diff --git a/htdocs/accountancy/admin/account.php b/htdocs/accountancy/admin/account.php index c9849f9f54f..a9e0a5dc509 100644 --- a/htdocs/accountancy/admin/account.php +++ b/htdocs/accountancy/admin/account.php @@ -51,14 +51,14 @@ $confirm = GETPOST('confirm', 'alpha'); $chartofaccounts = GETPOST('chartofaccounts', 'int'); -$permissiontoadd = $user->rights->accounting->chartofaccount; -$permissiontodelete = $user->rights->accounting->chartofaccount; +$permissiontoadd = !empty($user->rights->accounting->chartofaccount); +$permissiontodelete = !empty($user->rights->accounting->chartofaccount); // Security check if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -438,43 +438,37 @@ if ($resql) { print $searchpicto; print ''; print ''; - $totalarray = array(); print ''; if (!empty($arrayfields['aa.account_number']['checked'])) { print_liste_field_titre($arrayfields['aa.account_number']['label'], $_SERVER["PHP_SELF"], "aa.account_number", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.label']['checked'])) { print_liste_field_titre($arrayfields['aa.label']['label'], $_SERVER["PHP_SELF"], "aa.label", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.labelshort']['checked'])) { print_liste_field_titre($arrayfields['aa.labelshort']['label'], $_SERVER["PHP_SELF"], "aa.labelshort", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.account_parent']['checked'])) { print_liste_field_titre($arrayfields['aa.account_parent']['label'], $_SERVER["PHP_SELF"], "aa.account_parent", "", $param, '', $sortfield, $sortorder, 'left '); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.pcg_type']['checked'])) { print_liste_field_titre($arrayfields['aa.pcg_type']['label'], $_SERVER["PHP_SELF"], 'aa.pcg_type,aa.account_number', '', $param, '', $sortfield, $sortorder, '', $arrayfields['aa.pcg_type']['help'], 1); - $totalarray['nbfield']++; } if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { if (!empty($arrayfields['aa.reconcilable']['checked'])) { print_liste_field_titre($arrayfields['aa.reconcilable']['label'], $_SERVER["PHP_SELF"], 'aa.reconcilable', '', $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } } if (!empty($arrayfields['aa.active']['checked'])) { print_liste_field_titre($arrayfields['aa.active']['label'], $_SERVER["PHP_SELF"], 'aa.active', '', $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); print "\n"; $accountstatic = new AccountingAccount($db); $accountparent = new AccountingAccount($db); + $totalarray = array(); + $totalarray['nbfield'] = 0; $i = 0; while ($i < min($num, $limit)) { diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index f19afb12899..97a460beaac 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -78,7 +78,7 @@ $search_country_id = GETPOST('search_country_id', 'int'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/card.php b/htdocs/accountancy/admin/card.php index 4d69eae7db8..9430bf33439 100644 --- a/htdocs/accountancy/admin/card.php +++ b/htdocs/accountancy/admin/card.php @@ -48,7 +48,7 @@ $label = GETPOST('label', 'alpha'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/closure.php b/htdocs/accountancy/admin/closure.php index 8efb869ffaf..437ff1b7116 100644 --- a/htdocs/accountancy/admin/closure.php +++ b/htdocs/accountancy/admin/closure.php @@ -109,7 +109,7 @@ foreach ($list_account_main as $key) { print ''; // Value print ''; // Do not force class=right, or it align also the content of the select box - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); print ''; print ''; } diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 061752c11c5..5d78036159a 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -186,7 +186,7 @@ foreach ($list_account as $key) { print ''.$label.''; // Value print ''; // Do not force class=right, or it align also the content of the select box - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 'accounts'); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 'accounts'); print ''; print ''; } diff --git a/htdocs/accountancy/admin/fiscalyear.php b/htdocs/accountancy/admin/fiscalyear.php index 4338d7ad803..44c5309f531 100644 --- a/htdocs/accountancy/admin/fiscalyear.php +++ b/htdocs/accountancy/admin/fiscalyear.php @@ -52,7 +52,7 @@ $langs->loadLangs(array("admin", "compta")); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { // If we can read accounting records, we should be able to see fiscal year. +if (empty($user->rights->accounting->fiscalyear->write)) { // If we can read accounting records, we should be able to see fiscal year. accessforbidden(); } diff --git a/htdocs/accountancy/admin/fiscalyear_info.php b/htdocs/accountancy/admin/fiscalyear_info.php index d472350fab7..77ec988143a 100644 --- a/htdocs/accountancy/admin/fiscalyear_info.php +++ b/htdocs/accountancy/admin/fiscalyear_info.php @@ -33,7 +33,7 @@ $langs->loadLangs(array("admin", "compta")); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { +if (empty($user->rights->accounting->fiscalyear->write)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/productaccount.php b/htdocs/accountancy/admin/productaccount.php index a842c294937..b3d6ac87780 100644 --- a/htdocs/accountancy/admin/productaccount.php +++ b/htdocs/accountancy/admin/productaccount.php @@ -41,7 +41,7 @@ $langs->loadLangs(array("companies", "compta", "accountancy", "products")); if (empty($conf->accounting->enabled)) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/subaccount.php b/htdocs/accountancy/admin/subaccount.php index c3308393c27..26c02de3467 100644 --- a/htdocs/accountancy/admin/subaccount.php +++ b/htdocs/accountancy/admin/subaccount.php @@ -46,7 +46,7 @@ $search_type = GETPOST('search_type', 'int'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index ed3c69c18bc..50116b94b23 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -1,10 +1,10 @@ - * Copyright (C) 2013-2020 Alexandre Spangaro - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Alexandre Spangaro + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2015 Ari Elbaz (elarifr) - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -738,10 +738,11 @@ class AccountingAccount extends CommonObject * @param Facture $facture Facture * @param FactureLigne $factureDet Facture Det * @param array $accountingAccount array of Account account + * @param string $type Customer / Supplier * * @return array Accounting accounts suggested */ - public function getAccountingCodeToBind(Societe $buyer, $seller, Product $product, Facture $facture, FactureLigne $factureDet, $accountingAccount = array()) + public function getAccountingCodeToBind(Societe $buyer, $seller, Product $product, Facture $facture, FactureLigne $factureDet, $accountingAccount = array(), $type = '') { global $conf; global $hookmanager; @@ -750,84 +751,116 @@ class AccountingAccount extends CommonObject $hookmanager->initHooks(array('accoutancyBindingCalculation')); // Execute hook accoutancyBindingCalculation - $parameters = array('buyer' => $buyer, 'seller' => $seller, 'product' => $product, 'facture' => $facture, 'factureDet' => $factureDet ,'accountingAccount'=>$accountingAccount); + $parameters = array('buyer' => $buyer, 'seller' => $seller, 'product' => $product, 'facture' => $facture, 'factureDet' => $factureDet ,'accountingAccount'=>$accountingAccount, $type); $reshook = $hookmanager->executeHooks('accoutancyBindingCalculation', $parameters); // Note that $action and $object may have been modified by some hooks if (empty($reshook)) { + if ($type=='customer') { + $const_name = "SOLD"; + } elseif ($type=='supplier') { + $const_name = "BUY"; + } + require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php'; $isBuyerInEEC = isInEEC($buyer); $isSellerInEEC = isInEEC($seller); - $code_sell_l = ''; - $code_sell_p = ''; - $code_sell_t = ''; + $code_l = ''; + $code_p = ''; + $code_t = ''; $suggestedid = ''; // Level 1: Search suggested default account for product/service $suggestedaccountingaccountbydefaultfor = ''; if ($factureDet->product_type == 1) { if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = ''; } else { if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithvat'; } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber'; } elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_INTRA_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_INTRA_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eec'; } else { // Foreign sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_EXPORT_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_EXPORT_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'export'; } } } elseif ($factureDet->product_type == 0) { if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = ''; } else { if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithvat'; } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber'; } elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_INTRA_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_INTRA_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eec'; } else { - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_EXPORT_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_EXPORT_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'export'; } } } - if ($code_sell_l == -1) { - $code_sell_l = ''; + if ($code_l == -1) { + $code_l = ''; } // Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding) $suggestedaccountingaccountfor = ''; - if ((($buyer->country_code == $seller->country_code) || empty($buyer->country_code)) && !empty($product->accountancy_code_sell)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_p = $product->accountancy_code_sell; + if ((($buyer->country_code == $seller->country_code) || empty($buyer->country_code))) { + // If buyer in same country than seller (if not defined, we assume it is same country) + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; $suggestedaccountingaccountfor = 'prodserv'; } else { - if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0 && !empty($product->accountancy_code_sell)) { // European intravat sale, but with VAT - $code_sell_p = $product->accountancy_code_sell; + if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { + // European intravat sale, but with VAT + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; $suggestedaccountingaccountfor = 'eecwithvat'; - } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra) && !empty($product->accountancy_code_sell)) { // European intravat sale, without VAT intra community number - $code_sell_p = $product->accountancy_code_sell; + } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { + // European intravat sale, without VAT intra community number + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; // There is a doubt for this case. Is it an error on vat or we just forgot to fill vat number ? $suggestedaccountingaccountfor = 'eecwithoutvatnumber'; - } elseif ($isSellerInEEC && $isBuyerInEEC && !empty($product->accountancy_code_sell_intra)) { // European intravat sale - $code_sell_p = $product->accountancy_code_sell_intra; + } elseif ($isSellerInEEC && $isBuyerInEEC && !empty($product->accountancy_code_sell_intra)) { + // European intravat sale + if ($type=='customer' && !empty($product->accountancy_code_sell_intra)) { + $code_p = $product->accountancy_code_sell_intra; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy_intra)) { + $code_p = $product->accountancy_code_buy_intra; + } $suggestedid = $accountingAccount['intra']; $suggestedaccountingaccountfor = 'eec'; - } elseif (!empty($product->accountancy_code_sell_export)) { // Foreign sale - $code_sell_p = $product->accountancy_code_sell_export; + } else { + // Foreign sale + // European intravat sale + if ($type=='customer' && !empty($product->accountancy_code_sell_export)) { + $code_p = $product->accountancy_code_sell_export; + } elseif ($type=='supplier' && !empty($product->accountancy_code_sell_export)) { + $code_p = $product->accountancy_code_sell_export; + } $suggestedid = $accountingAccount['export']; $suggestedaccountingaccountfor = 'export'; } @@ -836,7 +869,7 @@ class AccountingAccount extends CommonObject // Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding) if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { if (!empty($buyer->code_compta)) { - $code_sell_t = $buyer->code_compta; + $code_t = $buyer->code_compta; $suggestedid = $accountingAccount['thirdparty']; $suggestedaccountingaccountfor = 'thridparty'; } @@ -850,33 +883,33 @@ class AccountingAccount extends CommonObject return -1; } - $code_sell_l = $accountdeposittoventilated->ref; + $code_l = $accountdeposittoventilated->ref; $suggestedid = $accountdeposittoventilated->rowid; $suggestedaccountingaccountfor = 'deposit'; } - if (empty($suggestedid) && empty($code_sell_p) && !empty($code_sell_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { - if (empty($this->accountingaccount_codetotid_cache[$code_sell_l])) { + if (empty($suggestedid) && empty($code_p) && !empty($code_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { + if (empty($this->accountingaccount_codetotid_cache[$code_l])) { $tmpaccount = new self($this->db); - $result = $tmpaccount->fetch(0, $code_sell_l, 1); + $result = $tmpaccount->fetch(0, $code_l, 1); if ($result < 0) { return -1; } if ($tmpaccount->id > 0) { $suggestedid = $tmpaccount->id; } - $this->accountingaccount_codetotid_cache[$code_sell_l] = $tmpaccount->id; + $this->accountingaccount_codetotid_cache[$code_l] = $tmpaccount->id; } else { - $suggestedid = $this->accountingaccount_codetotid_cache[$code_sell_l]; + $suggestedid = $this->accountingaccount_codetotid_cache[$code_l]; } } return array( 'suggestedaccountingaccountbydefaultfor' => $suggestedaccountingaccountbydefaultfor, 'suggestedaccountingaccountfor' => $suggestedaccountingaccountfor, 'suggestedid' => $suggestedid, - 'code_sell_l' => $code_sell_l, - 'code_sell_p' => $code_sell_p, - 'code_sell_t' => $code_sell_t, + 'code_l' => $code_l, + 'code_p' => $code_p, + 'code_t' => $code_t, ); } else { if (is_array($hookmanager->resArray) && !empty($hookmanager->resArray)) { diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php index a7220d01a28..fdcc6f54ab3 100644 --- a/htdocs/accountancy/closure/index.php +++ b/htdocs/accountancy/closure/index.php @@ -63,7 +63,7 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { +if (empty($user->rights->accounting->fiscalyear->write)) { accessforbidden(); } diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index aa1abde5fa5..23958820b64 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -43,7 +43,7 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } @@ -73,12 +73,23 @@ $action = GETPOST('action', 'aZ09'); $chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version'); +// Security check +if (empty($conf->accounting->enabled)) { + accessforbidden(); +} +if ($user->socid > 0) { + accessforbidden(); +} +if (empty($user->rights->accounting->mouvements->lire)) { + accessforbidden(); +} + /* * Actions */ -if ($action == 'clean' || $action == 'validatehistory') { +if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) { // Clean database $db->begin(); $sql1 = "UPDATE ".MAIN_DB_PREFIX."facturedet as fd"; @@ -165,6 +176,7 @@ if ($action == 'validatehistory') { } dol_syslog('htdocs/accountancy/customer/index.php'); + $result = $db->query($sql); if (!$result) { $error++; @@ -209,7 +221,6 @@ if ($action == 'validatehistory') { $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; $product_static->tva_tx = $objp->tva_tx_prod; - $product_static->tva_tx = $objp->tva_tx_prod; $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; @@ -223,7 +234,7 @@ if ($action == 'validatehistory') { $facture_static_det->product_type = $objp->type_l; $facture_static_det->desc = $objp->description; - $accoutinAccountArray = array( + $accountingAccountArray = array( 'dom'=>$objp->aarowid, 'intra'=>$objp->aarowid_intra, 'export'=>$objp->aarowid_export, @@ -232,7 +243,7 @@ if ($action == 'validatehistory') { $code_sell_p_notset = ''; $code_sell_t_notset = ''; - $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray); + $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'customer'); if (!is_array($return) && $return<0) { setEventMessage($accountingAccount->error, 'errors'); } else { diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 97a885f97b9..24a64bac872 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -2,7 +2,7 @@ /* Copyright (C) 2013-2014 Olivier Geffroy * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014-2015 Ari Elbaz (elarifr) - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2016 Laurent Destailleur * @@ -192,10 +192,10 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) { dol_syslog("accountancy/customer/list.php", LOG_DEBUG); if ($db->query($sql)) { - $msg .= '
'.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; + $msg .= '
'.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; $ok++; } else { - $msg .= '
'.$langs->trans("ErrorDB").' : '.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("NotVentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'.$sql.'
'; + $msg .= '
'.$langs->trans("ErrorDB").' : '.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("NotVentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'.$sql.'
'; $ko++; } } @@ -554,7 +554,6 @@ if ($result) { $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; $product_static->tva_tx = $objp->tva_tx_prod; - $product_static->tva_tx = $objp->tva_tx_prod; $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; @@ -568,7 +567,7 @@ if ($result) { $facture_static_det->product_type = $objp->type_l; $facture_static_det->desc = $objp->description; - $accoutinAccountArray = array( + $accountingAccountArray = array( 'dom'=>$objp->aarowid, 'intra'=>$objp->aarowid_intra, 'export'=>$objp->aarowid_export, @@ -577,7 +576,7 @@ if ($result) { $code_sell_p_notset = ''; $code_sell_t_notset = ''; - $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray); + $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'customer'); if (!is_array($return) && $return<0) { setEventMessage($accountingAccount->error, 'errors'); } else { diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index 5e409f303ea..4147762aff4 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -1,7 +1,7 @@ - * Copyright (C) 2013-2014 Florian Henry - * Copyright (C) 2013-2020 Alexandre Spangaro + * Copyright (C) 2013-2021 Florian Henry + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014 Juanjo Menent * * This program is free software; you can redistribute it and/or modify @@ -29,6 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; +require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php'; // Load translation files required by the page $langs->loadLangs(array("compta", "bills", "other", "accountancy")); @@ -40,10 +41,11 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } +$accountingAccount = new AccountingAccount($db); $month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1); if (GETPOST("year", 'int')) { @@ -97,6 +99,7 @@ if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accou $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.$conf->global->CHARTOFACCOUNTS.' AND accnt.entity = '.$conf->entity.')'; $sql1 .= ' AND fd.fk_facture_fourn IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'facture_fourn WHERE entity = '.$conf->entity.')'; $sql1 .= ' AND fk_code_ventilation <> 0'; + dol_syslog("htdocs/accountancy/customer/index.php fixaccountancycode", LOG_DEBUG); $resql1 = $db->query($sql1); if (!$resql1) { @@ -163,7 +166,7 @@ if ($action == 'validatehistory') { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity; - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_product_perentity . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_societe_perentity . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity; $sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0"; $sql .= " AND l.product_type <= 2"; if (!empty($conf->global->ACCOUNTING_DATE_START_BINDING)) { @@ -181,27 +184,74 @@ if ($action == 'validatehistory') { $isBuyerInEEC = isInEEC($mysoc); + $thirdpartystatic = new Societe($db); + $facture_static = new FactureFournisseur($db); + $facture_static_det = new SupplierInvoiceLine($db); + $product_static = new Product($db); + $i = 0; while ($i < min($num_lines, 10000)) { // No more than 10000 at once $objp = $db->fetch_object($result); - $isSellerInEEC = isInEEC($objp); + $thirdpartystatic->id = $objp->socid; + $thirdpartystatic->name = $objp->name; + $thirdpartystatic->client = $objp->client; + $thirdpartystatic->fournisseur = $objp->fournisseur; + $thirdpartystatic->code_client = $objp->code_client; + $thirdpartystatic->code_compta_client = $objp->code_compta_client; + $thirdpartystatic->code_fournisseur = $objp->code_fournisseur; + $thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur; + $thirdpartystatic->email = $objp->email; + $thirdpartystatic->country_code = $objp->country_code; + $thirdpartystatic->tva_intra = $objp->tva_intra; + $thirdpartystatic->code_compta = $objp->company_code_sell; - // Level 2: Search suggested account for product/service (similar code exists in page list.php to make manual binding) - $suggestedaccountingaccountfor = ''; - if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_p = $objp->code_buy; - $objp->aarowid_suggest = $objp->aarowid; - $suggestedaccountingaccountfor = ''; + $product_static->ref = $objp->product_ref; + $product_static->id = $objp->product_id; + $product_static->type = $objp->type; + $product_static->label = $objp->product_label; + $product_static->status = $objp->status; + $product_static->status_buy = $objp->status_buy; + $product_static->accountancy_code_sell = $objp->code_sell; + $product_static->accountancy_code_sell_intra = $objp->code_sell_intra; + $product_static->accountancy_code_sell_export = $objp->code_sell_export; + $product_static->accountancy_code_buy = $objp->code_buy; + $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; + $product_static->accountancy_code_buy_export = $objp->code_buy_export; + $product_static->tva_tx = $objp->tva_tx_prod; + + $facture_static->ref = $objp->ref; + $facture_static->id = $objp->facid; + $facture_static->type = $objp->ftype; + $facture_static->datef = $objp->datef; + + $facture_static_det->id = $objp->rowid; + $facture_static_det->total_ht = $objp->total_ht; + $facture_static_det->tva_tx = $objp->tva_tx_line; + $facture_static_det->vat_src_code = $objp->vat_src_code; + $facture_static_det->product_type = $objp->type_l; + $facture_static_det->desc = $objp->description; + + $accountingAccountArray = array( + 'dom'=>$objp->aarowid, + 'intra'=>$objp->aarowid_intra, + 'export'=>$objp->aarowid_export, + 'thirdparty' =>$objp->aarowid_thirdparty); + + $code_buy_p_notset = ''; + $code_buy_t_notset = ''; + + $return = $accountingAccount->getAccountingCodeToBind($mysoc, $thirdpartystatic, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'supplier'); + if (!is_array($return) && $return<0) { + setEventMessage($accountingAccount->error, 'errors'); } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_p = $objp->code_buy_intra; - $objp->aarowid_suggest = $objp->aarowid_intra; - $suggestedaccountingaccountfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_p = $objp->code_buy_export; - $objp->aarowid_suggest = $objp->aarowid_export; - $suggestedaccountingaccountfor = 'export'; + $suggestedid=$return['suggestedid']; + $suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor']; + + if (!empty($suggestedid) && $suggestedaccountingaccountfor<>'') { + $suggestedid=$return['suggestedid']; + } else { + $suggestedid=0; } } @@ -216,8 +266,8 @@ if ($action == 'validatehistory') { if ($objp->aarowid_suggest > 0) { $sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det"; - $sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest); - $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $objp->rowid); + $sqlupdate .= " SET fk_code_ventilation = ".((int) $suggestedid); + $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $facture_static_det->id); $resqlupdate = $db->query($sqlupdate); if (!$resqlupdate) { diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index e02a1ab6b54..20230c7cfad 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -2,7 +2,7 @@ /* Copyright (C) 2013-2014 Olivier Geffroy * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014-2015 Ari Elbaz (elarifr) - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent s * Copyright (C) 2016 Laurent Destailleur * @@ -46,6 +46,7 @@ $massaction = GETPOST('massaction', 'alpha'); $show_files = GETPOST('show_files', 'int'); $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); +$optioncss = GETPOST('optioncss', 'alpha'); // Select Box $mesCasesCochees = GETPOST('toselect', 'array'); @@ -97,10 +98,7 @@ if (!$sortorder) { $hookmanager->initHooks(array('accountancysupplierlist')); $formaccounting = new FormAccounting($db); -$accounting = new AccountingAccount($db); -// TODO: we should need to check if result is a really exist accountaccount rowid..... -$aarowid_s = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT, 1); -$aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT, 1); +$accountingAccount = new AccountingAccount($db); $chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version'); @@ -522,9 +520,9 @@ if ($result) { $thirdpartystatic = new Societe($db); $facturefourn_static = new FactureFournisseur($db); + $facturefourn_static_det = new SupplierInvoiceLine($db); $product_static = new Product($db); - $isBuyerInEEC = isInEEC($mysoc); $accountingaccount_codetotid_cache = array(); @@ -547,6 +545,8 @@ if ($result) { $thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur; $thirdpartystatic->email = $objp->email; $thirdpartystatic->country_code = $objp->country_code; + $thirdpartystatic->tva_intra = $objp->tva_intra; + $thirdpartystatic->code_compta_fournisseur = $objp->company_code_buy; $product_static->ref = $objp->product_ref; $product_static->id = $objp->product_id; @@ -560,95 +560,63 @@ if ($result) { $product_static->accountancy_code_buy = $objp->code_buy; $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; + $product_static->tva_tx = $objp->tva_tx_prod; $facturefourn_static->ref = $objp->ref; $facturefourn_static->id = $objp->facid; $facturefourn_static->type = $objp->ftype; $facturefourn_static->label = $objp->invoice_label; + $facturefourn_static_det->id = $objp->rowid; + $facturefourn_static_det->total_ht = $objp->total_ht; + $facturefourn_static_det->tva_tx_line = $objp->tva_tx_line; + $facturefourn_static_det->vat_src_code = $objp->vat_src_code; + $facturefourn_static_det->product_type = $objp->type_l; + $facturefourn_static_det->desc = $objp->description; + $code_buy_p_notset = ''; $code_buy_t_notset = ''; $objp->aarowid_suggest = ''; // Will be set later - $isSellerInEEC = isInEEC($objp); + $accountingAccountArray = array( + 'dom'=>$objp->aarowid, + 'intra'=>$objp->aarowid_intra, + 'export'=>$objp->aarowid_export, + 'thirdparty' =>$objp->aarowid_thirdparty); - // Level 1: Search suggested default account for product/service - $suggestedaccountingaccountbydefaultfor = ''; - if ($objp->type_l == 1) { - if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = ''; - } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'export'; - } - } - } elseif ($objp->type_l == 0) { - if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = ''; - } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'eec'; - } else { - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'export'; - } - } - } - if ($objp->code_sell_l == -1) { - $objp->code_sell_l = ''; - } + $code_buy_p_notset = ''; + $code_buy_t_notset = ''; - // Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding) - $suggestedaccountingaccountfor = ''; - if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_p = $objp->code_buy; - $objp->aarowid_suggest = $objp->aarowid; - $suggestedaccountingaccountfor = ''; + $return=$accountingAccount->getAccountingCodeToBind($mysoc, $thirdpartystatic, $product_static, $facturefourn_static, $facturefourn_static_det, $accountingAccountArray, 'supplier'); + if (!is_array($return) && $return<0) { + setEventMessage($accountingAccount->error, 'errors'); } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_p = $objp->code_buy_intra; - $objp->aarowid_suggest = $objp->aarowid_intra; - $suggestedaccountingaccountfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_p = $objp->code_buy_export; - $objp->aarowid_suggest = $objp->aarowid_export; - $suggestedaccountingaccountfor = 'export'; - } + $suggestedid=$return['suggestedid']; + $suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor']; + $suggestedaccountingaccountbydefaultfor=$return['suggestedaccountingaccountbydefaultfor']; + $code_buy_l=$return['code_buy_l']; + $code_buy_p=$return['code_buy_p']; + $code_buy_t=$return['code_buy_t']; } + //var_dump($return); - // Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding) - if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { - if (!empty($objp->company_code_buy)) { - $objp->code_buy_t = $objp->company_code_buy; - $objp->aarowid_suggest = $objp->aarowid_thirdparty; - $suggestedaccountingaccountfor = ''; - } - } - - if (!empty($objp->code_buy_p)) { + if (!empty($code_buy_p)) { // Value was defined previously } else { $code_buy_p_notset = 'color:orange'; } - if (empty($objp->code_buy_l) && empty($objp->code_buy_p)) { + if (empty($code_buy_l) && empty($code_buy_p)) { $code_buy_p_notset = 'color:red'; } - // $objp->code_buy_l is now default code of product/service - // $objp->code_buy_p is now code of product/service - // $objp->code_buy_t is now code of thirdparty + // $code_buy_l is now default code of product/service + // $code_buy_p is now code of product/service + // $code_buy_t is now code of thirdparty print ''; // Line id - print ''.$objp->rowid.''; + print ''.$facturefourn_static_det->id.''; // Ref Invoice print ''.$facturefourn_static->getNomUrl(1).''; @@ -658,23 +626,23 @@ if ($result) { print ''; */ - print ''.dol_print_date($db->jdate($objp->datef), 'day').''; + print ''.dol_print_date($db->jdate($facturefourn_static_det->datef), 'day').''; // Ref Product print ''; if ($product_static->id > 0) { print $product_static->getNomUrl(1); } - if ($objp->product_label) { - print '
'.$objp->product_label.''; + if ($product_static->product_label) { + print '
'.$product_static->product_label.''; } print ''; // Description print ''; - $text = dolGetFirstLineOfText(dol_string_nohtmltag($objp->description)); + $text = dolGetFirstLineOfText(dol_string_nohtmltag($facturefourn_static_det->desc)); $trunclength = empty($conf->global->ACCOUNTING_LENGTH_DESCRIPTION) ? 32 : $conf->global->ACCOUNTING_LENGTH_DESCRIPTION; - print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); + print $form->textwithtooltip(dol_trunc($text, $trunclength), $facturefourn_static_det->desc); print ''; print ''; @@ -686,7 +654,7 @@ if ($result) { $code_vat_differ = 'font-weight:bold; text-decoration:blink; color:red'; } print ''; - print vatrate($objp->tva_tx_line.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')); + print vatrate($facturefourn_static_det->tva_tx_line.($facturefourn_static_det->vat_src_code ? ' ('.$facturefourn_static_det->vat_src_code.')' : '')); print ''; // Thirdparty @@ -703,26 +671,26 @@ if ($result) { // Found accounts print ''; - $s = '1. '.(($objp->type_l == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': '; + $s = '1. '.(($facturefourn_static_det->type_l == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': '; $shelp = ''; if ($suggestedaccountingaccountbydefaultfor == 'eec') { $shelp .= $langs->trans("SaleEEC"); } elseif ($suggestedaccountingaccountbydefaultfor == 'export') { $shelp .= $langs->trans("SaleExport"); } - $s .= ($objp->code_buy_l > 0 ? length_accountg($objp->code_buy_l) : ''.$langs->trans("NotDefined").''); + $s .= ($code_buy_l > 0 ? length_accountg($code_buy_l) : ''.$langs->trans("NotDefined").''); print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); - if ($objp->product_id > 0) { + if ($product_static->id > 0) { print '
'; - $s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; - $shelp = ''; + $s = '2. '.(($facturefourn_static_det->product_type == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; + $shelp = ''; $ttype = 'help'; if ($suggestedaccountingaccountfor == 'eec') { $shelp = $langs->trans("SaleEEC"); } elseif ($suggestedaccountingaccountfor == 'export') { $shelp = $langs->trans("SaleExport"); } - $s .= (empty($objp->code_buy_p) ? ''.$langs->trans("NotDefined").'' : length_accountg($objp->code_buy_p)); - print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); + $s .= (empty($code_buy_p) ? ''.$langs->trans("NotDefined").'' : length_accountg($code_buy_p)); + print $form->textwithpicto($s, $shelp, 1, $ttype, '', 0, 2, '', 1); } else { print '
'; $s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; @@ -732,35 +700,26 @@ if ($result) { } if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { print '
'; - $s = '3. '.(($objp->type_l == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; + $s = '3. '.(($facturefourn_static_det->product_type == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; $shelp = ''; - $s .= ($objp->code_buy_t > 0 ? length_accountg($objp->code_buy_t) : ''.$langs->trans("NotDefined").''); + $s .= ($code_buy_t > 0 ? length_accountg($code_buy_t) : ''.$langs->trans("NotDefined").''); print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); } print ''; // Suggested accounting account print ''; - $suggestedid = $objp->aarowid_suggest; - if (empty($suggestedid) && empty($objp->code_buy_p) && !empty($objp->code_buy_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { - if (empty($accountingaccount_codetotid_cache[$objp->code_buy_l])) { - $tmpaccount = new AccountingAccount($db); - $tmpaccount->fetch(0, $objp->code_buy_l, 1); - if ($tmpaccount->id > 0) { - $suggestedid = $tmpaccount->id; - } - $accountingaccount_codetotid_cache[$objp->code_buy_l] = $tmpaccount->id; - } else { - $suggestedid = $accountingaccount_codetotid_cache[$objp->code_buy_l]; - } - } - print $formaccounting->select_account($suggestedid, 'codeventil'.$objp->rowid, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone'); + print $formaccounting->select_account($suggestedid, 'codeventil'.$facturefourn_static_det->id, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone'); print ''; // Column with checkbox print ''; - $ischecked = $objp->aarowid_suggest; - print ''; + if (!empty($suggestedid)) { + $ischecked = 1; + } else { + $ischecked = 0; + } + print ''; print ''; print ''; diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index c4ac6ef1472..f8018ada57d 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -935,8 +935,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $object->country = $tmparray['label']; } + $soc = new Societe($db); if (!empty($socid)) { - $soc = new Societe($db); if ($socid > 0) { $soc->fetch($socid); } diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index e777108c491..38ad3f037b9 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -70,7 +70,7 @@ class AdherentStats extends Stats $this->where .= " m.statut != -1"; $this->where .= " AND p.fk_adherent = m.rowid AND m.entity IN (".getEntity('adherent').")"; - //if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id); if ($this->memberid) { $this->where .= " AND m.rowid = ".((int) $this->memberid); } @@ -91,7 +91,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -111,7 +111,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%Y') as dm, count(*)"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -132,7 +132,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -153,7 +153,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -174,7 +174,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " GROUP BY year"; $sql .= $this->db->order('year', 'DESC'); diff --git a/htdocs/adherents/htpasswd.php b/htdocs/adherents/htpasswd.php index e1f580a3656..60639193295 100644 --- a/htdocs/adherents/htpasswd.php +++ b/htdocs/adherents/htpasswd.php @@ -36,7 +36,7 @@ $sortorder = GETPOST('sortorder', 'aZ09'); if (empty($conf->adherent->enabled)) { accessforbidden(); } -if (!$user->rights->adherent->export) { +if (empty($user->rights->adherent->export)) { accessforbidden(); } diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php index b0a6e40d3ca..df20ce37a86 100644 --- a/htdocs/adherents/subscription/card.php +++ b/htdocs/adherents/subscription/card.php @@ -48,7 +48,7 @@ $note = GETPOST('note', 'alpha'); $typeid = (int) GETPOST('typeid', 'int'); $amount = price2num(GETPOST('amount', 'alpha'), 'MT'); -if (!$user->rights->adherent->cotisation->lire) { +if (empty($user->rights->adherent->cotisation->lire)) { accessforbidden(); } diff --git a/htdocs/adherents/subscription/info.php b/htdocs/adherents/subscription/info.php index 080e2c0330c..9eb431320cd 100644 --- a/htdocs/adherents/subscription/info.php +++ b/htdocs/adherents/subscription/info.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php'; // Load translation files required by the page $langs->loadLangs(array("companies", "members", "bills", "users")); -if (!$user->rights->adherent->lire) { +if (empty($user->rights->adherent->lire)) { accessforbidden(); } diff --git a/htdocs/admin/loan.php b/htdocs/admin/loan.php index 0769ee5c0a0..59b7eb8b463 100644 --- a/htdocs/admin/loan.php +++ b/htdocs/admin/loan.php @@ -105,7 +105,7 @@ foreach ($list as $key) { // Value print ''; if (!empty($conf->accounting->enabled)) { - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); } else { print ''; } diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 2a15aa0965b..4698222bda8 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Load translation files required by the page $langs->loadLangs(array("admin", "other", "blockedlog", "bills")); -if ((!$user->admin && !$user->rights->blockedlog->read) || empty($conf->blockedlog->enabled)) { +if ((!$user->admin && empty($user->rights->blockedlog->read)) || empty($conf->blockedlog->enabled)) { accessforbidden(); } diff --git a/htdocs/blockedlog/ajax/block-info.php b/htdocs/blockedlog/ajax/block-info.php index 9fde03e1e5e..eb851af169a 100644 --- a/htdocs/blockedlog/ajax/block-info.php +++ b/htdocs/blockedlog/ajax/block-info.php @@ -43,7 +43,7 @@ require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php'; $id = GETPOST('id', 'int'); $block = new BlockedLog($db); -if ((!$user->admin && !$user->rights->blockedlog->read) || empty($conf->blockedlog->enabled)) { +if ((!$user->admin && empty($user->rights->blockedlog->read)) || empty($conf->blockedlog->enabled)) { accessforbidden(); } diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index 74d2284c4b5..289916a07c2 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/bookmarks/class/bookmark.class.php'; $langs->loadLangs(array('bookmarks', 'other')); // Security check -if (!$user->rights->bookmark->lire) { +if (empty($user->rights->bookmark->lire)) { restrictedArea($user, 'bookmarks'); } diff --git a/htdocs/bookmarks/list.php b/htdocs/bookmarks/list.php index 17be6be9cef..8a5de8f4d91 100644 --- a/htdocs/bookmarks/list.php +++ b/htdocs/bookmarks/list.php @@ -35,7 +35,7 @@ $toselect = GETPOST('toselect', 'array'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'bookmarklist'; // To manage different context of search // Security check -if (!$user->rights->bookmark->lire) { +if (empty($user->rights->bookmark->lire)) { restrictedArea($user, 'bookmarks'); } $optioncss = GETPOST('optioncss', 'alpha'); diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 7ccd80eb4bd..78d01a19e19 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -173,7 +173,12 @@ if ($elemid && $action == 'addintocategory' && (($type == Categorie::TYPE_PRODUCT && ($user->rights->produit->creer || $user->rights->service->creer)) || ($type == Categorie::TYPE_CUSTOMER && $user->rights->societe->creer) || ($type == Categorie::TYPE_SUPPLIER && $user->rights->societe->creer) || - ($type == Categorie::TYPE_TICKET && $user->rights->ticket->write) + ($type == Categorie::TYPE_TICKET && $user->rights->ticket->write) || + ($type == Categorie::TYPE_PROJECT && $user->rights->projet->creer) || + ($type == Categorie::TYPE_MEMBER && $user->rights->projet->creer) || + ($type == Categorie::TYPE_CONTACT && $user->rights->societe->creer) || + ($type == Categorie::TYPE_USER && $user->rights->user->user->creer) || + ($type == Categorie::TYPE_ACCOUNT && $user->rights->banque->configurer) )) { if ($type == Categorie::TYPE_PRODUCT) { require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; @@ -191,6 +196,26 @@ if ($elemid && $action == 'addintocategory' && require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php'; $newobject = new Ticket($db); $elementtype = 'ticket'; + } elseif ($type == Categorie::TYPE_PROJECT) { + require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + $newobject = new Project($db); + $elementtype = 'project'; + } elseif ($type == Categorie::TYPE_MEMBER) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + $newobject = new Adherent($db); + $elementtype = 'member'; + } elseif ($type == Categorie::TYPE_CONTACT) { + require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; + $newobject = new Contact($db); + $elementtype = 'contact'; + } elseif ($type == Categorie::TYPE_USER) { + require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; + $newobject = new User($db); + $elementtype = 'user'; + } elseif ($type == Categorie::TYPE_ACCOUNT) { + require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; + $newobject = new User($db); + $elementtype = 'bank_account'; } $result = $newobject->fetch($elemid); @@ -199,7 +224,7 @@ if ($elemid && $action == 'addintocategory' && if ($result >= 0) { setEventMessages($langs->trans("WasAddedSuccessfully", $newobject->ref), null, 'mesgs'); } else { - if ($cat->error == 'DB_ERROR_RECORD_ALREADY_EXISTS') { + if ($object->error == 'DB_ERROR_RECORD_ALREADY_EXISTS') { setEventMessages($langs->trans("ObjectAlreadyLinkedToCategory"), null, 'warnings'); } else { setEventMessages($object->error, $object->errors, 'errors'); @@ -538,6 +563,7 @@ if ($type == Categorie::TYPE_PRODUCT) { } } +// List of customers if ($type == Categorie::TYPE_CUSTOMER) { $permission = $user->rights->societe->creer; @@ -611,7 +637,7 @@ if ($type == Categorie::TYPE_CUSTOMER) { } } - +// List of suppliers if ($type == Categorie::TYPE_SUPPLIER) { $permission = $user->rights->societe->creer; @@ -696,6 +722,26 @@ if ($type == Categorie::TYPE_MEMBER) { if ($prods < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddMemberIntoCategory").'  '; + print $form->selectMembers('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -752,6 +798,25 @@ if ($type == Categorie::TYPE_CONTACT) { if ($contacts < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddContactIntoCategory").'  '; + print $form->selectContacts('', '', 'elemid'); + print '
'; + print '
'; + } print '
'; print ''; print ''; @@ -817,6 +882,26 @@ if ($type == Categorie::TYPE_ACCOUNT) { if ($accounts < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddAccountIntoCategory").'  '; + $form->select_comptes('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -874,6 +959,26 @@ if ($type == Categorie::TYPE_PROJECT) { if ($objects < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddProjectIntoCategory").'  '; + $form->selectProjects('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -930,6 +1035,25 @@ if ($type == Categorie::TYPE_USER) { if ($users < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddProjectIntoCategory").'  '; + $form->select_users('', 'elemid'); + print '
'; + print '
'; + } print '
'; print ''; print ''; diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 6d1b53cbca0..3e2520f43da 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1327,10 +1327,10 @@ class ActionComm extends CommonObject $sql = "SELECT count(a.id) as nb"; } $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".((int) $user->id); } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; @@ -1339,13 +1339,13 @@ class ActionComm extends CommonObject $sql .= " AND a.percent >= 0 AND a.percent < 100"; } $sql .= " AND a.entity IN (".getEntity('agenda').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { $sql .= " AND a.fk_soc = ".((int) $user->socid); } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " AND (a.fk_user_author = ".((int) $user->id)." OR a.fk_user_action = ".((int) $user->id)." OR a.fk_user_done = ".((int) $user->id); $sql .= " OR ar.fk_element = ".((int) $user->id); $sql .= ")"; diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 18b751a368c..5f7349fab3c 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -86,13 +86,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -660,7 +660,7 @@ $sql .= ' a.fk_soc, a.fk_contact, a.fk_project,'; $sql .= ' a.fk_element, a.elementtype,'; $sql .= ' ca.code as type_code, ca.libelle as type_label, ca.color as type_color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -711,7 +711,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index c7d28a1bcc7..985a403b086 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -136,13 +136,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -414,7 +414,7 @@ $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields as ef ON (a.id = ef.fk_object)"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; @@ -468,7 +468,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/pertype.php b/htdocs/comm/action/pertype.php index 08cef7dd80a..55540b3006f 100644 --- a/htdocs/comm/action/pertype.php +++ b/htdocs/comm/action/pertype.php @@ -80,13 +80,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -506,7 +506,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,'; $sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,'; $sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -557,7 +557,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 18d75dba42b..0148170d316 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -80,13 +80,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -533,7 +533,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,'; $sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,'; $sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -584,7 +584,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project = ".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php index 52f6e675c5f..57a88bef157 100644 --- a/htdocs/comm/contact.php +++ b/htdocs/comm/contact.php @@ -82,14 +82,14 @@ if ($type == "f") { $sql = "SELECT s.rowid, s.nom as name, st.libelle as stcomm"; $sql .= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone"; $sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."socpeople as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc"; $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND p.entity IN (".getEntity('socpeople').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($type == "c") { diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 2603b520c77..c3e4546fccd 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -129,13 +129,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_DRAFT; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -226,13 +226,13 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($supplierproposalstatic->element).")"; $sql .= " AND p.fk_statut = ".SupplierProposal::STATUS_DRAFT; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -322,13 +322,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_statut = ".Commande::STATUS_DRAFT; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -419,13 +419,13 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.entity IN (".getEntity($supplierorderstatic->element).")"; $sql .= " AND cf.fk_statut = ".CommandeFournisseur::STATUS_DRAFT; $sql .= " AND cf.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -511,7 +511,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -520,7 +520,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -561,12 +561,12 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { $sql .= ", s.canvas"; $sql .= ", s.datec, s.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.client IN (".Societe::CUSTOMER.", ".Societe::PROSPECT.", ".Societe::CUSTOMER_AND_PROSPECT.")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -657,12 +657,12 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S $sql .= ", s.canvas"; $sql .= ", s.datec as dc, s.tms as dm"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.fournisseur = ".Societe::SUPPLIER; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -762,13 +762,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire && 0) { // T $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."product as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($staticcontrat->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -837,13 +837,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -953,13 +953,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_SHIPMENTONPROCESS.")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 6ae93695f8c..2f055f54a42 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2779,17 +2779,17 @@ class Propal extends CommonObject $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " p.rowid as propalid, p.fk_statut, p.total_ht, p.ref, p.remise, "; $sql .= " p.datep as dp, p.fin_validite as datelimite"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3293,7 +3293,7 @@ class Propal extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.fin_validite as datefin, p.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3470,7 +3470,7 @@ class Propal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/comm/propal/class/propalestats.class.php b/htdocs/comm/propal/class/propalestats.class.php index 181e5b545f8..2b8c5d9047d 100644 --- a/htdocs/comm/propal/class/propalestats.class.php +++ b/htdocs/comm/propal/class/propalestats.class.php @@ -93,7 +93,7 @@ class PropaleStats extends Stats } //$this->where.= " AND p.fk_soc = s.rowid AND p.entity = ".$conf->entity; $this->where .= ($this->where ? ' AND ' : '')."p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -129,7 +129,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -154,7 +154,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -178,7 +178,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, SUM(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -203,7 +203,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, AVG(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -226,7 +226,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as year, COUNT(*) as nb, SUM(".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -252,7 +252,7 @@ class PropaleStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/comm/propal/index.php b/htdocs/comm/propal/index.php index de2e4a1d64c..54e6541c7a9 100644 --- a/htdocs/comm/propal/index.php +++ b/htdocs/comm/propal/index.php @@ -81,13 +81,13 @@ if (!empty($conf->propal->enabled)) { $sql .= ", s.rowid as socid, s.nom as name, s.client, s.canvas, s.code_client, s.email, s.entity, s.code_compta"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut =".Propal::STATUS_DRAFT; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -156,7 +156,7 @@ $sql = "SELECT c.rowid, c.entity, c.ref, c.fk_statut, date_cloture as datec"; $sql .= ", s.nom as socname, s.rowid as socid, s.canvas, s.client, s.email, s.code_compta"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($propalstatic->element).")"; @@ -165,7 +165,7 @@ $sql .= " AND c.fk_soc = s.rowid"; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -232,13 +232,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= ", p.rowid as propalid, p.entity, p.total_ttc, p.total_ht, p.ref, p.fk_statut, p.datep as dp, p.fin_validite as dfv"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -317,12 +317,12 @@ if (! empty($conf->propal->enabled)) $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid"; $sql.=" FROM ".MAIN_DB_PREFIX."propal as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 1"; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); @@ -392,12 +392,12 @@ if (! empty($conf->propal->enabled)) $sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom as name, s.rowid as socid"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 2 "; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 269cf9cfd91..3535ae0cde1 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -509,7 +509,7 @@ $sql .= ' p.note_public, p.note_private,'; $sql .= ' p.fk_cond_reglement,p.fk_mode_reglement,p.fk_shipping_method,p.fk_input_reason,'; $sql .= " pr.rowid as project_id, pr.ref as project_ref, pr.title as project_label,"; $sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity as user_entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } if (!empty($search_categ_cus) && $search_categ_cus != '-1') { @@ -547,7 +547,7 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON p.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as pr ON pr.rowid = p.fk_projet"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_availability as ava on (ava.rowid = p.fk_availability)"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -562,7 +562,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE p.fk_soc = s.rowid'; $sql .= ' AND p.entity IN ('.getEntity('propal').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php index c1975e309f5..fbdef4d91e6 100644 --- a/htdocs/comm/propal/stats/index.php +++ b/htdocs/comm/propal/stats/index.php @@ -111,7 +111,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/proposalsnbinyear-'.$user->id.'-'.$year.'.png'; $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsnbinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -147,7 +147,7 @@ if (!$mesg) { $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear, 0); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/proposalsamountinyear-'.$user->id.'-'.$year.'.png'; $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsamountinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -182,7 +182,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); $fileurl_avg = ''; -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/comm/prospect/index.php b/htdocs/comm/prospect/index.php index d2f60c36212..24283c4e000 100644 --- a/htdocs/comm/prospect/index.php +++ b/htdocs/comm/prospect/index.php @@ -80,13 +80,13 @@ if (!empty($conf->propal->enabled)) { $sql = "SELECT count(*) as cc, st.libelle, st.picto, st.id"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY st.id"; @@ -122,13 +122,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql = "SELECT p.rowid, p.ref, p.price, s.nom as sname"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_statut = 0"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -183,14 +183,14 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; $sql .= " AND p.fk_statut = 1"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -244,12 +244,12 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { */ $sql = "SELECT s.nom as name, s.rowid as socid, s.client, s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = 1"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY s.tms ASC"; diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index 0887c22a8f3..6d0b5a5d297 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -981,6 +981,7 @@ class Orders extends DolibarrApi if (!DolibarrApiAccess::$user->rights->expedition->lire) { throw new RestException(401); } + $obj_ret = array(); $sql = "SELECT e.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " JOIN ".MAIN_DB_PREFIX."expeditiondet as edet"; @@ -1054,7 +1055,6 @@ class Orders extends DolibarrApi if ($result <= 0) { throw new RestException(500, 'Error on creating expedition lines:'.$this->db->lasterror()); } - $i++; } return $shipment->id; } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index e3675129198..9b315698527 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2678,16 +2678,16 @@ class Commande extends CommonOrder $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " c.rowid as cid, c.ref"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3505,7 +3505,7 @@ class Commande extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3915,7 +3915,7 @@ class Commande extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index 8ac89d5a18f..d02d56175ff 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -93,7 +93,7 @@ class CommandeStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= ($this->where ? ' AND ' : '').'c.entity IN ('.getEntity('commande').')'; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -128,7 +128,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -153,7 +153,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -177,7 +177,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -202,7 +202,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, AVG(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -225,7 +225,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -249,7 +249,7 @@ class CommandeStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/commande/customer.php b/htdocs/commande/customer.php index 3ecaa0fbee1..96efda7c187 100644 --- a/htdocs/commande/customer.php +++ b/htdocs/commande/customer.php @@ -77,16 +77,16 @@ $thirdpartystatic = new Societe($db); $sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea"; $sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."commande as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id AND c.fk_soc = s.rowid"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (GETPOST("search_nom")) { diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index a794d79e743..8c59be3a2cb 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -94,7 +94,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -103,7 +103,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -162,7 +162,7 @@ $sql .= ", s.code_client"; $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -171,7 +171,7 @@ $sql .= " AND c.entity IN (".getEntity('commande').")"; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -246,7 +246,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -255,7 +255,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; @@ -335,7 +335,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -344,7 +344,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 4e8a18821ff..503c125b59c 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -465,7 +465,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = c.fk_projet"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON c.fk_user_author = u.rowid'; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -486,7 +486,7 @@ if ($search_product_category > 0) { if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php index a9c38e1531c..37535e0b573 100644 --- a/htdocs/commande/stats/index.php +++ b/htdocs/commande/stats/index.php @@ -42,7 +42,7 @@ $mode = GETPOSTISSET("mode") ? GETPOST("mode", 'aZ09') : 'customer'; if ($mode == 'customer' && !$user->rights->commande->lire) { accessforbidden(); } -if ($mode == 'supplier' && !$user->rights->fournisseur->commande->lire) { +if ($mode == 'supplier' && empty($user->rights->fournisseur->commande->lire)) { accessforbidden(); } @@ -112,7 +112,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/ordersnbinyear-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$user->id.'-'.$year.'.png'; @@ -158,7 +158,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/ordersamountinyear-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$user->id.'-'.$year.'.png'; @@ -202,7 +202,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/compta/bank/bilan.php b/htdocs/compta/bank/bilan.php index 94ae0134a9d..6edee79f86b 100644 --- a/htdocs/compta/bank/bilan.php +++ b/htdocs/compta/bank/bilan.php @@ -28,7 +28,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; // Load translation files required by the page $langs->loadLangs(array('banks', 'categories')); -if (!$user->rights->banque->lire) { +if (empty($user->rights->banque->lire)) { accessforbidden(); } diff --git a/htdocs/compta/bank/info.php b/htdocs/compta/bank/info.php index c61f6e50bff..e8514c1e96e 100644 --- a/htdocs/compta/bank/info.php +++ b/htdocs/compta/bank/info.php @@ -39,7 +39,7 @@ if ($user->socid) { $socid = $user->socid; } $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype); -if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) { +if (empty($user->rights->banque->lire) && !$user->rights->banque->consolidate) { accessforbidden(); } diff --git a/htdocs/compta/bank/line.php b/htdocs/compta/bank/line.php index 05aed6a215e..5567678c366 100644 --- a/htdocs/compta/bank/line.php +++ b/htdocs/compta/bank/line.php @@ -67,7 +67,7 @@ if ($user->socid) { $socid = $user->socid; } $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype); -if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) { +if (empty($user->rights->banque->lire) && !$user->rights->banque->consolidate) { accessforbidden(); } diff --git a/htdocs/compta/bank/list.php b/htdocs/compta/bank/list.php index cd6e6cfd365..ea656141639 100644 --- a/htdocs/compta/bank/list.php +++ b/htdocs/compta/bank/list.php @@ -506,6 +506,8 @@ print "\n"; $totalarray = array(); $totalarray['nbfield'] = 0; +$totalarray['val'] = array('balance'=>0); +$total = array(); $found = 0; $i = 0; $lastcurrencycode = ''; @@ -714,7 +716,11 @@ foreach ($accounts as $key => $type) { print ''; - $total[$objecttmp->currency_code] += $solde; + if (empty($total[$objecttmp->currency_code])) { + $total[$objecttmp->currency_code] = $solde; + } else { + $total[$objecttmp->currency_code] += $solde; + } $i++; } diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php index 504e5638abc..b39364690a6 100644 --- a/htdocs/compta/clients.php +++ b/htdocs/compta/clients.php @@ -94,16 +94,16 @@ if ($mode == 'search') { $sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea"; $sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id AND s.client in (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (dol_strlen($stcomm)) { diff --git a/htdocs/compta/deplacement/index.php b/htdocs/compta/deplacement/index.php index 12351032b53..f2eb5bfe969 100644 --- a/htdocs/compta/deplacement/index.php +++ b/htdocs/compta/deplacement/index.php @@ -150,7 +150,7 @@ $langs->load("boxes"); $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, d.rowid, d.dated as date, d.tms as dm, d.km, d.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."deplacement as d, ".MAIN_DB_PREFIX."user as u"; -if (!$user->rights->societe->client->voir && !$user->socid) { +if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE u.rowid = d.fk_user"; @@ -158,7 +158,7 @@ $sql .= " AND d.entity = ".$conf->entity; if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) { $sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } -if (!$user->rights->societe->client->voir && !$user->socid) { +if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND d.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/compta/deplacement/list.php b/htdocs/compta/deplacement/list.php index 428eacbc93a..e7593406ad6 100644 --- a/htdocs/compta/deplacement/list.php +++ b/htdocs/compta/deplacement/list.php @@ -96,7 +96,7 @@ $sql .= " u.lastname, u.firstname"; // Qui $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; $sql .= ", ".MAIN_DB_PREFIX."deplacement as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON d.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE d.fk_user = u.rowid"; @@ -104,7 +104,7 @@ $sql .= " AND d.entity = ".$conf->entity; if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) { $sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id)." OR d.fk_soc IS NULL) "; } if ($socid) { diff --git a/htdocs/compta/deplacement/stats/index.php b/htdocs/compta/deplacement/stats/index.php index edc590119ef..3acda4f76ce 100644 --- a/htdocs/compta/deplacement/stats/index.php +++ b/htdocs/compta/deplacement/stats/index.php @@ -163,7 +163,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 4b49c88f8ca..90641062b40 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -4055,16 +4055,16 @@ class Facture extends CommonInvoice $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " f.rowid as fid, f.ref as ref, f.datef as df"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('invoice').")"; $sql .= " AND f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -4254,7 +4254,7 @@ class Facture extends CommonInvoice $sql = "SELECT f.rowid, f.date_lim_reglement as datefin,f.fk_statut, f.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -4501,7 +4501,7 @@ class Facture extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/compta/facture/class/facturestats.class.php b/htdocs/compta/facture/class/facturestats.class.php index 1e6457104ea..a54cd1a6668 100644 --- a/htdocs/compta/facture/class/facturestats.class.php +++ b/htdocs/compta/facture/class/facturestats.class.php @@ -85,7 +85,7 @@ class FactureStats extends Stats $this->where = " f.fk_statut >= 0"; $this->where .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($mode == 'customer') { @@ -129,7 +129,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -155,7 +155,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%Y') as dm, COUNT(*), SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -180,7 +180,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -206,7 +206,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -229,7 +229,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -253,7 +253,7 @@ class FactureStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -281,7 +281,7 @@ class FactureStats extends Stats $startYear = $endYear - $numberYears; $sql = "SELECT date_format(datef,'%Y') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/compta/facture/invoicetemplate_list.php b/htdocs/compta/facture/invoicetemplate_list.php index e5c7fdafd0c..12f554f4c5c 100644 --- a/htdocs/compta/facture/invoicetemplate_list.php +++ b/htdocs/compta/facture/invoicetemplate_list.php @@ -291,12 +291,12 @@ $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture_rec_extrafields as ef ON ef.fk_object = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 852589dbd1a..b73569d86d1 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -242,10 +242,10 @@ $arrayfields = array( 'f.multicurrency_total_ttc'=>array('label'=>'MulticurrencyAmountTTC', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>292), 'multicurrency_dynamount_payed'=>array('label'=>'MulticurrencyAlreadyPaid', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>295), 'multicurrency_rtp'=>array('label'=>'MulticurrencyRemainderToPay', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>296), // Not enabled by default because slow - 'total_pa' => array('label' => ($conf->global->MARGIN_TYPE == '1' ? 'BuyingPrice' : 'CostPrice'), 'checked' => 0, 'position' => 300, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous ? 0 : 1)), - 'total_margin' => array('label' => 'Margin', 'checked' => 0, 'position' => 301, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous ? 0 : 1)), - 'total_margin_rate' => array('label' => 'MarginRate', 'checked' => 0, 'position' => 302, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARGIN_RATES) ? 0 : 1)), - 'total_mark_rate' => array('label' => 'MarkRate', 'checked' => 0, 'position' => 303, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARK_RATES) ? 0 : 1)), + 'total_pa' => array('label' => ($conf->global->MARGIN_TYPE == '1' ? 'BuyingPrice' : 'CostPrice'), 'checked' => 0, 'position' => 300, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) ? 0 : 1)), + 'total_margin' => array('label' => 'Margin', 'checked' => 0, 'position' => 301, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) ? 0 : 1)), + 'total_margin_rate' => array('label' => 'MarginRate', 'checked' => 0, 'position' => 302, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) || empty($conf->global->DISPLAY_MARGIN_RATES) ? 0 : 1)), + 'total_mark_rate' => array('label' => 'MarkRate', 'checked' => 0, 'position' => 303, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) || empty($conf->global->DISPLAY_MARK_RATES) ? 0 : 1)), 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>502), 'f.note_public'=>array('label'=>'NotePublic', 'checked'=>0, 'position'=>510, 'enabled'=>(empty($conf->global->MAIN_LIST_ALLOW_PUBLIC_NOTES))), @@ -592,7 +592,7 @@ if ($search_product_category > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = f.fk_projet"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user AS u ON f.fk_user_author = u.rowid'; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -606,7 +606,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_product_category > 0) { diff --git a/htdocs/compta/facture/prelevement.php b/htdocs/compta/facture/prelevement.php index 084d24ebfdb..e017533c9ee 100644 --- a/htdocs/compta/facture/prelevement.php +++ b/htdocs/compta/facture/prelevement.php @@ -71,7 +71,7 @@ $hookmanager->initHooks(array('directdebitcard', 'globalcard')); if ($type == 'bank-transfer') { $result = restrictedArea($user, 'fournisseur', $id, 'facture_fourn', 'facture', 'fk_soc', $fieldid, $isdraft); - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } } else { diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index a8228e29d2a..380393d2855 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -46,7 +46,7 @@ $mode = GETPOST("mode") ? GETPOST("mode") : 'customer'; if ($mode == 'customer' && !$user->rights->facture->lire) { accessforbidden(); } -if ($mode == 'supplier' && !$user->rights->fournisseur->facture->lire) { +if ($mode == 'supplier' && empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } @@ -192,7 +192,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 7f3865906c8..29f41587224 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -129,12 +129,12 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays, ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -279,12 +279,12 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= ", SUM(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -589,7 +589,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user $sql .= ", c.rowid, c.ref, c.facture, c.fk_statut as status, c.total_ht, c.total_tva, c.total_ttc,"; $sql .= " cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."commande as c"; @@ -597,7 +597,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture AS f ON el.fk_target = f.rowid AND el.targettype = 'facture'"; $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php index 59aae0a4015..f5160c51757 100644 --- a/htdocs/compta/paiement/list.php +++ b/htdocs/compta/paiement/list.php @@ -201,11 +201,11 @@ if (GETPOST("orphelins", "alpha")) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE p.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { diff --git a/htdocs/compta/paiement/rapport.php b/htdocs/compta/paiement/rapport.php index 492404a9380..cf02c2aeb74 100644 --- a/htdocs/compta/paiement/rapport.php +++ b/htdocs/compta/paiement/rapport.php @@ -39,7 +39,7 @@ if ($user->socid > 0) { } $dir = $conf->facture->dir_output.'/payments'; -if (!$user->rights->societe->client->voir || $socid) { +if (empty($user->rights->societe->client->voir) || $socid) { $dir .= '/private/'.$user->id; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/compta/paymentbybanktransfer/index.php b/htdocs/compta/paymentbybanktransfer/index.php index 009f99fccf1..2036bef5c57 100644 --- a/htdocs/compta/paymentbybanktransfer/index.php +++ b/htdocs/compta/paymentbybanktransfer/index.php @@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,"; $sql .= " s.nom as name, s.email, s.rowid as socid, s.tva_intra"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; @@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) { $sql .= " AND pfd.traite = 0"; $sql .= " AND pfd.ext_payment_id IS NULL"; $sql .= " AND pfd.fk_facture_fourn = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index cb10e9248f1..5ac0c07ede7 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -137,12 +137,12 @@ if ($type != 'bank-transfer') { } $sql .= " ".MAIN_DB_PREFIX."societe as s,"; $sql .= " ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php index 93f2305c60f..e299c067118 100644 --- a/htdocs/compta/prelevement/index.php +++ b/htdocs/compta/prelevement/index.php @@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,"; $sql .= " s.nom as name, s.email, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; @@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) { $sql .= " AND pfd.traite = 0"; $sql .= " AND pfd.ext_payment_id IS NULL"; $sql .= " AND pfd.fk_facture = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 8ae2deae1cf..8493fd03f3c 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -296,7 +296,7 @@ if (empty($reshook)) { if (empty($error) && $id > 0) { $db->commit(); if (!empty($backtopage)) { - $url = $backtopage; + $url = str_replace('__ID__', $id, $backtopage); } else { $url = 'card.php?id='.$id; } diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 5dec2ade61e..fa1dfb93c7a 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -383,7 +383,7 @@ class Contact extends CommonObject $sql = "SELECT count(sp.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as sp"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE sp.fk_soc = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 71e888540b2..e005d6cfb1e 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -386,11 +386,11 @@ if (!empty($search_categ_thirdparty) && $search_categ_thirdparty != '-1') { if (!empty($search_categ_supplier) && $search_categ_supplier != '-1') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_fournisseur as cs2 ON s.rowid = cs2.fk_soc"; // We need this table joined to the select in order to filter by categ } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= ' WHERE p.entity IN ('.getEntity('socpeople').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND (sc.fk_user = ".((int) $user->id)." OR p.fk_soc IS NULL)"; } if (!empty($userid)) { // propre au commercial diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index d63b0e7acb0..793273c833f 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2187,7 +2187,7 @@ class Contrat extends CommonObject $this->from = " FROM ".MAIN_DB_PREFIX."contrat as c"; $this->from .= ", ".MAIN_DB_PREFIX."contratdet as cd"; $this->from .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $this->from .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -2218,7 +2218,7 @@ class Contrat extends CommonObject if ($user->socid) { $sql .= " AND c.fk_soc = ".((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2286,7 +2286,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index b85cda094f3..626d81892b1 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -92,7 +92,7 @@ $vals = array(); $sql = "SELECT count(cd.rowid) as nb, cd.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; @@ -101,7 +101,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cd.statut"; @@ -129,7 +129,7 @@ if ($resql) { $sql = "SELECT count(cd.rowid) as nb, cd.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; @@ -138,7 +138,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cd.statut"; @@ -240,13 +240,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) { $sql = "SELECT c.rowid, c.ref,"; $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = c.fk_soc"; $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND c.statut = 0"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -311,7 +311,7 @@ $sql .= " sum(".$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NOT NULL AN $sql .= " sum(".$db->ifsql("cd.statut=5", 1, 0).') as nb_closed,'; $sql .= " c.rowid as cid, c.ref, c.datec, c.tms, c.statut, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."contrat as c"; @@ -319,7 +319,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contra $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND c.statut > 0"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -386,7 +386,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -394,7 +394,7 @@ $sql .= ") LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; $sql .= " WHERE c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -466,7 +466,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -476,7 +476,7 @@ $sql .= " AND c.statut = 1"; $sql .= " AND cd.statut = 0"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -547,7 +547,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -558,7 +558,7 @@ $sql .= " AND cd.statut = 4"; $sql .= " AND cd.date_fin_validite < '".$db->idate($now)."'"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 7e19ec13e22..cee0faf95aa 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -255,7 +255,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; @@ -281,7 +281,7 @@ if ($search_product_category > 0) { if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_date_start) { diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index 0c06a194fd4..5bd98ded8c4 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -218,7 +218,7 @@ $sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut, c.ref_customer, c.ref $sql .= " s.rowid as socid, s.nom as name, s.email, s.client, s.fournisseur,"; $sql .= " cd.rowid, cd.description, cd.statut,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as label, p.fk_product_type as ptype, p.entity as pentity,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " cd.date_ouverture_prevue,"; @@ -244,7 +244,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."contratdet as cd"; @@ -261,7 +261,7 @@ if ($search_product_category > 0) { $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($mode == "0") { diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 814dfacc5f3..ee41df3cdd2 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -92,20 +92,20 @@ class box_actions extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; $sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { $sql .= " AND s.rowid = ".((int) $user->socid); } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " AND (a.fk_user_author = ".((int) $user->id)." OR a.fk_user_action = ".((int) $user->id)." OR a.fk_user_done = ".((int) $user->id).")"; } $sql .= " ORDER BY a.datec DESC"; diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index a858111d76d..487c2170a4a 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -113,13 +113,13 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT p.fk_statut, SUM(p.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -203,13 +203,13 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT c.fk_statut, sum(c.total_ttc) as Mnttot, count(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -291,12 +291,12 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT f.fk_statut, SUM(f.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 995f017f5f1..74ba5a9d4c9 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -92,12 +92,12 @@ class box_clients extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index 4d47f703fff..abf9baf06f3 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -101,7 +101,7 @@ class box_commandes extends ModeleBoxes $sql .= ", c.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -109,7 +109,7 @@ class box_commandes extends ModeleBoxes if (!empty($conf->global->ORDER_BOX_LAST_ORDERS_VALIDATED_ONLY)) { $sql .= " AND c.fk_statut = 1"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index 97090895500..0d774faf569 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -103,11 +103,11 @@ class box_contacts extends ModeleBoxes if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE sp.entity IN (".getEntity('socpeople').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index 9bb794b94fa..8eeb1b93323 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -86,12 +86,12 @@ class box_contracts extends ModeleBoxes $sql .= " c.rowid, c.ref, c.statut as fk_statut, c.date_contrat, c.datec, c.fin_validite, c.date_cloture"; $sql .= ", c.ref_customer, c.ref_supplier"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php index 87be4a10c2d..4077b04c6d9 100644 --- a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php +++ b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php @@ -93,12 +93,12 @@ class box_customers_outstanding_bill_reached extends ModeleBoxes $sql .= ", s.outstanding_limit"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 6bdeabda212..e1d2860b212 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -100,13 +100,13 @@ class box_factures extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.tva_intra, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4, s.idprof5, s.idprof6"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index 70640efeb78..ae905d5d468 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -100,12 +100,12 @@ class box_factures_fourn extends ModeleBoxes $sql .= ', f.date_lim_reglement as datelimite, f.tms, f.type'; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index 74f9a3a46aa..cfef8801414 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -95,14 +95,14 @@ class box_factures_fourn_imp extends ModeleBoxes $sql .= ", f.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; $sql .= " AND f.paye = 0"; $sql .= " AND fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index c78e5b7dec9..9a8e764f208 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -108,7 +108,7 @@ class box_factures_imp extends ModeleBoxes if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."facture as f"; @@ -117,7 +117,7 @@ class box_factures_imp extends ModeleBoxes $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND f.paye = 0"; $sql .= " AND fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index 3b62361343a..e0bdaf709ce 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -89,13 +89,13 @@ class box_ficheinter extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir) { + if (empty($user->rights->societe->client->voir)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; $sql .= " WHERE f.fk_soc = s.rowid "; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index c0516c1cf4c..4f297135b26 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -87,12 +87,12 @@ class box_fournisseurs extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php index fe01eae730b..18ffe022610 100644 --- a/htdocs/core/boxes/box_graph_invoices_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -99,7 +99,7 @@ class box_graph_invoices_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_invoices_peryear.php b/htdocs/core/boxes/box_graph_invoices_peryear.php index 22d9ad956e7..9126cfcfb37 100644 --- a/htdocs/core/boxes/box_graph_invoices_peryear.php +++ b/htdocs/core/boxes/box_graph_invoices_peryear.php @@ -93,7 +93,7 @@ class box_graph_invoices_peryear extends ModeleBoxes $prefix = ''; $socid = 0; if ($user->socid) $socid = $user->socid; - if (!$user->rights->societe->client->voir || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if (empty($user->rights->societe->client->voir) || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user if ($user->rights->facture->lire) { $mesg = ''; diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index 5ecc26c3f90..3d8cb88938d 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -98,7 +98,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php index f37bda11104..83acae25b45 100644 --- a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php +++ b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php @@ -65,7 +65,7 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes public function loadBox($max = 5) { global $conf, $user, $langs; - $dataseries = ""; + $dataseries = array(); $graphtoshow = ""; $badgeStatus0 = '#cbd3d3'; // draft @@ -118,7 +118,6 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes if ($resql) { $num = $this->db->num_rows($resql); $i = 0; - $dataseries = array(); while ($i < $num) { $objp = $this->db->fetch_object($resql); while ($minimumdatecformated < $objp->datec) { diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php index 48f0bd67ec3..0fd27c377d5 100644 --- a/htdocs/core/boxes/box_graph_orders_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_permonth.php @@ -99,7 +99,7 @@ class box_graph_orders_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php index a394834cd97..be58b1e983c 100644 --- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php @@ -98,7 +98,7 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 8a95761ea08..03899fb922f 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -101,7 +101,7 @@ class box_graph_propales_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 57e54594255..300a13803c5 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -96,7 +96,7 @@ class box_last_modified_ticket extends ModeleBoxes $sql .= " WHERE t.entity IN (".getEntity('ticket').')'; // $sql.= " AND e.rowid = er.fk_event"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); if ($user->socid) { $sql .= " AND t.fk_soc = ".((int) $user->socid); } diff --git a/htdocs/core/boxes/box_last_ticket.php b/htdocs/core/boxes/box_last_ticket.php index 39086464f73..25cb353b268 100644 --- a/htdocs/core/boxes/box_last_ticket.php +++ b/htdocs/core/boxes/box_last_ticket.php @@ -95,7 +95,7 @@ class box_last_ticket extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=t.fk_soc"; $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; // $sql.= " AND e.rowid = er.fk_event"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($user->socid) { $sql .= " AND t.fk_soc= ".((int) $user->socid); } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index 6599116a980..51d313b7254 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -90,12 +90,12 @@ class box_propales extends ModeleBoxes $sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index 06d42e34b18..a46713a3206 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -93,12 +93,12 @@ class box_prospect extends ModeleBoxes $sql .= ", s.fk_stcomm"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 320932a0c6f..c72a378a1a2 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -95,7 +95,7 @@ class box_services_contracts extends ModeleBoxes $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ")"; diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 433c566ad31..4353fb7eb02 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -86,7 +86,7 @@ class box_services_expired extends ModeleBoxes $sql .= " s.nom as name, s.rowid as socid, s.email, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,"; $sql .= " MIN(cd.date_fin_validite) as date_line, COUNT(cd.rowid) as nb_services"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe s, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.statut = 4 AND cd.date_fin_validite <= '".$this->db->idate($now)."'"; @@ -95,7 +95,7 @@ class box_services_expired extends ModeleBoxes if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.rowid, c.ref, c.statut, c.date_contrat, c.ref_customer, c.ref_supplier, s.nom, s.rowid"; diff --git a/htdocs/core/boxes/box_shipments.php b/htdocs/core/boxes/box_shipments.php index 2b6adfe3bdc..d0ddf1f8dcb 100644 --- a/htdocs/core/boxes/box_shipments.php +++ b/htdocs/core/boxes/box_shipments.php @@ -101,7 +101,7 @@ class box_shipments extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; @@ -111,7 +111,7 @@ class box_shipments extends ModeleBoxes if ($user->socid > 0) { $sql.= " AND s.rowid = ".((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } else { $sql .= " ORDER BY e.date_delivery, e.ref DESC "; diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index b3451d9b6c3..2cc34a9255b 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -92,12 +92,12 @@ class box_supplier_orders extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 69d65673934..f9d2de4b7fc 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -92,14 +92,14 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; $sql .= " AND c.date_livraison IS NOT NULL"; $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 6bf0285a2fb..408e32626d0 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -2048,19 +2048,19 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid - } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid } - if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc"; } $sql .= " WHERE te.".$fieldid." < '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) - if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } - if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)'; } if (!empty($filter)) { @@ -2072,7 +2072,7 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) { @@ -2118,19 +2118,19 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid - } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid } - if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc"; } $sql .= " WHERE te.".$fieldid." > '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) - if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } - if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)'; } if (!empty($filter)) { @@ -2142,7 +2142,7 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) { @@ -7693,7 +7693,7 @@ abstract class CommonObject $langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]); } - $colspan = ''; + $colspan = 0; if (is_array($params) && count($params) > 0 && $display_type=='card') { if (array_key_exists('cols', $params)) { $colspan = $params['cols']; @@ -7706,6 +7706,7 @@ abstract class CommonObject } } } + $colspan = intval($colspan); switch ($mode) { case "view": @@ -7772,7 +7773,7 @@ abstract class CommonObject $html_id = (empty($this->id) ? '' : 'extrarow-'.$this->element.'_'.$key.'_'.$this->id); if ($display_type=='card') { if (!empty($conf->global->MAIN_EXTRAFIELDS_USE_TWO_COLUMS) && ($e % 2) == 0) { - $colspan = '0'; + $colspan = 0; } if ($action == 'selectlines') { diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index 26701cde6ff..e52ab780195 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -1415,12 +1415,12 @@ class DolGraph $color = 'rgb(' . $newcolor[0] . ', ' . $newcolor[1] . ', ' . $newcolor[2] . ', 0.9)'; $bordercolor = 'rgb(' . $newcolor[0] . ', ' . $newcolor[1] . ', ' . $newcolor[2] . ')'; } else { // We do not use a 'group by' - if (is_array($this->datacolor[$i])) { + if (!empty($this->bordercolor[$i]) && is_array($this->datacolor[$i])) { $color = 'rgb(' . $this->datacolor[$i][0] . ', ' . $this->datacolor[$i][1] . ', ' . $this->datacolor[$i][2] . ', 0.9)'; } else { $color = $this->datacolor[$i]; } - if (is_array($this->bordercolor[$i])) { + if (!empty($this->bordercolor[$i]) && is_array($this->bordercolor[$i])) { $color = 'rgb(' . $this->bordercolor[$i][0] . ', ' . $this->bordercolor[$i][1] . ', ' . $this->bordercolor[$i][2] . ', 0.9)'; } else { if ($type != 'horizontalBar') { diff --git a/htdocs/core/class/fiscalyear.class.php b/htdocs/core/class/fiscalyear.class.php index 2a1f769e15c..0edae298f46 100644 --- a/htdocs/core/class/fiscalyear.class.php +++ b/htdocs/core/class/fiscalyear.class.php @@ -291,7 +291,7 @@ class Fiscalyear extends CommonObject $url = DOL_URL_ROOT.'/accountancy/admin/fiscalyear_card.php?id='.$this->id; - if (!$user->rights->accounting->fiscalyear->write) { + if (empty($user->rights->accounting->fiscalyear->write)) { $option = 'nolink'; } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 88151e7c288..b3528c3cf53 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -1347,7 +1347,7 @@ class Form if (!empty($conf->global->COMPANY_SHOW_ADDRESS_SELECTLIST)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as dictp ON dictp.rowid = s.fk_pays"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity('societe').")"; @@ -1357,7 +1357,7 @@ class Form if ($filter) { $sql .= " AND (".$filter.")"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($conf->global->COMPANY_HIDE_INACTIVE_IN_COMBOBOX)) { @@ -6838,6 +6838,418 @@ class Form $optJson = array('key'=>$outkey, 'value'=>$outref, 'type'=>$outtypem); } + /** + * Return list of projects in Ajax if Ajax activated or go to selectTicketsList + * + * @param int $selected Preselected tickets + * @param string $htmlname Name of HTML select field (must be unique in page). + * @param string $filtertype To add a filter + * @param int $limit Limit on number of returned lines + * @param int $status Ticket status + * @param string $selected_input_value Value of preselected input text (for use with ajax) + * @param int $hidelabel Hide label (0=no, 1=yes, 2=show search icon (before) and placeholder, 3 search icon after) + * @param array $ajaxoptions Options for ajax_autocompleter + * @param int $socid Thirdparty Id (to get also price dedicated to this customer) + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @param array $selected_combinations Selected combinations. Format: array([attrid] => attrval, [...]) + * @param string $nooutput No print, return the output into a string + * @return void|string + */ + public function selectProjects($selected = '', $htmlname = 'projectid', $filtertype = '', $limit = 0, $status = 1, $selected_input_value = '', $hidelabel = 0, $ajaxoptions = array(), $socid = 0, $showempty = '1', $forcecombo = 0, $morecss = '', $selected_combinations = null, $nooutput = 0) + { + global $langs, $conf; + + $out = ''; + + // check parameters + if (is_null($ajaxoptions)) $ajaxoptions = array(); + + if (!empty($conf->use_javascript_ajax) && !empty($conf->global->TICKET_USE_SEARCH_TO_SELECT)) { + $placeholder = ''; + + if ($selected && empty($selected_input_value)) { + require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + $projecttmpselect = new Project($this->db); + $projecttmpselect->fetch($selected); + $selected_input_value = $projecttmpselect->ref; + unset($projecttmpselect); + } + + $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/projet/ajax/projects.php', $urloption, $conf->global->PRODUIT_USE_SEARCH_TO_SELECT, 1, $ajaxoptions); + + if (empty($hidelabel)) $out .= $langs->trans("RefOrLabel").' : '; + elseif ($hidelabel > 1) { + $placeholder = ' placeholder="'.$langs->trans("RefOrLabel").'"'; + if ($hidelabel == 2) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } + $out .= 'global->PRODUCT_SEARCH_AUTOFOCUS) ? 'autofocus' : '').' />'; + if ($hidelabel == 3) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } else { + $out .= $this->selectProjectsList($selected, $htmlname, $filtertype, $limit, $status, 0, $socid, $showempty, $forcecombo, $morecss); + } + + if (empty($nooutput)) print $out; + else return $out; + } + + /** + * Return list of projects. + * Called by selectProjects. + * + * @param int $selected Preselected project + * @param string $htmlname Name of select html + * @param string $filtertype Filter on project type + * @param int $limit Limit on number of returned lines + * @param string $filterkey Filter on project ref or subject + * @param int $status Ticket status + * @param int $outputmode 0=HTML select string, 1=Array + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @return array Array of keys for json + */ + public function selectProjectsList($selected = '', $htmlname = 'projectid', $filtertype = '', $limit = 20, $filterkey = '', $status = 1, $outputmode = 0, $showempty = '1', $forcecombo = 0, $morecss = '') + { + global $langs, $conf, $user, $db; + + $out = ''; + $outarray = array(); + + $selectFields = " p.rowid, p.ref"; + + $sql = "SELECT "; + $sql .= $selectFields; + $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; + $sql .= ' WHERE p.entity IN ('.getEntity('project').')'; + + // Add criteria on ref/label + if ($filterkey != '') { + $sql .= ' AND ('; + $prefix = empty($conf->global->TICKET_DONOTSEARCH_ANYWHERE) ? '%' : ''; // Can use index if PRODUCT_DONOTSEARCH_ANYWHERE is on + // For natural search + $scrit = explode(' ', $filterkey); + $i = 0; + if (count($scrit) > 1) $sql .= "("; + foreach ($scrit as $crit) { + if ($i > 0) $sql .= " AND "; + $sql .= "p.ref LIKE '".$this->db->escape($prefix.$crit)."%'"; + $sql .= ""; + $i++; + } + if (count($scrit) > 1) $sql .= ")"; + $sql .= ')'; + } + + $sql .= $this->db->plimit($limit, 0); + + // Build output string + dol_syslog(get_class($this)."::selectProjectsList search projects", LOG_DEBUG); + $result = $this->db->query($sql); + if ($result) { + require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php'; + + $num = $this->db->num_rows($result); + + $events = null; + + if (!$forcecombo) { + include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; + $out .= ajax_combobox($htmlname, $events, $conf->global->PROJECT_USE_SEARCH_TO_SELECT); + } + + $out .= ''; + + $this->db->free($result); + + if (empty($outputmode)) return $out; + return $outarray; + } else { + dol_print_error($db); + } + } + + /** + * constructProjectListOption. + * This define value for &$opt and &$optJson. + * + * @param resource $objp Result set of fetch + * @param string $opt Option (var used for returned value in string option format) + * @param string $optJson Option (var used for returned value in json format) + * @param string $selected Preselected value + * @param string $filterkey Filter key to highlight + * @return void + */ + protected function constructProjectListOption(&$objp, &$opt, &$optJson, $selected, $filterkey = '') + { + global $langs, $conf, $user, $db; + + $outkey = ''; + $outval = ''; + $outref = ''; + $outlabel = ''; + $outtype = ''; + + $label = $objp->label; + + $outkey = $objp->rowid; + $outref = $objp->ref; + $outlabel = $objp->label; + $outtype = $objp->fk_product_type; + + $opt = '\n"; + $optJson = array('key'=>$outkey, 'value'=>$outref, 'type'=>$outtypem); + } + + + /** + * Return list of members in Ajax if Ajax activated or go to selectTicketsList + * + * @param int $selected Preselected tickets + * @param string $htmlname Name of HTML select field (must be unique in page). + * @param string $filtertype To add a filter + * @param int $limit Limit on number of returned lines + * @param int $status Ticket status + * @param string $selected_input_value Value of preselected input text (for use with ajax) + * @param int $hidelabel Hide label (0=no, 1=yes, 2=show search icon (before) and placeholder, 3 search icon after) + * @param array $ajaxoptions Options for ajax_autocompleter + * @param int $socid Thirdparty Id (to get also price dedicated to this customer) + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @param array $selected_combinations Selected combinations. Format: array([attrid] => attrval, [...]) + * @param string $nooutput No print, return the output into a string + * @return void|string + */ + public function selectMembers($selected = '', $htmlname = 'adherentid', $filtertype = '', $limit = 0, $status = 1, $selected_input_value = '', $hidelabel = 0, $ajaxoptions = array(), $socid = 0, $showempty = '1', $forcecombo = 0, $morecss = '', $selected_combinations = null, $nooutput = 0) + { + global $langs, $conf; + + $out = ''; + + // check parameters + if (is_null($ajaxoptions)) $ajaxoptions = array(); + + if (!empty($conf->use_javascript_ajax) && !empty($conf->global->TICKET_USE_SEARCH_TO_SELECT)) { + $placeholder = ''; + + if ($selected && empty($selected_input_value)) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + $adherenttmpselect = new Member($this->db); + $adherenttmpselect->fetch($selected); + $selected_input_value = $adherenttmpselect->ref; + unset($adherenttmpselect); + } + + $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/adherents/ajax/adherents.php', $urloption, $conf->global->PRODUIT_USE_SEARCH_TO_SELECT, 1, $ajaxoptions); + + if (empty($hidelabel)) $out .= $langs->trans("RefOrLabel").' : '; + elseif ($hidelabel > 1) { + $placeholder = ' placeholder="'.$langs->trans("RefOrLabel").'"'; + if ($hidelabel == 2) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } + $out .= 'global->PRODUCT_SEARCH_AUTOFOCUS) ? 'autofocus' : '').' />'; + if ($hidelabel == 3) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } else { + $out .= $this->selectMembersList($selected, $htmlname, $filtertype, $limit, $status, 0, $socid, $showempty, $forcecombo, $morecss); + } + + if (empty($nooutput)) print $out; + else return $out; + } + + /** + * Return list of adherents. + * Called by selectMembers. + * + * @param int $selected Preselected adherent + * @param string $htmlname Name of select html + * @param string $filtertype Filter on adherent type + * @param int $limit Limit on number of returned lines + * @param string $filterkey Filter on adherent ref or subject + * @param int $status Ticket status + * @param int $outputmode 0=HTML select string, 1=Array + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @return array Array of keys for json + */ + public function selectMembersList($selected = '', $htmlname = 'adherentid', $filtertype = '', $limit = 20, $filterkey = '', $status = 1, $outputmode = 0, $showempty = '1', $forcecombo = 0, $morecss = '') + { + global $langs, $conf, $user, $db; + + $out = ''; + $outarray = array(); + + $selectFields = " p.rowid, p.ref"; + + $sql = "SELECT "; + $sql .= $selectFields; + $sql .= " FROM ".MAIN_DB_PREFIX."adherent as p"; + $sql .= ' WHERE p.entity IN ('.getEntity('adherent').')'; + + // Add criteria on ref/label + if ($filterkey != '') { + $sql .= ' AND ('; + $prefix = empty($conf->global->TICKET_DONOTSEARCH_ANYWHERE) ? '%' : ''; // Can use index if PRODUCT_DONOTSEARCH_ANYWHERE is on + // For natural search + $scrit = explode(' ', $filterkey); + $i = 0; + if (count($scrit) > 1) $sql .= "("; + foreach ($scrit as $crit) { + if ($i > 0) $sql .= " AND "; + $sql .= "p.ref LIKE '".$this->db->escape($prefix.$crit)."%'"; + $sql .= ""; + $i++; + } + if (count($scrit) > 1) $sql .= ")"; + $sql .= ')'; + } + + $sql .= $this->db->plimit($limit, 0); + + // Build output string + dol_syslog(get_class($this)."::selectMembersList search adherents", LOG_DEBUG); + $result = $this->db->query($sql); + if ($result) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php'; + + $num = $this->db->num_rows($result); + + $events = null; + + if (!$forcecombo) { + include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; + $out .= ajax_combobox($htmlname, $events, $conf->global->PROJECT_USE_SEARCH_TO_SELECT); + } + + $out .= ''; + + $this->db->free($result); + + if (empty($outputmode)) return $out; + return $outarray; + } else { + dol_print_error($db); + } + } + + /** + * constructMemberListOption. + * This define value for &$opt and &$optJson. + * + * @param resource $objp Result set of fetch + * @param string $opt Option (var used for returned value in string option format) + * @param string $optJson Option (var used for returned value in json format) + * @param string $selected Preselected value + * @param string $filterkey Filter key to highlight + * @return void + */ + protected function constructMemberListOption(&$objp, &$opt, &$optJson, $selected, $filterkey = '') + { + global $langs, $conf, $user, $db; + + $outkey = ''; + $outval = ''; + $outref = ''; + $outlabel = ''; + $outtype = ''; + + $label = $objp->label; + + $outkey = $objp->rowid; + $outref = $objp->ref; + $outlabel = $objp->label; + $outtype = $objp->fk_product_type; + + $opt = '\n"; + $optJson = array('key'=>$outkey, 'value'=>$outref, 'type'=>$outtypem); + } /** * Generic method to select a component from a combo list. @@ -7029,7 +7441,7 @@ class Form $sql .= " INNER JOIN ".MAIN_DB_PREFIX.$tmparray[1]." as parenttable ON parenttable.rowid = t.".$tmparray[0]; } if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') { - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } } @@ -7057,7 +7469,7 @@ class Form } } if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') { - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND t.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } } diff --git a/htdocs/core/class/html.formcontract.class.php b/htdocs/core/class/html.formcontract.class.php index 5db615f4654..1909a4fb6c3 100644 --- a/htdocs/core/class/html.formcontract.class.php +++ b/htdocs/core/class/html.formcontract.class.php @@ -104,7 +104,7 @@ class FormContract while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { $labeltoshow = dol_trunc($obj->ref, 18); diff --git a/htdocs/core/class/html.formintervention.class.php b/htdocs/core/class/html.formintervention.class.php index b9564c6aa52..60656128b64 100644 --- a/htdocs/core/class/html.formintervention.class.php +++ b/htdocs/core/class/html.formintervention.class.php @@ -99,7 +99,7 @@ class FormIntervention while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { $labeltoshow = dol_trunc($obj->ref, 18); diff --git a/htdocs/core/class/html.formmargin.class.php b/htdocs/core/class/html.formmargin.class.php index 02972f39630..e77ebe3498c 100644 --- a/htdocs/core/class/html.formmargin.class.php +++ b/htdocs/core/class/html.formmargin.class.php @@ -207,7 +207,7 @@ class FormMargin return; } - if (!$user->rights->margins->liretous) { + if (empty($user->rights->margins->liretous)) { return; } diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index 18b42c597bf..34ea7b0a2e8 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -207,7 +207,7 @@ class FormProjets while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { if ($discard_closed == 1 && $obj->fk_statut == 2 && $obj->rowid != $selected) { // We discard closed except if selected diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index 048335201ee..667a2808f58 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -162,12 +162,12 @@ function show_array_actions_to_do($max = 5) $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN "; $sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; $sql .= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep2 > '".$db->idate($now)."'))"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -278,12 +278,12 @@ function show_array_last_actions_done($max = 5) $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN "; $sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action "; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; $sql .= " AND (a.percent >= 100 OR (a.percent = -1 AND a.datep2 <= '".$db->idate($now)."'))"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 573f27c1eee..8b61a690910 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -233,7 +233,7 @@ function getCustomerInvoicePieChart($socid = 0) $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -241,7 +241,7 @@ function getCustomerInvoicePieChart($socid = 0) if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -353,7 +353,7 @@ function getPurchaseInvoicePieChart($socid = 0) $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -361,7 +361,7 @@ function getPurchaseInvoicePieChart($socid = 0) if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -609,16 +609,16 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= ", s.rowid as socid, s.email"; $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -633,7 +633,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; $sql .= " cc.rowid, cc.code"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } @@ -757,12 +757,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -879,7 +879,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -887,7 +887,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -984,7 +984,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -992,7 +992,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -1103,12 +1103,12 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = ".Facture::STATUS_VALIDATED; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1289,14 +1289,14 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; $sql .= " AND ff.paye = 0"; $sql .= " AND ff.fk_statut = ".FactureFournisseur::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/order.lib.php b/htdocs/core/lib/order.lib.php index f264eadaf58..0109847c59a 100644 --- a/htdocs/core/lib/order.lib.php +++ b/htdocs/core/lib/order.lib.php @@ -199,7 +199,7 @@ function getCustomerOrderPieChart($socid = 0) $sql = "SELECT count(c.rowid) as nb, c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -207,7 +207,7 @@ function getCustomerOrderPieChart($socid = 0) if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.fk_statut"; diff --git a/htdocs/core/lib/propal.lib.php b/htdocs/core/lib/propal.lib.php index 038ab2a7911..c5d2a647a57 100644 --- a/htdocs/core/lib/propal.lib.php +++ b/htdocs/core/lib/propal.lib.php @@ -178,7 +178,7 @@ function getCustomerProposalPieChart($socid = 0) $sql = "SELECT count(p.rowid) as nb, p.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; @@ -186,7 +186,7 @@ function getCustomerProposalPieChart($socid = 0) if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index be804dc184c..fbd2651d4b3 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -279,12 +279,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if ($feature == 'societe') { - if (!$user->rights->societe->lire && !$user->rights->fournisseur->lire) { + if (empty($user->rights->societe->lire) && empty($user->rights->fournisseur->lire)) { $readok = 0; $nbko++; } } elseif ($feature == 'contact') { - if (!$user->rights->societe->contact->lire) { + if (empty($user->rights->societe->contact->lire)) { $readok = 0; $nbko++; } @@ -299,7 +299,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $readok = 0; $nbko++; } @@ -314,7 +314,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'payment_supplier') { - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { $readok = 0; $nbko++; } @@ -370,12 +370,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft) { foreach ($featuresarray as $feature) { if ($feature == 'contact') { - if (!$user->rights->societe->contact->creer) { + if (empty($user->rights->societe->contact->creer)) { $createok = 0; $nbko++; } } elseif ($feature == 'produit|service') { - if (!$user->rights->produit->creer && !$user->rights->service->creer) { + if (empty($user->rights->produit->creer) && empty($user->rights->service->creer)) { $createok = 0; $nbko++; } @@ -385,22 +385,22 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'commande_fournisseur') { - if (!$user->rights->fournisseur->commande->creer || !$user->rights->supplier_order->creer) { + if (empty($user->rights->fournisseur->commande->creer) || empty($user->rights->supplier_order->creer)) { $createok = 0; $nbko++; } } elseif ($feature == 'banque') { - if (!$user->rights->banque->modifier) { + if (empty($user->rights->banque->modifier)) { $createok = 0; $nbko++; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $createok = 0; $nbko++; } } elseif ($feature == 'import') { - if (!$user->rights->import->run) { + if (empty($user->rights->import->run)) { $createok = 0; $nbko++; } @@ -417,6 +417,9 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->password) { continue; // User can edit its own password } + if ($subfeature == 'user' && $user->id != $objectid && $user->rights->user->user->password) { + continue; // User can edit another user's password + } if (empty($user->rights->$feature->$subfeature->creer) && empty($user->rights->$feature->$subfeature->write) @@ -494,11 +497,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $deleteok = 0; } } elseif ($feature == 'banque') { - if (!$user->rights->banque->modifier) { + if (empty($user->rights->banque->modifier)) { $deleteok = 0; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $deleteok = 0; } } elseif ($feature == 'ecm') { @@ -514,7 +517,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $deleteok = 0; } } elseif ($feature == 'adherent') { - if (!$user->rights->adherent->supprimer) { + if (empty($user->rights->adherent->supprimer)) { $deleteok = 0; } } elseif (!empty($feature2)) { // This is for permissions on 2 levels @@ -662,7 +665,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta if ($user->socid <> $objectid) { return false; } - } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) { + } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) { // If internal user: Check permission for internal users that are restricted on their objects $sql = "SELECT COUNT(sc.fk_soc) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe_commerciaux as sc"; @@ -685,7 +688,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql .= " WHERE dbt.".$dbt_select." IN (".$db->sanitize($objectid, 1).")"; $sql .= " AND dbt.fk_soc = ".((int) $user->socid); - } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) { + } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) { // If internal user: Check permission for internal users that are restricted on their objects $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb"; $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; @@ -755,7 +758,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql .= " WHERE dbt.rowid IN (".$db->sanitize($objectid, 1).")"; $sql .= " AND dbt.".$dbt_keyfield." = ".((int) $user->socid); - } elseif (!empty($conf->societe->enabled) && !$user->rights->societe->client->voir) { + } elseif (!empty($conf->societe->enabled) && empty($user->rights->societe->client->voir)) { // If internal user: Check permission for internal users that are restricted on their objects if ($feature != 'ticket') { if (empty($dbt_keyfield)) { diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php index 5904db84398..215987054ce 100644 --- a/htdocs/core/modules/rapport/pdf_paiement.class.php +++ b/htdocs/core/modules/rapport/pdf_paiement.class.php @@ -196,7 +196,7 @@ class pdf_paiement $sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,"; } $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facture = f.rowid AND pf.fk_paiement = p.rowid"; @@ -205,7 +205,7 @@ class pdf_paiement } $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { @@ -234,7 +234,7 @@ class pdf_paiement $sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,"; } $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facturefourn = f.rowid AND pf.fk_paiementfourn = p.rowid"; @@ -243,7 +243,7 @@ class pdf_paiement } $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php index 374f381c098..654435dad89 100644 --- a/htdocs/core/photos_resize.php +++ b/htdocs/core/photos_resize.php @@ -68,7 +68,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'member') { $result = restrictedArea($user, 'adherent', $id, '', '', 'fk_soc', 'rowid'); - if (!$user->rights->adherent->lire) { + if (empty($user->rights->adherent->lire)) { accessforbidden(); } $accessallowed = 1; @@ -86,7 +86,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'bank') { $result = restrictedArea($user, 'banque', $id, 'bank_account'); - if (!$user->rights->banque->lire) { + if (empty($user->rights->banque->lire)) { accessforbidden(); } $accessallowed = 1; @@ -98,7 +98,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'facture_fourn' || $modulepart == 'facture_fournisseur') { $result = restrictedArea($user, 'fournisseur', $id, 'facture_fourn', 'facture'); - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } $accessallowed = 1; diff --git a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php index 520a0a20a72..5fd339918fa 100644 --- a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php +++ b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php @@ -73,7 +73,7 @@ class DolLogsCollector extends MessagesCollector { global $conf; - $uselogfile = $conf->global->DEBUGBAR_USE_LOGFILE; + $uselogfile = getDolGlobalInt('DEBUGBAR_USE_LOGFILE'); if ($uselogfile) { $this->getStorageLogs($this->path); diff --git a/htdocs/document.php b/htdocs/document.php index d6f6584bb6f..7fc0dd6fff3 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -119,7 +119,7 @@ if ($user->socid > 0) { // For some module part, dir may be privates if (in_array($modulepart, array('facture_paiement', 'unpaid'))) { - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $original_file = 'private/'.$user->id.'/'.$original_file; // If user has no permission to see all, output dir is specific to user } } diff --git a/htdocs/don/stats/index.php b/htdocs/don/stats/index.php index 23e6c0a46c0..59a73ad5b19 100644 --- a/htdocs/don/stats/index.php +++ b/htdocs/don/stats/index.php @@ -70,7 +70,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png'; @@ -105,7 +105,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -143,7 +143,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png'; } diff --git a/htdocs/ecm/class/ecmdirectory.class.php b/htdocs/ecm/class/ecmdirectory.class.php index aed93b51f6f..03413a56eb1 100644 --- a/htdocs/ecm/class/ecmdirectory.class.php +++ b/htdocs/ecm/class/ecmdirectory.class.php @@ -197,7 +197,7 @@ class EcmDirectory extends CommonObject $sql .= " '".$this->db->escape($this->description)."',"; $sql .= " ".((int) $this->cachenbofdoc).","; $sql .= " '".$this->db->idate($this->date_c)."',"; - $sql .= " ".($this->fk_user_c > 0 ? ((int) $this->fk_user_c) : "null").","; + $sql .= " ".($this->fk_user_c > 0 ? ((int) $this->fk_user_c) : "null"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/eventorganization/conferenceorbooth_list.php b/htdocs/eventorganization/conferenceorbooth_list.php index d72941d2885..0b585a03ca2 100644 --- a/htdocs/eventorganization/conferenceorbooth_list.php +++ b/htdocs/eventorganization/conferenceorbooth_list.php @@ -282,7 +282,7 @@ if ($projectid > 0) { // Title $morehtmlref .= $project->title; // Thirdparty - if ($project->thirdparty->id > 0) { + if (isset($project->thirdparty->id) && $project->thirdparty->id > 0) { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$project->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; diff --git a/htdocs/expedition/class/expeditionstats.class.php b/htdocs/expedition/class/expeditionstats.class.php index 3c1bef04d09..8eb31896f38 100644 --- a/htdocs/expedition/class/expeditionstats.class.php +++ b/htdocs/expedition/class/expeditionstats.class.php @@ -73,7 +73,7 @@ class ExpeditionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -97,7 +97,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -121,7 +121,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -142,7 +142,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/expedition/index.php b/htdocs/expedition/index.php index 173cc1889bc..a08339d652f 100644 --- a/htdocs/expedition/index.php +++ b/htdocs/expedition/index.php @@ -66,7 +66,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; @@ -138,11 +138,11 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = ".Expedition::STATUS_VALIDATED; @@ -208,7 +208,7 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.ref_client as ref_customer, c.fk_statut as status, c.facture as billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -217,7 +217,7 @@ $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index 391628a9d38..ac5704511ef 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -277,7 +277,7 @@ if ($search_user > 0) { // Get link to order to get the order id in eesource.fk $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as eesource ON eesource.fk_target = e.rowid AND eesource.targettype = 'shipping' AND eesource.sourcetype = 'commande'"; } // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -291,7 +291,7 @@ if ($search_product_category > 0) { if ($socid > 0) { $sql .= ' AND s.rowid = '.$socid; } -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; $sql .= " AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/expedition/stats/index.php b/htdocs/expedition/stats/index.php index 42cac2d3c92..e5718added1 100644 --- a/htdocs/expedition/stats/index.php +++ b/htdocs/expedition/stats/index.php @@ -75,7 +75,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png'; @@ -110,7 +110,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -148,7 +148,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png'; } diff --git a/htdocs/expensereport/stats/index.php b/htdocs/expensereport/stats/index.php index 5f8a9f628b5..d9fe6a72c87 100644 --- a/htdocs/expensereport/stats/index.php +++ b/htdocs/expensereport/stats/index.php @@ -146,7 +146,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/fichinter/card-rec.php b/htdocs/fichinter/card-rec.php index d74e0a5c5e8..f7e51b1139d 100644 --- a/htdocs/fichinter/card-rec.php +++ b/htdocs/fichinter/card-rec.php @@ -761,7 +761,7 @@ if ($action == 'create') { $sql .= " FROM ".MAIN_DB_PREFIX."fichinter_rec as f"; $sql .= " , ".MAIN_DB_PREFIX."societe as s "; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -769,7 +769,7 @@ if ($action == 'create') { if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 9bd3f17da25..297e03fa379 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -204,7 +204,7 @@ class Fichinter extends CommonObject $sql = "SELECT count(fi.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as fi"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON fi.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/fichinter/class/fichinterstats.class.php b/htdocs/fichinter/class/fichinterstats.class.php index 297aeca7760..f6fbdb8d305 100644 --- a/htdocs/fichinter/class/fichinterstats.class.php +++ b/htdocs/fichinter/class/fichinterstats.class.php @@ -72,7 +72,7 @@ class FichinterStats extends Stats $this->field_line = '0'; //$this->where.= " AND c.fk_statut > 0"; // Not draft and not cancelled } - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $this->where .= ($this->where ? ' AND ' : '')."c.entity IN (".getEntity('fichinter').')'; @@ -98,7 +98,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -122,7 +122,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -145,7 +145,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -169,7 +169,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -191,7 +191,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -214,7 +214,7 @@ class FichinterStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " AND c.rowid = tl.fk_fichinter AND tl.fk_product = product.rowid"; $sql .= " AND c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'"; diff --git a/htdocs/fichinter/index.php b/htdocs/fichinter/index.php index 8eca043ef40..169ddfdccbf 100644 --- a/htdocs/fichinter/index.php +++ b/htdocs/fichinter/index.php @@ -74,7 +74,7 @@ print '
'; $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -82,7 +82,7 @@ $sql .= " AND f.fk_soc = s.rowid"; if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -192,7 +192,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -201,7 +201,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -242,7 +242,7 @@ $sql = "SELECT f.rowid, f.ref, f.fk_statut, f.date_valid as datec, f.tms as date $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -251,7 +251,7 @@ $sql .= " AND f.fk_soc = s.rowid"; if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -315,7 +315,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, f.fk_statut, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -324,7 +324,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.rowid DESC"; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 6f4dccd878d..d710d7cd6cc 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -257,7 +257,7 @@ $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if (!$user->rights->societe->client->voir && empty($socid)) { +if (empty($user->rights->societe->client->voir) && empty($socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."societe as s"; @@ -285,7 +285,7 @@ if ($search_desc) { if ($search_status != '' && $search_status >= 0) { $sql .= ' AND f.fk_statut = '.urlencode($search_status); } -if (!$user->rights->societe->client->voir && empty($socid)) { +if (empty($user->rights->societe->client->voir) && empty($socid)) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/fichinter/stats/index.php b/htdocs/fichinter/stats/index.php index 7a7adb639b3..aec9ab7e839 100644 --- a/htdocs/fichinter/stats/index.php +++ b/htdocs/fichinter/stats/index.php @@ -79,7 +79,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/interventionsnbinyear-'.$user->id.'-'.$year.'.png'; $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsnbinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -114,7 +114,7 @@ if (!$mesg) { $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/interventionsamountinyear-'.$user->id.'-'.$year.'.png'; $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsamountinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -148,7 +148,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/interventionsaverage-'.$user->id.'-'.$year.'.png'; $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsaverage-'.$user->id.'-'.$year.'.png'; } else { diff --git a/htdocs/fourn/class/fournisseur.class.php b/htdocs/fourn/class/fournisseur.class.php index 805ed7c1ba6..b47cfa263c0 100644 --- a/htdocs/fourn/class/fournisseur.class.php +++ b/htdocs/fourn/class/fournisseur.class.php @@ -113,7 +113,7 @@ class Fournisseur extends Societe $sql = "SELECT count(s.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -178,12 +178,12 @@ class Fournisseur extends Societe $sql = "SELECT s.rowid, s.nom as name"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 5da4ad4b08b..bc79aa4d6e1 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -2965,7 +2965,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -3003,7 +3003,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.fk_statut, c.date_livraison as delivery_date"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index bffe960b11e..ccaa7db60fa 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -2412,7 +2412,7 @@ class FactureFournisseur extends CommonInvoice $sql = 'SELECT ff.rowid, ff.date_lim_reglement as datefin, ff.fk_statut'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE ff.paye=0'; @@ -2421,7 +2421,7 @@ class FactureFournisseur extends CommonInvoice if ($user->socid) { $sql .= ' AND ff.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2767,7 +2767,7 @@ class FactureFournisseur extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php index b4956ea706f..4d93f6d3818 100644 --- a/htdocs/fourn/commande/index.php +++ b/htdocs/fourn/commande/index.php @@ -67,7 +67,7 @@ print '
'; $sql = "SELECT count(cf.rowid) as nb, fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as cf"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.fk_soc = s.rowid"; @@ -75,7 +75,7 @@ $sql .= " AND cf.entity IN (".getEntity('supplier_order').")"; if ($user->socid) { $sql .= ' AND cf.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cf.fk_statut"; @@ -176,7 +176,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql = "SELECT c.rowid, c.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -185,7 +185,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU if (!empty($socid)) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -283,7 +283,7 @@ $max = 5; $sql = "SELECT c.rowid, c.ref, c.fk_statut as status, c.tms, c.billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -292,7 +292,7 @@ $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; if (!empty($socid)) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -355,12 +355,12 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid"; $sql.=" FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity IN (".getEntity("supplier_order").")"; $sql.= " AND c.fk_statut = 1"; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); -if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); +if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); diff --git a/htdocs/fourn/commande/info.php b/htdocs/fourn/commande/info.php index aeb17c25035..bb8dc302b1c 100644 --- a/htdocs/fourn/commande/info.php +++ b/htdocs/fourn/commande/info.php @@ -74,7 +74,7 @@ if ($user->socid) { } $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande'); -if (!$user->rights->fournisseur->commande->lire) { +if (empty($user->rights->fournisseur->commande->lire)) { accessforbidden(); } diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index bef5289c791..419e75b55aa 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -777,7 +777,7 @@ if ($search_product_category > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON cf.fk_user_author = u.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = cf.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -792,7 +792,7 @@ $sql .= ' AND cf.entity IN ('.getEntity('supplier_order').')'; if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/fourn/contact.php b/htdocs/fourn/contact.php index 9fd4dd30b26..cabf726beee 100644 --- a/htdocs/fourn/contact.php +++ b/htdocs/fourn/contact.php @@ -64,18 +64,18 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; */ $sql = "SELECT s.rowid as socid, s.nom as name, st.libelle as stcomm, p.rowid as cidp, p.lastname, p.firstname, p.email, p.phone"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."socpeople as p, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.rowid = p.fk_soc"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index a325f9db780..6c133c9b5a1 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -461,7 +461,7 @@ if ($search_product_category > 0) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user AS u ON f.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = f.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -474,7 +474,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object $sql .= $hookmanager->resPrint; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.entity IN ('.getEntity('facture_fourn').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_product_category > 0) { diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index 1cc1a86fe4a..a29473eefd2 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -360,16 +360,16 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie $sql = 'SELECT s.nom as name, s.rowid as socid,'; $sql .= ' f.rowid, f.ref, f.ref_supplier, f.total_ttc as total, f.fk_mode_reglement, f.fk_account'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'facture_fourn as f'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.rowid = '.((int) $facid); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); diff --git a/htdocs/fourn/facture/rapport.php b/htdocs/fourn/facture/rapport.php index fe2bb78008d..59b92f349c0 100644 --- a/htdocs/fourn/facture/rapport.php +++ b/htdocs/fourn/facture/rapport.php @@ -46,7 +46,7 @@ if ($user->socid > 0) { } $dir = $conf->fournisseur->facture->dir_output.'/payments'; -if (!$user->rights->societe->client->voir || $socid) { +if (empty($user->rights->societe->client->voir) || $socid) { $dir .= '/private/'.$user->id; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/fourn/index.php b/htdocs/fourn/index.php index 44a689fcd80..7dfd17495c3 100644 --- a/htdocs/fourn/index.php +++ b/htdocs/fourn/index.php @@ -60,11 +60,11 @@ print '
'; $sql = "SELECT count(cf.rowid), cf.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE cf.fk_soc = s.rowid "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; @@ -106,11 +106,11 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE cf.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; @@ -162,11 +162,11 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S $sql .= ", s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND ff.entity = ".$conf->entity; @@ -241,13 +241,13 @@ if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/fourn/paiement/list.php b/htdocs/fourn/paiement/list.php index 96af99d3f06..c4e18d50f90 100644 --- a/htdocs/fourn/paiement/list.php +++ b/htdocs/fourn/paiement/list.php @@ -177,7 +177,7 @@ $sql = 'SELECT p.rowid, p.ref, p.datep, p.amount as pamount, p.num_paiement'; $sql .= ', s.rowid as socid, s.nom as name, s.email'; $sql .= ', c.code as paiement_type, c.libelle as paiement_libelle'; $sql .= ', ba.rowid as bid, ba.label'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', sc.fk_soc, sc.fk_user'; } $sql .= ', SUM(pf.amount)'; @@ -189,12 +189,12 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement AS c ON p.fk_paiement = c.id'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON s.rowid = f.fk_soc'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', '.MAIN_DB_PREFIX.'societe_commerciaux as sc'; } $sql .= ' WHERE f.entity = '.$conf->entity; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($socid > 0) { @@ -233,7 +233,7 @@ if ($search_all) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; $sql .= ' GROUP BY p.rowid, p.ref, p.datep, p.amount, p.num_paiement, s.rowid, s.nom, s.email, c.code, c.libelle, ba.rowid, ba.label'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', sc.fk_soc, sc.fk_user'; } diff --git a/htdocs/hrm/evaluation_agenda.php b/htdocs/hrm/evaluation_agenda.php index 8524f6df3d9..91a0615bc95 100644 --- a/htdocs/hrm/evaluation_agenda.php +++ b/htdocs/hrm/evaluation_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/evaluation_card.php b/htdocs/hrm/evaluation_card.php index 64b54b4c80b..2716bbf8a83 100644 --- a/htdocs/hrm/evaluation_card.php +++ b/htdocs/hrm/evaluation_card.php @@ -25,57 +25,8 @@ * \brief Page to create/edit/view evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; diff --git a/htdocs/hrm/evaluation_contact.php b/htdocs/hrm/evaluation_contact.php index 540154b77ef..61af793b28a 100644 --- a/htdocs/hrm/evaluation_contact.php +++ b/htdocs/hrm/evaluation_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/evaluation_document.php b/htdocs/hrm/evaluation_document.php index 06cbd7a621a..7318819644e 100644 --- a/htdocs/hrm/evaluation_document.php +++ b/htdocs/hrm/evaluation_document.php @@ -25,57 +25,9 @@ * \brief Tab for documents linked to Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/evaluation_list.php b/htdocs/hrm/evaluation_list.php index a713b37ca48..35189f11b87 100644 --- a/htdocs/hrm/evaluation_list.php +++ b/htdocs/hrm/evaluation_list.php @@ -25,57 +25,9 @@ * \brief List page for evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; diff --git a/htdocs/hrm/evaluation_note.php b/htdocs/hrm/evaluation_note.php index aae7b56acaf..1b6b5a35564 100644 --- a/htdocs/hrm/evaluation_note.php +++ b/htdocs/hrm/evaluation_note.php @@ -25,57 +25,8 @@ * \brief Tab for notes on Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/evaluation.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_evaluation.lib.php'; @@ -86,7 +37,7 @@ $langs->loadLangs(array("hrm", "companies")); // Get parameters $id = GETPOST('id', 'int'); -$ref = GETPOST('ref', 'alpha'); +$ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'aZ09'); $backtopage = GETPOST('backtopage', 'alpha'); diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index ec7ba9b74e3..ac9d01035af 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -189,7 +189,7 @@ if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { if (empty($user->rights->holiday->readall)) { $sql .= ' AND x.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -264,13 +264,13 @@ if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->lire) $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.email, u.statut as user_status, u.photo,"; $sql .= " x.rowid, x.ref, x.date_debut as date, x.tms as dm, x.total_ttc, x.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport as x, ".MAIN_DB_PREFIX."user as u"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE u.rowid = x.fk_user_author"; $sql .= " AND x.entity = ".$conf->entity; if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)) { $sql .= ' AND x.fk_user_author IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -339,11 +339,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql.= " rp.rowid as jobid, rp.ref as jobref, rp.label"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as rp ON rc.fk_recruitmentjobposition = rp.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentcandidature->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND rp.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/hrm/job_agenda.php b/htdocs/hrm/job_agenda.php index 77dd464a7f0..d7772763d8d 100644 --- a/htdocs/hrm/job_agenda.php +++ b/htdocs/hrm/job_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/job_card.php b/htdocs/hrm/job_card.php index 19b40048f7b..23343c5c09b 100644 --- a/htdocs/hrm/job_card.php +++ b/htdocs/hrm/job_card.php @@ -25,61 +25,9 @@ * \brief Page to create/edit/view job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; diff --git a/htdocs/hrm/job_contact.php b/htdocs/hrm/job_contact.php index cbc961d3f9e..67da8ecfd91 100644 --- a/htdocs/hrm/job_contact.php +++ b/htdocs/hrm/job_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/job_document.php b/htdocs/hrm/job_document.php index a32f02915e9..a055fbbc325 100644 --- a/htdocs/hrm/job_document.php +++ b/htdocs/hrm/job_document.php @@ -25,57 +25,8 @@ * \brief Tab for documents linked to Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/job_list.php b/htdocs/hrm/job_list.php index ebd4535e6e7..55363d729b5 100644 --- a/htdocs/hrm/job_list.php +++ b/htdocs/hrm/job_list.php @@ -25,57 +25,9 @@ * \brief List page for job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; diff --git a/htdocs/hrm/job_note.php b/htdocs/hrm/job_note.php index 85a1cd1dc84..7205afec247 100644 --- a/htdocs/hrm/job_note.php +++ b/htdocs/hrm/job_note.php @@ -25,57 +25,9 @@ * \brief Tab for notes on Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/job.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_job.lib.php'; diff --git a/htdocs/hrm/position_agenda.php b/htdocs/hrm/position_agenda.php index 670ec51304b..b3b68d9bcbc 100644 --- a/htdocs/hrm/position_agenda.php +++ b/htdocs/hrm/position_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/position_card.php b/htdocs/hrm/position_card.php index 8cb8ba9de8c..4e003372a1c 100644 --- a/htdocs/hrm/position_card.php +++ b/htdocs/hrm/position_card.php @@ -25,61 +25,9 @@ * \brief Page to create/edit/view position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; diff --git a/htdocs/hrm/position_contact.php b/htdocs/hrm/position_contact.php index 56a4fc8ff8f..a7246e3a82b 100644 --- a/htdocs/hrm/position_contact.php +++ b/htdocs/hrm/position_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/position_document.php b/htdocs/hrm/position_document.php index 1ae41c193ab..7a820310ee2 100644 --- a/htdocs/hrm/position_document.php +++ b/htdocs/hrm/position_document.php @@ -25,57 +25,8 @@ * \brief Tab for documents linked to Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/position_list.php b/htdocs/hrm/position_list.php index 3877a6ea14d..d6ed72c2612 100644 --- a/htdocs/hrm/position_list.php +++ b/htdocs/hrm/position_list.php @@ -25,57 +25,9 @@ * \brief List page for position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; diff --git a/htdocs/hrm/position_note.php b/htdocs/hrm/position_note.php index 81548761326..1eea4b82676 100644 --- a/htdocs/hrm/position_note.php +++ b/htdocs/hrm/position_note.php @@ -26,57 +26,9 @@ * \brief Tab for notes on Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/position.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_position.lib.php'; diff --git a/htdocs/hrm/skill_agenda.php b/htdocs/hrm/skill_agenda.php index 0b854ccb028..9c1821fb8d7 100644 --- a/htdocs/hrm/skill_agenda.php +++ b/htdocs/hrm/skill_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/skill_card.php b/htdocs/hrm/skill_card.php index 2a5b58cd788..3b649ebf485 100644 --- a/htdocs/hrm/skill_card.php +++ b/htdocs/hrm/skill_card.php @@ -25,62 +25,9 @@ * \brief Page to create/edit/view skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} - +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formprojet.class.php'; diff --git a/htdocs/hrm/skill_contact.php b/htdocs/hrm/skill_contact.php index a535e00696b..f8ea2a04a9f 100644 --- a/htdocs/hrm/skill_contact.php +++ b/htdocs/hrm/skill_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/skill_document.php b/htdocs/hrm/skill_document.php index ca13044f712..77f3325de15 100644 --- a/htdocs/hrm/skill_document.php +++ b/htdocs/hrm/skill_document.php @@ -25,57 +25,9 @@ * \brief Tab for documents linked to skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/skill_list.php b/htdocs/hrm/skill_list.php index fc2998d046a..1fc5440e589 100644 --- a/htdocs/hrm/skill_list.php +++ b/htdocs/hrm/skill_list.php @@ -25,57 +25,9 @@ * \brief List page for skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; diff --git a/htdocs/hrm/skill_note.php b/htdocs/hrm/skill_note.php index 000c5e1b41b..1510f746e5e 100644 --- a/htdocs/hrm/skill_note.php +++ b/htdocs/hrm/skill_note.php @@ -25,57 +25,9 @@ * \brief Tab for notes on skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/skill.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_skill.lib.php'; diff --git a/htdocs/hrm/skill_tab.php b/htdocs/hrm/skill_tab.php index 2aada2a771e..9a9ea39e31d 100644 --- a/htdocs/hrm/skill_tab.php +++ b/htdocs/hrm/skill_tab.php @@ -25,61 +25,10 @@ * \brief Page to add/delete/view skill to jobs/users */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification + // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; diff --git a/htdocs/knowledgemanagement/knowledgerecord_card.php b/htdocs/knowledgemanagement/knowledgerecord_card.php index 8af0431f361..f94dee0003c 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_card.php +++ b/htdocs/knowledgemanagement/knowledgerecord_card.php @@ -418,7 +418,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } // Clone - print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&token='.newToken().'&object=scrumsprint', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=clone&token='.newToken().'&object=scrumsprint', '', $permissiontoadd); /* if ($permissiontoadd) { diff --git a/htdocs/langs/fr_FR/categories.lang b/htdocs/langs/fr_FR/categories.lang index 62bb2267283..3789fd970a1 100644 --- a/htdocs/langs/fr_FR/categories.lang +++ b/htdocs/langs/fr_FR/categories.lang @@ -89,6 +89,11 @@ CategorieRecursiv=Lier automatiquement avec le(a) tag/catégorie parent(e) CategorieRecursivHelp=Si l'option est activé, quand un produit est ajouté dans une sous-catégorie, le produit sera ajouté aussi dans la catégorie parente. AddProductServiceIntoCategory=Ajouter le produit/service suivant AddCustomerIntoCategory=Assigner cette catégorie au client +AddMemberIntoCategory=Assigner cette catégorie au membre +AddContactIntoCategory=Assigner cette catégorie au contact +AddUserIntoCategory=Assigner cette catégorie à l'utilisateur +AddProjectIntoCategory=Assigner cette catégorie au projet +AddAccountIntoCategory=Assigner cette catégorie au compte AddTicketIntoCategory=Assigner cette catégorie au ticket AddSupplierIntoCategory=Assigner cette catégorie au fournisseur ShowCategory=Afficher tag/catégorie diff --git a/htdocs/margin/customerMargins.php b/htdocs/margin/customerMargins.php index 6861f67db0d..7fe151b93f7 100644 --- a/htdocs/margin/customerMargins.php +++ b/htdocs/margin/customerMargins.php @@ -229,14 +229,14 @@ if (!empty($TSelectedCats)) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_product as cp ON cp.fk_product=d.fk_product'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND f.fk_statut NOT IN (".$db->sanitize(implode(', ', $invoice_status_except_list)).")"; diff --git a/htdocs/margin/tabs/productMargins.php b/htdocs/margin/tabs/productMargins.php index 3b14f1db808..062462be267 100644 --- a/htdocs/margin/tabs/productMargins.php +++ b/htdocs/margin/tabs/productMargins.php @@ -139,7 +139,7 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " f.rowid as facid, f.ref, f.total_ht,"; $sql .= " f.datef, f.paye, f.fk_statut as statut, f.type,"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " sum(d.total_ht) as selling_price,"; // may be negative or positive @@ -149,7 +149,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."facturedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -157,7 +157,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND d.fk_facture = f.rowid"; $sql .= " AND d.fk_product = ".((int) $object->id); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { @@ -170,7 +170,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.buy_price_ht <> 0"; } $sql .= " GROUP BY s.nom, s.rowid, s.code_client, f.rowid, f.ref, f.total_ht, f.datef, f.paye, f.fk_statut, f.type"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/opensurvey/list.php b/htdocs/opensurvey/list.php index 3dc42def482..b05abe3fd40 100644 --- a/htdocs/opensurvey/list.php +++ b/htdocs/opensurvey/list.php @@ -107,7 +107,8 @@ $arrayfields = dol_sort_array($arrayfields, 'position'); $permissiontoread = $user->rights->opensurvey->read; $permissiontoadd = $user->rights->opensurvey->write; -$permissiontodelete = $user->rights->opensurvey->delete; +// permission delete doesn't exists +$permissiontodelete = $user->rights->opensurvey->write; /* diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 932a57d0885..9232dc419b4 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -418,10 +418,10 @@ if ($result || empty($id)) { if ($graphfiles == 'proposals_suppliers' && !$user->rights->supplier_proposal->lire) { continue; } - if ($graphfiles == 'invoices_suppliers' && !$user->rights->fournisseur->facture->lire) { + if ($graphfiles == 'invoices_suppliers' && empty($user->rights->fournisseur->facture->lire)) { continue; } - if ($graphfiles == 'orders_suppliers' && !$user->rights->fournisseur->commande->lire) { + if ($graphfiles == 'orders_suppliers' && empty($user->rights->fournisseur->commande->lire)) { continue; } if ($graphfiles == 'mrp' && empty($user->rights->mrp->mo->read)) { diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 623306536b7..abfd329dfa4 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -139,13 +139,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, c.rowid, d.total_ht as total_ht, c.ref,"; $sql .= " c.ref_client,"; $sql .= " c.date_commande, c.fk_statut as statut, c.facture, c.rowid as commandeid, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."commandedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -158,7 +158,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index fd64a1c0572..d9d81ad70dc 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -140,13 +140,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " c.rowid, d.total_ht as total_ht, c.ref,"; $sql .= " c.date_commande, c.fk_statut as statut, c.rowid as commandeid, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseurdet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index 65302ef2c7d..e44619d1b19 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -134,7 +134,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " c.rowid as rowid, c.ref, c.ref_customer, c.ref_supplier, c.date_contrat, c.statut as statut,"; $sql .= " s.nom as name, s.rowid as socid, s.code_client"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; @@ -143,7 +143,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract').")"; $sql .= " AND cd.fk_product = ".((int) $product->id); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index b3e5571ac5a..8da6e97f55c 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -156,13 +156,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " f.ref, f.datef, f.paye, f.type, f.fk_statut as statut, f.rowid as facid,"; $sql .= " d.rowid, d.total_ht as total_ht, d.qty"; // We must keep the d.rowid here to not loose record because of the distinct used to ignore duplicate line when link on societe_commerciaux is used - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."facturedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -175,7 +175,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 212674582f9..d61b6de9491 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -139,13 +139,13 @@ if ($id > 0 || !empty($ref)) { if ($user->rights->fournisseur->facture->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, d.rowid, d.total_ht as line_total_ht,"; $sql .= " f.rowid as facid, f.ref, f.ref_supplier, f.datef, f.libelle as label, f.total_ht, f.total_ttc, f.total_tva, f.paye, f.fk_statut as statut, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn_det as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -158,7 +158,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index b83d0368b75..068184feb7e 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -141,13 +141,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; $sql .= " p.ref_client,"; $sql .= "p.datep, p.fk_statut as statut, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."propaldet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -160,7 +160,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index d583d58bff8..ab02e51fa57 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -140,13 +140,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; //$sql .= " p.ref_supplier,"; $sql .= "p.date_valid, p.fk_statut as statut, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposaldet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stock/replenishorders.php b/htdocs/product/stock/replenishorders.php index 01a7e2dd1a3..a0138743f20 100644 --- a/htdocs/product/stock/replenishorders.php +++ b/htdocs/product/stock/replenishorders.php @@ -122,7 +122,7 @@ $sql .= ' cf.rowid, cf.ref, cf.fk_statut, cf.total_ttc, cf.fk_user_author,'; $sql .= ' u.login'; $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande_fournisseur as cf'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON cf.fk_user_author = u.rowid'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ', '.MAIN_DB_PREFIX.'societe_commerciaux as sc'; } $sql .= ' WHERE cf.fk_soc = s.rowid '; @@ -134,7 +134,7 @@ if ($conf->global->STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER) { } else { $sql .= ' AND cf.fk_statut < 5'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($sref) { diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index 240552ecc48..7e84683d5b3 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -2142,7 +2142,7 @@ class Task extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; } $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; @@ -2156,7 +2156,7 @@ class Task extends CommonObject if ($socid) { $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id).") OR (s.rowid IS NULL))"; } diff --git a/htdocs/projet/class/taskstats.class.php b/htdocs/projet/class/taskstats.class.php index 594ad38d723..a5b088f01e8 100644 --- a/htdocs/projet/class/taskstats.class.php +++ b/htdocs/projet/class/taskstats.class.php @@ -59,7 +59,7 @@ class TaskStats extends Stats $sql = "SELECT"; $sql .= " COUNT(t.rowid), t.priority"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); @@ -118,7 +118,7 @@ class TaskStats extends Stats $sql = "SELECT date_format(t.datec,'%Y') as year, COUNT(t.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); @@ -180,7 +180,7 @@ class TaskStats extends Stats $sql = "SELECT date_format(t.datec,'%m') as dm, COUNT(t.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php index 213691f4e25..9998906601d 100644 --- a/htdocs/projet/index.php +++ b/htdocs/projet/index.php @@ -200,7 +200,7 @@ print_projecttasks_array($db, $form, $socid, $projectsListId, 0, 0, $listofoppst print '
'; // Latest modified projects -$sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut as status, p.tms as datem"; +$sql = "SELECT p.rowid, p.ref, p.title, p.dateo, p.datee, p.fk_statut as status, p.tms as datem"; $sql .= ", s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; @@ -239,8 +239,6 @@ if ($resql) { $projectstatic->id = $obj->rowid; $projectstatic->ref = $obj->ref; $projectstatic->title = $obj->title; - $projectstatic->dateo = $obj->dateo; - $projectstatic->datep = $obj->datep; $projectstatic->thirdparty_name = $obj->name; $projectstatic->status = $obj->status; diff --git a/htdocs/reception/class/receptionstats.class.php b/htdocs/reception/class/receptionstats.class.php index 4055d5d5dfe..872d6845a96 100644 --- a/htdocs/reception/class/receptionstats.class.php +++ b/htdocs/reception/class/receptionstats.class.php @@ -70,7 +70,7 @@ class ReceptionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -93,7 +93,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -117,7 +117,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -138,7 +138,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/reception/index.php b/htdocs/reception/index.php index 948489aa843..965e3f12082 100644 --- a/htdocs/reception/index.php +++ b/htdocs/reception/index.php @@ -86,7 +86,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."reception as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'reception'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur as c ON el.fk_source = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; @@ -151,11 +151,11 @@ $sql .= " FROM ".MAIN_DB_PREFIX."reception as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'reception' AND el.sourcetype IN ('order_supplier')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur as c ON el.fk_source = c.rowid AND el.sourcetype IN ('order_supplier') AND el.targettype = 'reception'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('reception').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = 1"; @@ -212,7 +212,7 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.ref_supplier as ref_supplier, c.fk_statut as status, c.billed as billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -221,7 +221,7 @@ $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".Comma if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; diff --git a/htdocs/reception/list.php b/htdocs/reception/list.php index 7e8e2e725ca..5a6db5b53b1 100644 --- a/htdocs/reception/list.php +++ b/htdocs/reception/list.php @@ -488,7 +488,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_ty $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as ee ON e.rowid = ee.fk_source AND ee.sourcetype = 'reception' AND ee.targettype = 'delivery'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."delivery as l ON l.rowid = ee.fk_target"; -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -498,7 +498,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters); // Not $sql .= $hookmanager->resPrint; $sql .= " WHERE e.entity IN (".getEntity('reception').")"; -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; $sql .= " AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/reception/stats/index.php b/htdocs/reception/stats/index.php index 61098e74322..3e8ccb7f017 100644 --- a/htdocs/reception/stats/index.php +++ b/htdocs/reception/stats/index.php @@ -70,7 +70,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/receptionsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/receptionsnbinyear-'.$year.'.png'; @@ -105,7 +105,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/receptionsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -143,7 +143,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/receptionsaverage-'.$user->id.'-'.$year.'.png'; } diff --git a/htdocs/recruitment/recruitmentindex.php b/htdocs/recruitment/recruitmentindex.php index 5473572f842..c0e5449b649 100644 --- a/htdocs/recruitment/recruitmentindex.php +++ b/htdocs/recruitment/recruitmentindex.php @@ -331,11 +331,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT s.rowid, s.ref, s.label, s.date_creation, s.tms, s.status, COUNT(rc.rowid) as nbapplications"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc ON rc.fk_recruitmentjobposition = s.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -402,11 +402,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT rc.rowid, rc.ref, rc.email, rc.lastname, rc.firstname, rc.date_creation, rc.tms, rc.status"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s ON rc.fk_recruitmentjobposition = s.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/salaries/admin/salaries.php b/htdocs/salaries/admin/salaries.php index f8ed3f3f7ce..1c9eeec6464 100644 --- a/htdocs/salaries/admin/salaries.php +++ b/htdocs/salaries/admin/salaries.php @@ -120,7 +120,7 @@ foreach ($list as $key) { // Value print ''; if (!empty($conf->accounting->enabled)) { - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); } else { print ''; } diff --git a/htdocs/societe/class/client.class.php b/htdocs/societe/class/client.class.php index 91e8cbc290b..4e55a914339 100644 --- a/htdocs/societe/class/client.class.php +++ b/htdocs/societe/class/client.class.php @@ -64,7 +64,7 @@ class Client extends Societe $sql = "SELECT count(s.rowid) as nb, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 460ee6d798a..416c16e46a3 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2703,7 +2703,7 @@ class Societe extends CommonObject $linkend = ''; global $user; - if (!$user->rights->societe->client->voir && $user->socid > 0 && $this->id != $user->socid) { + if (empty($user->rights->societe->client->voir) && $user->socid > 0 && $this->id != $user->socid) { $linkstart = ''; $linkend = ''; } diff --git a/htdocs/societe/index.php b/htdocs/societe/index.php index de3bae16627..422ec5c8552 100644 --- a/htdocs/societe/index.php +++ b/htdocs/societe/index.php @@ -94,17 +94,17 @@ $total = 0; $sql = "SELECT s.rowid, s.client, s.fournisseur"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur <> 1 OR s.client <> 0)"; // client=0, fournisseur=0 must be visible } //print $sql; @@ -277,17 +277,17 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur != 1 OR s.client != 0)"; } $sql .= $db->order("s.tms", "DESC"); diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index ab567733959..7013acdae56 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -520,7 +520,7 @@ if (empty($user->rights->societe->client->voir) && !$socid) { if ($search_sale && $search_sale != '-1' && $search_sale != '-2') { $sql .= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur <> 1 OR s.client <> 0)"; // client=0, fournisseur=0 must be visible } if ($search_sale == -2) { diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index de73b7a0296..907c3bf26c3 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1935,17 +1935,17 @@ class SupplierProposal extends CommonObject $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " p.rowid as supplier_proposalid, p.fk_statut, p.total_ht, p.ref, p.remise, "; $sql .= " p.datep as dp, p.fin_validite as datelimite"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as p, ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -2218,7 +2218,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -2375,7 +2375,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/supplier_proposal/index.php b/htdocs/supplier_proposal/index.php index ac937fe480d..04eff4ce896 100644 --- a/htdocs/supplier_proposal/index.php +++ b/htdocs/supplier_proposal/index.php @@ -66,7 +66,7 @@ print '
'; $sql = "SELECT count(p.rowid), p.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposal as p"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -74,7 +74,7 @@ $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (0,1,2,3,4)"; @@ -166,7 +166,7 @@ if (!empty($conf->supplier_proposal->enabled)) { $sql = "SELECT c.rowid, c.ref, s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -175,7 +175,7 @@ if (!empty($conf->supplier_proposal->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -224,7 +224,7 @@ $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as socname, s.rowid as socid, $sql .= " date_cloture as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -233,7 +233,7 @@ $sql .= " AND c.entity = ".$conf->entity; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -305,13 +305,13 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa $sql = "SELECT s.nom as socname, s.rowid as socid, s.canvas, s.client, p.rowid as supplier_proposalid, p.total_ttc, p.total_tva, p.total_ht, p.ref, p.fk_statut, p.datec as dp"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND p.fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index 71cd1c1fa69..d34d3ae01e0 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -299,7 +299,7 @@ $sql .= ' sp.rowid, sp.note_public, sp.note_private, sp.total_ht, sp.total_tva, $sql .= ' sp.fk_multicurrency, sp.multicurrency_code, sp.multicurrency_tx, sp.multicurrency_total_ht, sp.multicurrency_total_tva as multicurrency_total_vat, sp.multicurrency_total_ttc,'; $sql .= ' sp.datec as date_creation, sp.tms as date_update,'; $sql .= " p.rowid as project_id, p.ref as project_ref,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " u.firstname, u.lastname, u.photo, u.login"; @@ -330,7 +330,7 @@ if ($search_product_category > 0) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON sp.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = sp.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -339,7 +339,7 @@ if ($search_user > 0) { } $sql .= ' WHERE sp.fk_soc = s.rowid'; $sql .= ' AND sp.entity IN ('.getEntity('supplier_proposal').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_town) { diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 2fad1afd8ab..ed134296e76 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -589,6 +589,7 @@ class Ticket extends CommonObject $obj = $this->db->fetch_object($resql); $this->id = $obj->rowid; + $this->entity = $obj->entity; $this->ref = $obj->ref; $this->track_id = $obj->track_id; $this->fk_soc = $obj->fk_soc; @@ -704,7 +705,7 @@ class Ticket extends CommonObject if (is_array($extrafields->attributes[$this->table_element]['label']) && count($extrafields->attributes[$this->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."ticket_extrafields as ef on (t.rowid = ef.fk_object)"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -728,7 +729,7 @@ class Ticket extends CommonObject } } } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } elseif ($user->socid) { $sql .= " AND t.fk_soc = ".((int) $user->socid); @@ -2850,7 +2851,7 @@ class Ticket extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$user->socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -2916,7 +2917,7 @@ class Ticket extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/ticket/index.php b/htdocs/ticket/index.php index 315e93f153f..bf3f6601754 100644 --- a/htdocs/ticket/index.php +++ b/htdocs/ticket/index.php @@ -148,13 +148,13 @@ $tick = array( $sql = "SELECT t.fk_statut, COUNT(t.fk_statut) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as t"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE t.entity IN ('.getEntity('ticket').')'; $sql .= dolSqlDateFilter('datec', 0, 0, $endyear); -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -319,13 +319,13 @@ $sql .= " FROM ".MAIN_DB_PREFIX."ticket as t"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_ticket_type as type ON type.code=t.type_code"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_ticket_category as category ON category.code=t.category_code"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_ticket_severity as severity ON severity.code=t.severity_code"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE t.entity IN ('.getEntity('ticket').')'; $sql .= " AND t.fk_statut=0"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND t.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/ticket/stats/index.php b/htdocs/ticket/stats/index.php index 6e87cd42854..1a50d709514 100644 --- a/htdocs/ticket/stats/index.php +++ b/htdocs/ticket/stats/index.php @@ -82,7 +82,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/ticketsnbinyear-'.$user->id.'-'.$year.'.png'; $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=ticketstats&file=ticketsnbinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -118,7 +118,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/ticketsamountinyear-'.$user->id.'-'.$year.'.png'; $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=ticketstats&file=ticketsamountinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -152,7 +152,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ticketsaverage-'.$user->id.'-'.$year.'.png'; $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=ticketstats&file=ticketsaverage-'.$user->id.'-'.$year.'.png'; } else { diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 67269a5654b..daba6ab88ad 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -2036,7 +2036,11 @@ if ($action == 'create' || $action == 'adduserldap') { // Civility print ''; - print $formcompany->select_civility(GETPOSTISSET("civility_code") ? GETPOST("civility_code", 'aZ09') : $object->civility_code, 'civility_code'); + if ($caneditfield && !$object->ldap_sid) { + print $formcompany->select_civility(GETPOSTISSET("civility_code") ? GETPOST("civility_code", 'aZ09') : $object->civility_code, 'civility_code'); + } elseif ($object->civility_code) { + print $langs->trans("Civility".$object->civility_code); + } print ''; // Lastname