diff --git a/htdocs/compta/bank/graph.php b/htdocs/compta/bank/graph.php
index 74d10b3171a053f7bf6992665d26a1db533d36bf..0279ffc052a11d310129b79c0e4bb47ecc87c9f4 100644
--- a/htdocs/compta/bank/graph.php
+++ b/htdocs/compta/bank/graph.php
@@ -89,7 +89,7 @@ else
// Calcul de $min et $max
$sql = "SELECT min(".$db->pdate("datev")."), max(".$db->pdate("datev").")";
$sql.= " FROM ".MAIN_DB_PREFIX."bank";
- if ($account) $sql.= " WHERE fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql.= " WHERE fk_account in (".$account.")";
$resql = $db->query($sql);
if ($resql)
{
@@ -111,12 +111,14 @@ else
if ($mode == 'standard')
{
// Chargement du tableau $amounts
- // \todo peut etre optimise en virant les date_format
$amounts = array();
$sql = "SELECT date_format(datev,'%Y%m%d'), sum(amount)";
$sql .= " FROM ".MAIN_DB_PREFIX."bank";
- $sql .= " WHERE date_format(datev,'%Y%m') = '".$year.$month."'";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ $monthnext=$month+1; $yearnext=$year;
+ if ($monthnext > 12) { $monthnext=1; $yearnext++; }
+ $sql .= " WHERE datev >= '".$year."-".$month."-01 00:00:00'";
+ $sql .= " AND datev < '".$yearnext."-".$monthnext."-01 00:00:00'";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%Y%m%d')";
$resql = $db->query($sql);
if ($resql)
@@ -141,7 +143,7 @@ else
$sql = "SELECT SUM(amount)";
$sql .= " FROM ".MAIN_DB_PREFIX."bank";
$sql .= " WHERE datev < '".$year."-".sprintf("%02s",$month)."-01'";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$resql = $db->query($sql);
if ($resql)
{
@@ -237,12 +239,12 @@ else
if ($mode == 'standard')
{
// Chargement du tableau $amounts
- // \todo peut etre optimise en virant les date_format
$amounts = array();
$sql = "SELECT date_format(datev,'%Y%m%d'), sum(amount)";
$sql .= " FROM ".MAIN_DB_PREFIX."bank";
- $sql .= " WHERE date_format(datev,'%Y') = '".$year."'";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ $sql .= " WHERE datev >= '".$year."-01-01 00:00:00'";
+ $sql .= " AND datev <= '".$year."-12-31 23:59:59'";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%Y%m%d')";
$resql = $db->query($sql);
if ($resql)
@@ -267,7 +269,7 @@ else
$sql = "SELECT sum(amount)";
$sql .= " FROM ".MAIN_DB_PREFIX."bank";
$sql .= " WHERE datev < '".$year."-01-01'";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$resql = $db->query($sql);
if ($resql)
{
@@ -356,11 +358,10 @@ else
if ($mode == 'showalltime')
{
// Chargement du tableau $amounts
- // \todo peut etre optimise en virant les date_format
$amounts = array();
$sql = "SELECT date_format(datev,'%Y%m%d'), sum(amount)";
$sql .= " FROM ".MAIN_DB_PREFIX."bank";
- if ($account) $sql .= " WHERE fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " WHERE fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%Y%m%d')";
$resql = $db->query($sql);
if ($resql)
@@ -463,7 +464,7 @@ else
$sql .= " WHERE datev >= '".$year."-".$month."-01 00:00:00'";
$sql .= " AND datev < '".$yearnext."-".$monthnext."-01 00:00:00'";
$sql .= " AND amount > 0";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%d')";
$resql = $db->query($sql);
if ($resql)
@@ -489,7 +490,7 @@ else
$sql .= " WHERE datev >= '".$year."-".$month."-01 00:00:00'";
$sql .= " AND datev < '".$yearnext."-".$monthnext."-01 00:00:00'";
$sql .= " AND amount < 0";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%d')";
$resql = $db->query($sql);
if ($resql)
@@ -561,7 +562,7 @@ else
$sql .= " WHERE datev >= '".$year."-01-01 00:00:00'";
$sql .= " AND datev <= '".$year."-12-31 23:59:59'";
$sql .= " AND amount > 0";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%m');";
$resql = $db->query($sql);
if ($resql)
@@ -585,7 +586,7 @@ else
$sql .= " WHERE datev >= '".$year."-01-01 00:00:00'";
$sql .= " AND datev <= '".$year."-12-31 23:59:59'";
$sql .= " AND amount < 0";
- if ($account) $sql .= " AND fk_account in (".$account.")";
+ if ($account && $_GET["option"]!='all') $sql .= " AND fk_account in (".$account.")";
$sql .= " GROUP BY date_format(datev,'%m')";
$resql = $db->query($sql);
if ($resql)
@@ -663,7 +664,17 @@ if ($account)
if (! eregi(',',$account))
{
$moreparam='&month='.$month.'&year='.$year.($mode=='showalltime'?'&mode=showalltime':'');
- print $form->showrefnav($acct,'ref','',1,'ref','ref','',$moreparam);
+ if ($_GET["option"]!='all')
+ {
+ $morehtml='<a href="'.$_SERVER["PHP_SELF"].'?account='.$account.'&option=all'.$moreparam.'">'.$langs->trans("ShowAllAccounts").'</a>';
+ print $form->showrefnav($acct,'ref','',1,'ref','ref','',$moreparam);
+ }
+ else
+ {
+ $morehtml='<a href="'.$_SERVER["PHP_SELF"].'?account='.$account.$moreparam.'">'.$langs->trans("BackToAccount").'</a>';
+ print $langs->trans("All");
+ //print $morehtml;
+ }
}
else
{
@@ -680,14 +691,14 @@ if ($account)
}
else
{
- print $langs->trans("ALL");
+ print $langs->trans("All");
}
print '</td></tr>';
// Label
print '<tr><td valign="top">'.$langs->trans("Label").'</td>';
print '<td colspan="3">';
-if ($account)
+if ($account && $_GET["option"]!='all')
{
print $acct->label;
}
@@ -699,10 +710,24 @@ print '</td></tr>';
print '</table>';
-print '<br>';
+print '<table class="notopnoleftnoright" width="100%">';
+// Navigation links
+print '<tr><td align="right">'.$morehtml.' ';
+if ($mode == 'showalltime')
+{
+ print '<a href="'.$_SERVER["PHP_SELF"].'?account='.$account.'">';
+ print $langs->trans("GoBack");
+ print '</a>';
+}
+else
+{
+ print '<a href="'.$_SERVER["PHP_SELF"].'?mode=showalltime&account='.$account.'">';
+ print $langs->trans("ShowAllTimeBalance");
+ print '</a>';
+}
+print '<br><br></td></tr>';
-print '<table class="notopnoleftnoright" width="100%">';
if ($mode == 'standard')
{
@@ -748,24 +773,6 @@ if ($mode == 'showalltime')
print '</td></tr>';
}
-// Switch All time/Not all time
-if ($mode == 'showalltime')
-{
- print '<tr><td align="center"><br>';
- print '<a href="'.$_SERVER["PHP_SELF"].'?account='.$account.'">';
- print $langs->trans("GoBack");
- print '</a>';
- print '</td></tr>';
-}
-else
-{
- print '<tr><td align="center"><br>';
- print '<a href="'.$_SERVER["PHP_SELF"].'?mode=showalltime&account='.$account.'">';
- print $langs->trans("ShowAllTimeBalance");
- print '</a>';
- print '</td></tr>';
-}
-
print '</table>';
print "\n</div>\n";
@@ -774,5 +781,4 @@ print "\n</div>\n";
$db->close();
llxFooter('$Date$ - $Revision$');
-
?>
diff --git a/htdocs/install/inc.php b/htdocs/install/inc.php
index be08f68a6e2f65227eff35f65d72de737a44a68c..1b2285cb5bc5485d48214055dfaa7bd58e16cfd7 100644
--- a/htdocs/install/inc.php
+++ b/htdocs/install/inc.php
@@ -32,8 +32,8 @@ require_once('../lib/admin.lib.php');
// DOL_DOCUMENT_ROOT has been defined in function.inc.php to '..'
-// Define REQUEST["logtohtml"]
-$REQUEST["logtohtml"]=1;
+// Define $_REQUEST["logtohtml"]
+$_REQUEST["logtohtml"]=1;
// Correction PHP_SELF (ex pour apache via caudium) car PHP_SELF doit valoir URL relative
// et non path absolu.
diff --git a/htdocs/lib/databases/mysql.lib.php b/htdocs/lib/databases/mysql.lib.php
index bdb26a02fd5a6fa755efbe30e3b44f7e6d4f63fa..4d2146d744c77fc4c2694026d2cda554c6eae154 100644
--- a/htdocs/lib/databases/mysql.lib.php
+++ b/htdocs/lib/databases/mysql.lib.php
@@ -85,12 +85,9 @@ class DoliDb
{
global $conf,$langs;
- if (isset($conf->db->character_set) && $conf->db->character_set) {
- $this->forcecharset=$conf->db->character_set;
- }
- if (isset($conf->db->dolibarr_main_db_collation) && $conf->db->dolibarr_main_db_collation) {
- $this->forcecollate=$conf->db->dolibarr_main_db_collation;
- }
+ if (! empty($conf->db->character_set)) $this->forcecharset=$conf->db->character_set;
+ if (! empty($conf->db->dolibarr_main_db_collation)) $this->forcecollate=$conf->db->dolibarr_main_db_collation;
+
$this->database_user=$user;
$this->transaction_opened=0;
@@ -199,6 +196,7 @@ class DoliDb
*/
function select_db($database)
{
+ dolibarr_syslog("DoliDB::select_db database=".$database, LOG_DEBUG);
return mysql_select_db($database, $this->db);
}
diff --git a/htdocs/lib/databases/mysqli.lib.php b/htdocs/lib/databases/mysqli.lib.php
index 7b83536ac85e368b8b05b44fe15b1ca1ae0b619e..c9de3662945ee62cfc4564bd3eb8264b1d5c9b0c 100644
--- a/htdocs/lib/databases/mysqli.lib.php
+++ b/htdocs/lib/databases/mysqli.lib.php
@@ -85,12 +85,9 @@ class DoliDb
{
global $conf,$langs;
- if (isset($conf->db->character_set) && $conf->db->character_set) {
- $this->forcecharset=$conf->db->character_set;
- }
- if (isset($conf->db->dolibarr_main_db_collation) && $conf->db->dolibarr_main_db_collation) {
- $this->forcecollate=$conf->db->dolibarr_main_db_collation;
- }
+ if (! empty($conf->db->character_set)) $this->forcecharset=$conf->db->character_set;
+ if (! empty($conf->db->dolibarr_main_db_collation)) $this->forcecollate=$conf->db->dolibarr_main_db_collation;
+
$this->database_user=$user;
$this->transaction_opened=0;
@@ -201,6 +198,7 @@ class DoliDb
*/
function select_db($database)
{
+ dolibarr_syslog("DoliDB::select_db database=".$database, LOG_DEBUG);
return mysqli_select_db($this->db,$database);
}
diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index a19f9f14501167826ce60ffb5b5938c32b8ba6f4..f90d6754ddc8e04c08b17453c984d774e6896839 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -180,14 +180,15 @@ function dolibarr_syslog($message, $level=LOG_INFO)
*/
function dol_syslog($message, $level=LOG_INFO)
{
- global $conf,$user,$langs,$REQUEST;
+ global $conf,$user,$langs,$_REQUEST;
// If adding log inside HTML page is required
- if (! empty($REQUEST['logtohtml']))
+ /* Disabled because this is a security hole
+ if (! empty($_REQUEST['logtohtml']))
{
$conf->logbuffer[]=strftime("%Y-%m-%d %H:%M:%S",time())." ".$message;
-
}
+ */
// If syslog module enabled
if (! empty($conf->syslog->enabled))
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index c8e37b28bde23d24acc28b57f5ff5cf055942fec..54e45277c235a3b2b66815361074befc4e68d588 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -979,11 +979,11 @@ function printSearchForm($urlaction,$urlobject,$title,$htmlmodesearch='search',$
/**
- * \brief Impression du pied de page DIV + BODY + HTML
- * \remarks Ferme 2 div
- * \param foot Non utilise
+ * \brief Show HTML footer DIV + BODY + HTML
+ * \remarks Close 2 div
+ * \param foot Not used
+ * \param limitIEbug Not used
*/
-
function llxFooter($foot='',$limitIEbug=1)
{
global $conf, $dolibarr_auto_user, $micro_start_time;
@@ -1005,8 +1005,7 @@ function llxFooter($foot='',$limitIEbug=1)
{
print ' - Zend encoded file: '.(zend_loader_file_encoded()?'yes':'no');
}
- print '"</script>';
- print "\n";
+ print '"</script>'."\n";
}
if ($conf->use_javascript_ajax)
@@ -1017,7 +1016,22 @@ function llxFooter($foot='',$limitIEbug=1)
// Juste pour eviter bug IE qui reorganise mal div precedents si celui-ci absent
if ($limitIEbug && ! $conf->browser->firefox) print "\n".'<div class="tabsAction"> </div>'."\n";
- print "</body>\n";
+ // If there is some logs in buffer to show
+ if (sizeof($conf->logbuffer))
+ {
+ print "\n";
+ print "<!-- Start of log output\n";
+ //print '<div class="hidden">'."\n";
+ foreach($conf->logbuffer as $logline)
+ {
+ print $logline."<br>\n";
+ }
+ //print '</div>'."\n";
+ print "End of log output -->\n";
+ }
+
+ print "\n";
+ print "</body>\n";
print "</html>\n";
}