Merge remote-tracking branch 'origin/3.8' into 3.9

Conflicts:
	htdocs/fourn/commande/card.php
	htdocs/holiday/card.php
	htdocs/holiday/list.php
	htdocs/user/card.php

htdocs/bookmarks/card.php

@@ -70,7 +70,9 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
 	}
 
 	if ($action == 'update') $bookmark->fetch($_POST["id"]);
-	$bookmark->fk_user=$userid;
+	// Check if null because user not admin can't set an user and send empty value here.
+	if(!empty($userid))
+		$bookmark->fk_user=$userid;
 	$bookmark->title=$title;
 	$bookmark->url=$url;
 	$bookmark->target=$target;

htdocs/core/class/html.form.class.php

@@ -1890,7 +1890,7 @@ class Form
             $sql.= " WHERE fk_product='".$objp->rowid."'";
             $sql.= " AND entity IN (".getEntity('productprice', 1).")";
             $sql.= " AND price_level=".$price_level;
-            $sql.= " ORDER BY date_price";
+            $sql.= " ORDER BY date_price, rowid";
             $sql.= " DESC LIMIT 1";
 
             dol_syslog(get_class($this).'::constructProductListOption search price for level '.$price_level.'', LOG_DEBUG);

htdocs/core/lib/files.lib.php

@@ -1454,6 +1454,8 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio
 			if (is_numeric($resupload) && $resupload > 0)
 			{
 				include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';
+				global $maxwidthsmall, $maxheightsmall, $maxwidthmini, $maxheightmini;
+				
 				if (empty($donotupdatesession))
 				{
 					include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
@@ -1464,10 +1466,10 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio
 				{
 					// Create small thumbs for image (Ratio is near 16/9)
 					// Used on logon for example
-					$imgThumbSmall = vignette($destpath, 160, 120, '_small', 50, "thumbs");
+					$imgThumbSmall = vignette($destpath, $maxwidthsmall, $maxheigthsmall, '_small', 50, "thumbs");
 					// Create mini thumbs for image (Ratio is near 16/9)
 					// Used on menu or for setup page for example
-					$imgThumbMini = vignette($destpath, 160, 120, '_mini', 50, "thumbs");
+					$imgThumbMini = vignette($destpath, $maxwidthmini, $maxheightmini, '_mini', 50, "thumbs");
 				}
 
 				setEventMessages($langs->trans("FileTransferComplete"), null, 'mesgs');

htdocs/core/lib/functions.lib.php

@@ -3959,7 +3959,9 @@ function get_exdir($num,$level,$alpha,$withoutslash,$object,$modulepart)
 
 	$path = '';
 
-	if (! empty($level) && in_array($modulepart, array('cheque','user','category','holiday','shipment', 'member','don','donation','supplier_invoice','invoice_supplier','mailing')))
+	$arrayforoldpath=array('cheque','user','category','holiday','shipment', 'member','don','donation','supplier_invoice','invoice_supplier','mailing');
+	if (! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) $arrayforoldpath[]='product';	
+	if (! empty($level) && in_array($modulepart, $arrayforoldpath))
 	{
 		// This part should be removed once all code is using "get_exdir" to forge path, with all parameters provided
 		if (empty($alpha)) $num = preg_replace('/([^0-9])/i','',$num);

htdocs/fourn/commande/card.php

@@ -2,7 +2,7 @@
 /* Copyright (C) 2004-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2015 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005      Eric	Seigne          <eric.seigne@ryxeo.com>
- * Copyright (C) 2005-2012 Regis Houssin        <regis.houssin@capnetworks.com>
+ * Copyright (C) 2005-2016 Regis Houssin        <regis.houssin@capnetworks.com>
  * Copyright (C) 2010-2015 Juanjo Menent        <jmenent@2byte.es>
  * Copyright (C) 2011-2015 Philippe Grand       <philippe.grand@atoo-net.com>
  * Copyright (C) 2012      Marcos García        <marcosgdf@gmail.com>
@@ -722,7 +722,8 @@ if (empty($reshook))
 	    $result = $object->commande($user, $_REQUEST["datecommande"],	$_REQUEST["methode"], $_REQUEST['comment']);
 	    if ($result > 0)
 	    {
-	        if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) {
+	        if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) 
+	        {
 	            $outputlangs = $langs;
 	            $newlang = '';
 	            if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id')) $newlang = GETPOST('lang_id','alpha');

htdocs/holiday/card.php

@@ -136,6 +136,8 @@ if ($action == 'create')
 
 	    $result = 0;
 
+	    $result = 0;
+	    
 	    if (! $error)
 	    {
     	    $cp->fk_user = $userid;
@@ -300,8 +302,10 @@ if ($action == 'confirm_send')
     $cp = new Holiday($db);
     $cp->fetch($id);
 
+    $canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
+    
     // Si brouillon et créateur
-    if($cp->statut == 1 && $user->id == $cp->fk_user)
+    if($cp->statut == 1 && $canedit)
     {
         $cp->statut = 2;
 
@@ -955,7 +959,7 @@ else
                 }
 
                 // Si envoi en validation
-                if ($action == 'sendToValidate' && $cp->statut == 1 && $user->id == $cp->fk_user)
+                if ($action == 'sendToValidate' && $cp->statut == 1)
                 {
                     print $form->formconfirm("card.php?id=".$id,$langs->trans("TitleToValidCP"),$langs->trans("ConfirmToValidCP"),"confirm_send", '', 1, 1);
                 }

htdocs/holiday/list.php

@@ -191,7 +191,6 @@ if (!empty($sall))
 
 if (empty($user->rights->holiday->read_all)) $filter.=' AND cp.fk_user IN ('.join(',',$childids).')';
 
-
 // Récupération de l'ID de l'utilisateur
 $user_id = $user->id;
 

htdocs/product/class/product.class.php

@@ -1673,7 +1673,7 @@ class Product extends CommonObject
 						$sql.= " WHERE entity IN (".getEntity('productprice', 1).")";
 						$sql.= " AND price_level=".$i;
 						$sql.= " AND fk_product = '".$this->id."'";
-						$sql.= " ORDER BY date_price DESC";
+						$sql.= " ORDER BY date_price, rowid DESC";
 						$sql.= " LIMIT 1";
 						$resql = $this->db->query($sql);
 						if ($resql)
@@ -1734,7 +1734,7 @@ class Product extends CommonObject
 					$sql.= " price_base_type, tva_tx, tosell, price_by_qty, rowid";
 					$sql.= " FROM ".MAIN_DB_PREFIX."product_price";
 					$sql.= " WHERE fk_product = '".$this->id."'";
-					$sql.= " ORDER BY date_price DESC";
+					$sql.= " ORDER BY date_price, rowid DESC";
 					$sql.= " LIMIT 1";
 					$resql = $this->db->query($sql);
 					if ($resql)

htdocs/product/price.php

@@ -1026,7 +1026,7 @@ $sql .= " WHERE fk_product = " . $object->id;
 $sql .= " AND p.entity IN (" . getEntity('productprice', 1) . ")";
 $sql .= " AND p.fk_user_author = u.rowid";
 if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql .= " AND p.price_level = " . $soc->price_level;
-$sql .= " ORDER BY p.date_price DESC, p.price_level ASC, p.rowid DESC";
+$sql .= " ORDER BY p.date_price, p.rowid DESC, p.price_level ASC";
 // $sql .= $db->plimit();
 
 $result = $db->query($sql);

htdocs/user/card.php

@@ -1786,7 +1786,7 @@ else
 
             // Photo
             print '<td align="center" valign="middle" width="25%" rowspan="'.$rowspan.'">';
-            print $form->showphoto('userphoto',$object,100,0,$caneditfield);
+            print $form->showphoto('userphoto',$object,100,0,$caneditfield,'photowithmargin','small');
             print '</td>';
 
             print '</tr>';

htdocs/user/class/user.class.php

@@ -296,6 +296,10 @@ class User extends CommonObject
 				$this->fk_member            = $obj->fk_member;
 				$this->fk_user        		= $obj->fk_user;
 
+				// Protection when module multicompany was set, admin was set to first entity and the module disabled,
+				// then this admin user must be admin for all entities.
+				if (empty($conf->multicompany->enabled) && $this->admin && $this->entity == 1) $this->entity = 0; 
+				
 				// Retreive all extrafield for thirdparty
 				// fetch optionals attributes and labels
 				require_once(DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php');