Merge remote-tracking branch 'origin/3.9' into develop

Conflicts:
	htdocs/core/lib/files.lib.php

htdocs/bookmarks/card.php

@@ -70,7 +70,9 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
 	}
 
 	if ($action == 'update') $bookmark->fetch($_POST["id"]);
-	$bookmark->fk_user=$userid;
+	// Check if null because user not admin can't set an user and send empty value here.
+	if(!empty($userid))
+		$bookmark->fk_user=$userid;
 	$bookmark->title=$title;
 	$bookmark->url=$url;
 	$bookmark->target=$target;

htdocs/comm/index.php

@@ -194,6 +194,7 @@ if (! empty($conf->propal->enabled) && $user->rights->propal->lire)
 		}
 		else
 		{
+			$var=!$var;
 			print '<tr colspan="3" '.$bc[$var].'><td>'.$langs->trans("NoProposal").'</td></tr>';
 		}
 		print "</table><br>";
@@ -273,6 +274,7 @@ if (! empty($conf->commande->enabled) && $user->rights->commande->lire)
 		}
 		else
 		{
+			$var=!$var;
 			print '<tr colspan="3" '.$bc[$var].'><td>'.$langs->trans("NoOrder").'</td></tr>';
 		}
 		print "</table><br>";
@@ -353,6 +355,7 @@ if (! empty($conf->fournisseur->enabled) && $user->rights->fournisseur->commande
         }
         else
         {
+			$var=!$var;
             print '<tr colspan="3" '.$bc[$var].'><td>'.$langs->trans("NoSupplierOrder").'</td></tr>';
         }
         print "</table><br>";

htdocs/core/class/html.form.class.php

@@ -1890,7 +1890,7 @@ class Form
             $sql.= " WHERE fk_product='".$objp->rowid."'";
             $sql.= " AND entity IN (".getEntity('productprice', 1).")";
             $sql.= " AND price_level=".$price_level;
-            $sql.= " ORDER BY date_price";
+            $sql.= " ORDER BY date_price, rowid";
             $sql.= " DESC LIMIT 1";
 
             dol_syslog(get_class($this).'::constructProductListOption search price for level '.$price_level.'', LOG_DEBUG);

htdocs/core/lib/files.lib.php

@@ -1466,6 +1466,8 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio
 				$resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destpath, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles);
 				if (is_numeric($resupload) && $resupload > 0)
 				{
+					global $maxwidthsmall, $maxheightsmall, $maxwidthmini, $maxheightmini;
+				
 					include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';
 					if (empty($donotupdatesession))
 					{
@@ -1477,10 +1479,10 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio
 					{
 						// Create small thumbs for image (Ratio is near 16/9)
 						// Used on logon for example
-						$imgThumbSmall = vignette($destpath, 160, 120, '_small', 50, "thumbs");
+						$imgThumbSmall = vignette($destpath, $maxwidthsmall, $maxheigthsmall, '_small', 50, "thumbs");
 						// Create mini thumbs for image (Ratio is near 16/9)
 						// Used on menu or for setup page for example
-						$imgThumbMini = vignette($destpath, 160, 120, '_mini', 50, "thumbs");
+						$imgThumbMini = vignette($destpath, $maxwidthmini, $maxheightmini, '_mini', 50, "thumbs");
 					}
 	
 					setEventMessages($langs->trans("FileTransferComplete"), null, 'mesgs');

htdocs/core/lib/functions.lib.php

@@ -3963,7 +3963,9 @@ function get_exdir($num,$level,$alpha,$withoutslash,$object,$modulepart)
 
 	$path = '';
 
-	if (! empty($level) && in_array($modulepart, array('cheque','user','category','holiday','shipment', 'member','don','donation','supplier_invoice','invoice_supplier','mailing')))
+	$arrayforoldpath=array('cheque','user','category','holiday','shipment', 'member','don','donation','supplier_invoice','invoice_supplier','mailing');
+	if (! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) $arrayforoldpath[]='product';	
+	if (! empty($level) && in_array($modulepart, $arrayforoldpath))
 	{
 		// This part should be removed once all code is using "get_exdir" to forge path, with all parameters provided
 		if (empty($alpha)) $num = preg_replace('/([^0-9])/i','',$num);

htdocs/core/modules/contract/doc/pdf_strato.modules.php

@@ -254,7 +254,7 @@ class pdf_strato extends ModelePDFContract
 				{
 					$objectligne = $object->lines[$i];
 
-					$valide = $objectligne->id ? $objectligne->fetch($objectligne->id) : 0;
+					$valide = $objectligne->id ? 1 : 0;
 
 					if ($valide > 0 || $object->specimen)
 					{

htdocs/expensereport/list.php

@@ -335,10 +335,12 @@ if ($resql)
 
 	print "</form>";
 
+	/*
 	print '<div class="tabsAction">';
 	print '<a href="'.dol_buildpath('/expensereport/card.php',1).'?action=create" class="butAction">'.$langs->trans("NewTrip").'</a>';
 	print '</div>';
-
+	*/
+	
 	$db->free($resql);
 }
 else

htdocs/fourn/commande/card.php

@@ -2,7 +2,7 @@
 /* Copyright (C) 2004-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2015 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005      Eric	Seigne          <eric.seigne@ryxeo.com>
- * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
+ * Copyright (C) 2005-2016 Regis Houssin        <regis.houssin@capnetworks.com>
  * Copyright (C) 2010-2015 Juanjo Menent        <jmenent@2byte.es>
  * Copyright (C) 2011-2015 Philippe Grand       <philippe.grand@atoo-net.com>
  * Copyright (C) 2012      Marcos García        <marcosgdf@gmail.com>
@@ -722,7 +722,8 @@ if (empty($reshook))
 	    $result = $object->commande($user, $_REQUEST["datecommande"],	$_REQUEST["methode"], $_REQUEST['comment']);
 	    if ($result > 0)
 	    {
-	        if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) {
+	        if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) 
+	        {
 	            $outputlangs = $langs;
 	            $newlang = '';
 	            if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id')) $newlang = GETPOST('lang_id','alpha');

htdocs/holiday/card.php

@@ -136,6 +136,8 @@ if ($action == 'create')
 
 	    $result = 0;
 
+	    $result = 0;
+	    
 	    if (! $error)
 	    {
     	    $cp->fk_user = $userid;
@@ -300,8 +302,10 @@ if ($action == 'confirm_send')
     $cp = new Holiday($db);
     $cp->fetch($id);
 
+    $canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
+    
     // Si brouillon et créateur
-    if($cp->statut == 1 && $user->id == $cp->fk_user)
+    if($cp->statut == 1 && $canedit)
     {
         $cp->statut = 2;
 
@@ -955,7 +959,7 @@ else
                 }
 
                 // Si envoi en validation
-                if ($action == 'sendToValidate' && $cp->statut == 1 && $user->id == $cp->fk_user)
+                if ($action == 'sendToValidate' && $cp->statut == 1)
                 {
                     print $form->formconfirm("card.php?id=".$id,$langs->trans("TitleToValidCP"),$langs->trans("ConfirmToValidCP"),"confirm_send", '', 1, 1);
                 }

htdocs/holiday/list.php

@@ -191,7 +191,6 @@ if (!empty($sall))
 
 if (empty($user->rights->holiday->read_all)) $filter.=' AND cp.fk_user IN ('.join(',',$childids).')';
 
-
 // Récupération de l'ID de l'utilisateur
 $user_id = $user->id;
 
@@ -436,13 +435,13 @@ if($holiday_payes == '2')
 print '</table>';
 print '</form>';
 
-if ($user_id == $user->id)
+/*if ($user_id == $user->id)
 {
 	print '<br>';
 	print '<div style="float: right; margin-top: 8px;">';
 	print '<a href="./card.php?action=request" class="butAction">'.$langs->trans('AddCP').'</a>';
 	print '</div>';
-}
+}*/
 
 llxFooter();
 

htdocs/product/class/product.class.php

@@ -1675,7 +1675,7 @@ class Product extends CommonObject
 						$sql.= " WHERE entity IN (".getEntity('productprice', 1).")";
 						$sql.= " AND price_level=".$i;
 						$sql.= " AND fk_product = '".$this->id."'";
-						$sql.= " ORDER BY date_price DESC";
+						$sql.= " ORDER BY date_price, rowid DESC";
 						$sql.= " LIMIT 1";
 						$resql = $this->db->query($sql);
 						if ($resql)
@@ -1736,7 +1736,7 @@ class Product extends CommonObject
 					$sql.= " price_base_type, tva_tx, tosell, price_by_qty, rowid";
 					$sql.= " FROM ".MAIN_DB_PREFIX."product_price";
 					$sql.= " WHERE fk_product = '".$this->id."'";
-					$sql.= " ORDER BY date_price DESC";
+					$sql.= " ORDER BY date_price, rowid DESC";
 					$sql.= " LIMIT 1";
 					$resql = $this->db->query($sql);
 					if ($resql)

htdocs/product/price.php

@@ -1026,7 +1026,7 @@ $sql .= " WHERE fk_product = " . $object->id;
 $sql .= " AND p.entity IN (" . getEntity('productprice', 1) . ")";
 $sql .= " AND p.fk_user_author = u.rowid";
 if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql .= " AND p.price_level = " . $soc->price_level;
-$sql .= " ORDER BY p.date_price DESC, p.price_level ASC, p.rowid DESC";
+$sql .= " ORDER BY p.date_price, p.rowid DESC, p.price_level ASC";
 // $sql .= $db->plimit();
 
 $result = $db->query($sql);

htdocs/user/card.php

@@ -1786,7 +1786,7 @@ else
 
             // Photo
             print '<td align="center" valign="middle" width="25%" rowspan="'.$rowspan.'">';
-            print $form->showphoto('userphoto',$object,100,0,$caneditfield);
+            print $form->showphoto('userphoto',$object,100,0,$caneditfield,'photowithmargin','small');
             print '</td>';
 
             print '</tr>';

htdocs/user/class/user.class.php

@@ -296,6 +296,10 @@ class User extends CommonObject
 				$this->fk_member            = $obj->fk_member;
 				$this->fk_user        		= $obj->fk_user;
 
+				// Protection when module multicompany was set, admin was set to first entity and the module disabled,
+				// then this admin user must be admin for all entities.
+				if (empty($conf->multicompany->enabled) && $this->admin && $this->entity == 1) $this->entity = 0; 
+				
 				// Retreive all extrafield for thirdparty
 				// fetch optionals attributes and labels
 				require_once(DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php');