 @@ function init_myfunc() break; case 'delete': if (($id>0 || $ref!='')) { - $ret = $form->form_confirm('?action=confirm_delete&id='.$id, + $ret = $form->form_confirm('?action=confirm_delete&token='.$token.'&id='.$id, $langs->trans('DeleteTimesheetwhitelist'), $langs->trans('ConfirmDeleteTimesheetwhitelist'), 'confirm_delete', '', 0, 1); if ($ret == 'html') print '
'; @@ -709,7 +709,7 @@ function init_myfunc() print "".$obj->subtask.""; print "".dol_print_date($obj->date_start, 'day').""; print "".dol_print_date($obj->date_end, 'day').""; - print ''.img_delete().''; + print ''.img_delete().''; print ""; } $i++; @@ -721,7 +721,7 @@ function init_myfunc() print ''."\n"; print ''."\n"; // new button - print ''.$langs->trans('New'); + print ''.$langs->trans('New'); print ' '.$langs->trans('Timesheetwhitelist')."\n"; break; } @@ -735,15 +735,15 @@ function init_myfunc() */ function reloadpage($backtopage = "", $id = "", $ref = "") { - if (!empty($backtopage)) { - header("Location: ".$backtopage); - } elseif (!empty($ref)) { - header("Location: ".$_SERVER["PHP_SELF"].'?action=view&ref='.$id); - } elseif ($id>0) { - header("Location: ".$_SERVER["PHP_SELF"].'?action=view&id='.$id); - } else{ - header("Location: ".$_SERVER["PHP_SELF"].'?action=list'); - } + if (!empty($backtopage)) { + header("Location: ".$backtopage); + } elseif (!empty($ref)) { + header("Location: ".$_SERVER["PHP_SELF"].'?action=view&ref='.$id); + } elseif ($id>0) { + header("Location: ".$_SERVER["PHP_SELF"].'?action=view&id='.$id); + } else{ + header("Location: ".$_SERVER["PHP_SELF"].'?action=list'); + } ob_end_flush(); exit(); } diff --git a/htdocs/timesheet/TimesheetOtherApproval.php b/htdocs/timesheet/TimesheetOtherApproval.php index 040b543..36f4708 100644 --- a/htdocs/timesheet/TimesheetOtherApproval.php +++ b/htdocs/timesheet/TimesheetOtherApproval.php @@ -47,8 +47,11 @@ // end find the role // get other param $action = GETPOST('action', 'alpha'); +$offset = GETPOST('offset', 'int'); if (!is_numeric($offset))$offset = 0; -$print = (GETPOST('optioncss', 'alpha') == 'print')?true:false; +$optioncss = GETPOST('optioncss', 'alpha'); +$print = ($optioncss == 'print')?true:false; + $current = GETPOST('target', 'int'); $token = GETPOST('token', 'alpha'); if ($current == null)$current = '0'; @@ -201,19 +204,20 @@ function getHTMLNavigation($role, $optioncss, $selectList,$token, $current = 0) $form = new Form($db); $Nav = ''."\n\t".''."\n\t\t".'\n\t\t\n\t\t\n\t\t'; echo ''; echo ''; diff --git a/htdocs/timesheet/TimesheetTeamApproval.php b/htdocs/timesheet/TimesheetTeamApproval.php index 6f50525..e778551 100644 --- a/htdocs/timesheet/TimesheetTeamApproval.php +++ b/htdocs/timesheet/TimesheetTeamApproval.php @@ -245,7 +245,7 @@ } } else{ - $Form .= '

'.$langs->trans('NothingToValidate').'

'; + $Form = '

'.$langs->trans('NothingToValidate').'

'; $staticTs = new TimesheetUserTasks($db); $staticTs->token = $token; $Form .= $staticTs->getHTMLFooterAp($current); @@ -366,18 +366,18 @@ function getHTMLNavigation($optioncss, $selectList, $token, $current = 0) $form = new Form($db); $Nav = '
'."\n\t\t\t"; if ($current!=0) { - $Nav .= 'trans("Previous").' '."\n\t\t"; } $Nav .= "\n\t\t\t"; $Nav .= '
'."\n\t\t\t"; - $Nav .= $langs->trans("GoTo").': '.$htmlSelect."\n\t\t\t";; - $Nav .= '
'."\n\t\t		\n\t\t\t"; + $Nav .= $langs->trans("GoTo").': '.$htmlSelect."\n\t\t\t"; $Nav .= ''; + $Nav .= ''."\n\t\t\n\t\t\t"; + if ($currenttrans("Next").' >>'; @@ -229,7 +233,7 @@ function getHTMLNavigation($role, $optioncss, $selectList,$token, $current = 0) function getTStobeApproved($current, $selectList) { global $db; - if ((!is_array($selectList) || !is_array($selectList[$current]['idList'])))return array(); + if ((!is_array($selectList) || !array_key_exists($current,$selectList) ||!is_array($selectList[$current]['idList'])))return array(); $listTTA = array(); foreach ($selectList[$current]['idList'] as $idTTA) { $TTA = new TimesheetTask($db); @@ -340,7 +344,7 @@ function getHTMLRows($objectArray) { global $langs, $conf; $headers = array('Approval', 'Note', 'Tasks', 'User'); - if (!is_array($objectArray) || !is_object($objectArray[0])) return -1; + if (!is_array($objectArray) || !array_key_exists(0,$objectArray) || !is_object($objectArray[0])) return -1; echo '
'.$langs->trans('Approval').''.$langs->trans('Note').'
'."\n\t".''."\n\t\t".'\n\t\t\n\t\t"; print ""; print ""; - print ''; + print ''; print ""; } $i++; @@ -656,6 +656,7 @@ function init_myfunc() */ function reloadpage($backtopage, $id) { + global $token; if (!empty($backtopage)) { header("Location: ".$backtopage); // header("Location: ".$_SERVER["PHP_SELF"].'?action=view&ref='.$ref); @@ -677,7 +678,7 @@ function reloadpage($backtopage, $id) */ function Timesheetuser_prepare_head($object) { - global $langs, $conf, $user; + global $langs, $conf, $user, $token; $h = 0; $head = array(); $head[$h][0] = $_SERVER["PHP_SELF"].'?action=view&id='.$object->id; diff --git a/htdocs/timesheet/class/AttendanceEvent.class.php b/htdocs/timesheet/class/AttendanceEvent.class.php index 5e22076..825a3f6 100644 --- a/htdocs/timesheet/class/AttendanceEvent.class.php +++ b/htdocs/timesheet/class/AttendanceEvent.class.php @@ -269,7 +269,7 @@ public function update($user, $notrigger = 0) */ public function getNomUrl($withpicto = 0, $id = 0, $ref = '' ) { - global $conf, $langs; + global $conf, $langs,$token; if (! empty($conf->dol_no_mouse_hover)) $notooltip = 1;// Force disable tooltips $result = ''; if (empty($ref) && $id == 0) { @@ -750,9 +750,9 @@ public function ajaxHeartbeat($user, $json) */ public function getHTMLGetOtherUserTs($idsList, $selected, $admin) { - global $langs; + global $langs,$token; $form = new Form($this->db); - $HTML = ''; + $HTML = ''; if (!$admin) { $HTML .= $form->select_dolusers($selected, 'userid', 0, null, 0, $idsList); } else{ @@ -885,7 +885,7 @@ public function fetchTasks($userid = '', $date = '') $tasksList[$i]->id = $obj->taskid; $tasksList[$i]->userId = $this->userid; $tasksList[$i]->getTaskInfo(); - $tasksList[$i]->listed = is_array($whiteList)?$whiteList[$obj->taskid]:null; + $tasksList[$i]->listed = (is_array($whiteList) && array_key_exists($obj->taskid, $whiteList) )?$whiteList[$obj->taskid]:null; $i++; } $this->db->free($resql); diff --git a/htdocs/timesheet/class/TimesheetFavourite.class.php b/htdocs/timesheet/class/TimesheetFavourite.class.php index cc25fd3..410e482 100644 --- a/htdocs/timesheet/class/TimesheetFavourite.class.php +++ b/htdocs/timesheet/class/TimesheetFavourite.class.php @@ -319,7 +319,7 @@ public function update($notrigger = 0) */ public function getNomUrl($htmlcontent, $id = 0, $ref = '', $withpicto = 0) { - global $langs; + global $langs, $token; $result = ''; if (empty($ref) && $id == 0) { if (!empty($this->id)) { @@ -335,7 +335,7 @@ public function getNomUrl($htmlcontent, $id = 0, $ref = '', $withpicto = 0) .'/timesheet/timesheetFavouriteAdmin.php?id='.$id.'&action=view">'; } elseif (!empty($ref)) { $lien = ''; + .'/timesheet/timesheetFavouriteAdmin.php?ref='.$ref.'&action=view"&token='.$token.'>'; } else{ $lien = ""; } diff --git a/htdocs/timesheet/class/TimesheetTask.class.php b/htdocs/timesheet/class/TimesheetTask.class.php index 6d9822d..e25aec2 100644 --- a/htdocs/timesheet/class/TimesheetTask.class.php +++ b/htdocs/timesheet/class/TimesheetTask.class.php @@ -569,7 +569,7 @@ public function getActuals($timeStart = 0, $timeEnd = 0, $userid = 0) $sql .= " FROM ".MAIN_DB_PREFIX."projet_task_time AS ptt"; $sql .= " WHERE "; if ($this->id == -1 && is_array($this->exclusionlist)){ - $sql .= " ptt.fk_task not in '".implode("','",$this->exclusionlist)."' "; + $sql .= " ptt.fk_task not in ('".implode("','",$this->exclusionlist)."') "; $sql .= " AND (ptt.fk_user = '".$userid."') "; $sql .= " AND (DATE(ptt.task_datehour) >= '".$this->db->idate($timeStart)."') "; $sql .= " AND (DATE(ptt.task_datehour)<'".$this->db->idate($timeEnd)."')"; diff --git a/htdocs/timesheet/class/TimesheetUserTasks.class.php b/htdocs/timesheet/class/TimesheetUserTasks.class.php index c34effc..a56775a 100644 --- a/htdocs/timesheet/class/TimesheetUserTasks.class.php +++ b/htdocs/timesheet/class/TimesheetUserTasks.class.php @@ -561,7 +561,7 @@ public function fetchTaskTimesheet($userid = '') $tasksList[$i]->date_end_approval = $this->date_end; $tasksList[$i]->task_timesheet = $this->id; $tasksList[$i]->progress = $obj->progress; - $tasksList[$i]->listed = is_array($whiteList)?$whiteList[$obj->taskid]:null; + $tasksList[$i]->listed = (is_array($whiteList) && array_key_exists($obj->taskid, $whiteList) )?$whiteList[$obj->taskid]:null; // $tasksList[$i]->pStatus = $obj->p_status; $i++; @@ -845,12 +845,12 @@ public function getHTMLHeader($search = false) */ public function getHTMLFormHeader($ajax = false) { - global $langs, $conf; + global $langs, $conf, $token; $html = 'agenda->enabled && getConf('TIMESHEET_IMPORT_AGENDA')){ - $html .= ''.$langs->trans('ImportCalandar').''; + $html .= ''.$langs->trans('ImportCalandar').''; } return $html; } @@ -898,7 +898,7 @@ public function getHTMLFooter($ajax = false) */ public function getHTMLActions(){ - global $langs, $apflows; + global $langs, $apflows, $token; $html = '
'; $isOpenSatus = in_array($this->status, array(DRAFT, CANCELLED, REJECTED)); if ($isOpenSatus) { @@ -1053,7 +1053,7 @@ public function getHTMLPublicHolidayLines($ajax = false) * @param object $form form object * @return string HTML */ -public function getHTMLNavigation($optioncss, $ajax = false) +public function getHTMLNavigation($optioncss, $token, $ajax = false) { global $langs, $conf; $form = new Form($this->db); @@ -1068,7 +1068,7 @@ public function getHTMLNavigation($optioncss, $ajax = false) } if ($optioncss != '')$Nav .= '&optioncss='.$optioncss; $Nav .= '"> <<'.$langs->trans("Previous").' '."\n\t\t\n\t\t
'."\n\t\t\t"; if ($current!=0) { - $Nav .= 'trans("Previous").' '."\n\t\t"; } $Nav .= "\n\t\t\t"; - $Nav .= '
'."\n\t\t\t"; + $Nav .= ''."\n\t\t\t"; $Nav .= ''; $Nav .= $langs->trans("GoTo").': '.$htmlSelect."\n\t\t\t";; $Nav .= '
'."\n\t\t		\n\t\t\t"; if ($currenttrans("Next").' >>'; } diff --git a/htdocs/timesheet/TimesheetUserTasksAdmin.php b/htdocs/timesheet/TimesheetUserTasksAdmin.php index 4232b2c..a9ef2e2 100644 --- a/htdocs/timesheet/TimesheetUserTasksAdmin.php +++ b/htdocs/timesheet/TimesheetUserTasksAdmin.php @@ -295,7 +295,7 @@ function init_myfunc() $edit = 1; case 'delete'; if ($action == 'delete' && ($id>0 || $ref!="")) { - $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&id=' + $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&token='.$token.'&id=' .$id, $langs->trans('DeleteTimesheetuser'), $langs->trans('ConfirmDelete'), 'confirm_delete', '', 0, 1); if ($ret == 'html') print '
'; @@ -434,12 +434,12 @@ function init_myfunc() //if ($user->rights->Timesheetuser->edit) //{ print ''.$langs->trans('Update').''; + .'&action=edit&token='.$token.'" class = "butAction">'.$langs->trans('Update').''; //} //if ($user->rights->Timesheetuser->delete) //{ print ''.$langs->trans('Delete').''; + .$id.'&action=delete&token='.$token.'">'.$langs->trans('Delete').''; //} //else //{ @@ -494,7 +494,7 @@ function init_myfunc() break; case 'delete': if (($id>0 || $ref!='')) { - $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&id='.$id, $langs->trans('DeleteTimesheetuser'), $langs->trans('ConfirmDelete'), 'confirm_delete', '', 0, 1); + $ret = $form->form_confirm($PHP_SELF.'?action=confirm_delete&token='.$token.'&id='.$id, $langs->trans('DeleteTimesheetuser'), $langs->trans('ConfirmDelete'), 'confirm_delete', '', 0, 1); if ($ret == 'html') print '
'; //to have the object to be deleted in the background } @@ -630,7 +630,7 @@ function init_myfunc() print "		".print_generic('user', 'rowid', $obj->fk_userid, 'lastname', 'firstname', ' ')."".dol_print_date($obj->date_start, 'day')."".$langs->trans(strtolower($statusA[$obj->status]))."'.img_delete().''.img_delete().'
\n\t\t\t"; - $Nav .= ''."\n\t\t\t"; + $Nav .= ''."\n\t\t\t"; //FIXME should take token as input $token = getToken(); $Nav .= ''; @@ -1091,7 +1091,7 @@ public function getHTMLNavigation($optioncss, $ajax = false) */ public function getNomUrl($htmlcontent, $id = 0, $ref = '', $withpicto = 0) { - global $langs; + global $langs,$token; $result = ''; if (empty($ref) && $id == 0) { if (isset($this->id)) { @@ -1137,7 +1137,7 @@ public function getHTMLGetOtherUserTs($idsList, $selected, $admin) { global $langs; $form = new Form($this->db); - $HTML = ''; + $HTML = ''; if (!$admin) { $HTML .= $form->select_dolusers($selected, 'userid', 0, null, 0, $idsList); } else{ diff --git a/htdocs/timesheet/core/modules/modtimesheet.class.php b/htdocs/timesheet/core/modules/modtimesheet.class.php index 178040e..324ec45 100644 --- a/htdocs/timesheet/core/modules/modtimesheet.class.php +++ b/htdocs/timesheet/core/modules/modtimesheet.class.php @@ -54,7 +54,7 @@ public function __construct($db) $this->editor_name = 'Patrick Delcroix'; $this->editor_url = 'https://github.com/delcroip'; // Possible values for version are: 'development', 'experimental', 'dolibarr' or version - $this->version = '4.6.0'; + $this->version = '4.6.2'; // Key used in llx_cons table to save module status enabled/disabled(where timesheet is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); // Where to store the module in setup page(0=common, 1=interface, 2=others, 3=very specific)