Fix add action delete* as sensitive action
This commit is contained in:
Laurent Destailleur
parent
8bdc53f469
commit
0749d01c5a
@ -820,7 +820,7 @@ if ($resql) {
|
||||
if ($iserasable) {
|
||||
print '<td class="center">';
|
||||
if ($user->admin) {
|
||||
print '<a href="'.$url.'action=delete">'.img_delete().'</a>';
|
||||
print '<a href="'.$url.'action=delete&token='.newtoken().'">'.img_delete().'</a>';
|
||||
}
|
||||
//else print '<a href="#">'.img_delete().'</a>'; // Some dictionary can be edited by other profile than admin
|
||||
print '</td>';
|
||||
|
||||
@ -125,15 +125,15 @@ if (empty($user->socid)) {
|
||||
echo '<div class="tabsAction">';
|
||||
|
||||
if ($user->rights->adherent->creer) {
|
||||
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
|
||||
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&token='.newtoken().'&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
|
||||
}
|
||||
|
||||
if (!$this->control->tpl['user_id'] && $user->rights->user->user->creer) {
|
||||
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&token='.newtoken().'&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
|
||||
if ($user->rights->adherent->supprimer) {
|
||||
echo '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
|
||||
echo '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&token='.newtoken().'&canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
echo '</div><br>';
|
||||
|
||||
@ -350,15 +350,15 @@ if ($mode == 'config' && $user->admin) {
|
||||
print '<td>'.$langs->trans($printer->listprinters[$line]['fk_profile_name']).'</td>';
|
||||
print '<td>'.$printer->listprinters[$line]['parameter'].'</td>';
|
||||
// edit icon
|
||||
print '<td class="right"><a class="editfielda marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=editprinter&printerid='.$printer->listprinters[$line]['rowid'].'">';
|
||||
print '<td class="right"><a class="editfielda marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=editprinter&token='.newtoken().'&printerid='.$printer->listprinters[$line]['rowid'].'">';
|
||||
print img_picto($langs->trans("Edit"), 'edit');
|
||||
print '</a>';
|
||||
// delete icon
|
||||
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=deleteprinter&token='.newToken().'&printerid='.$printer->listprinters[$line]['rowid'].'&printername='.$printer->listprinters[$line]['name'].'">';
|
||||
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=deleteprinter&token='.newToken().'&printerid='.$printer->listprinters[$line]['rowid'].'&printername='.urlencode($printer->listprinters[$line]['name']).'">';
|
||||
print img_picto($langs->trans("Delete"), 'delete');
|
||||
print '</a>';
|
||||
// test icon
|
||||
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=testprinter&token='.newToken().'&printerid='.$printer->listprinters[$line]['rowid'].'&printername='.$printer->listprinters[$line]['name'].'">';
|
||||
print '<a class="marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=config&action=testprinter&token='.newToken().'&printerid='.$printer->listprinters[$line]['rowid'].'&printername='.urlencode($printer->listprinters[$line]['name']).'">';
|
||||
print img_picto($langs->trans("TestPrinter"), 'printer');
|
||||
print '</a></td>';
|
||||
print '</tr>';
|
||||
@ -438,15 +438,15 @@ if ($mode == 'template' && $user->admin) {
|
||||
print '<td>'.$printer->listprinterstemplates[$line]['name'].'</td>';
|
||||
print '<td>'.dol_htmlentitiesbr($printer->listprinterstemplates[$line]['template']).'</td>';
|
||||
// edit icon
|
||||
print '<td><a class="editfielda paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=edittemplate&templateid='.$printer->listprinterstemplates[$line]['rowid'].'">';
|
||||
print '<td><a class="editfielda paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=edittemplate&token='.newtoken().'&templateid='.$printer->listprinterstemplates[$line]['rowid'].'">';
|
||||
print img_picto($langs->trans("Edit"), 'edit');
|
||||
print '</a>';
|
||||
// delete icon
|
||||
print '<a class="paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=deletetemplate&templateid='.$printer->listprinterstemplates[$line]['rowid'].'&templatename='.$printer->listprinterstemplates[$line]['name'].'">';
|
||||
print '<a class="paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=deletetemplate&token='.newtoken().'&templateid='.$printer->listprinterstemplates[$line]['rowid'].'&templatename='.urlencode($printer->listprinterstemplates[$line]['name']).'">';
|
||||
print img_picto($langs->trans("Delete"), 'delete');
|
||||
print '</a>';
|
||||
// test icon
|
||||
print '<a class="paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=testtemplate&templateid='.$printer->listprinterstemplates[$line]['rowid'].'&templatename='.$printer->listprinterstemplates[$line]['name'].'">';
|
||||
print '<a class="paddingleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?mode=template&action=testtemplate&token='.newtoken().'&templateid='.$printer->listprinterstemplates[$line]['rowid'].'&templatename='.urlencode($printer->listprinterstemplates[$line]['name']).'">';
|
||||
print img_picto($langs->trans("TestPrinterTemplate"), 'printer');
|
||||
print '</a></td>';
|
||||
}
|
||||
|
||||
@ -294,13 +294,13 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
|
||||
if (empty($reshook)) {
|
||||
if ($user->rights->asset->write) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit">'.$langs->trans("Modify").'</a>'."\n";
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newtoken().'">'.$langs->trans("Modify").'</a>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Modify').'</a>'."\n";
|
||||
}
|
||||
|
||||
if ($user->rights->asset->delete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
}
|
||||
|
||||
@ -651,7 +651,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
*/
|
||||
|
||||
if ($permissiontodelete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
}
|
||||
|
||||
@ -129,7 +129,7 @@ if ($this->status == 0 && ($object_rights->write) && $action != 'selectlines') {
|
||||
$coldisplay++;
|
||||
if (($line->fk_prev_id == null) && empty($disableremove)) {
|
||||
//La suppression n'est autorisée que si il n'y a pas de ligne dans une précédente situation
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=deleteline&token='.newToken().'&lineid='.$line->id.'">';
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=deleteline&token='.newToken().'&lineid='.$line->id.'">';
|
||||
print img_delete();
|
||||
print '</a>';
|
||||
}
|
||||
|
||||
@ -313,12 +313,12 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
|
||||
|
||||
// Edit
|
||||
if ($user->rights->bookmark->creer && $action != 'edit') {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").'</a>'."\n";
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").'</a>'."\n";
|
||||
}
|
||||
|
||||
// Remove
|
||||
if ($user->rights->bookmark->supprimer && $action != 'edit') {
|
||||
print '<a class="butActionDelete" href="list.php?bid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="list.php?bid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>'."\n";
|
||||
}
|
||||
|
||||
print '</div>';
|
||||
|
||||
@ -234,7 +234,7 @@ if ($object->id) {
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addthumb&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').' </a>';
|
||||
}
|
||||
if ($user->rights->categorie->creer) {
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
print img_delete().'</a>';
|
||||
}
|
||||
if ($nbbyrow) {
|
||||
|
||||
@ -1011,7 +1011,7 @@ if ($action == 'create') {
|
||||
if ($object->statut > 0 && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !$user->rights->mailing->mailing_advance->delete)) {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("DeleteMailing").'</a>';
|
||||
} else {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$object->id.(!empty($urlfrom) ? '&urlfrom='.$urlfrom : '').'">'.$langs->trans("DeleteMailing").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&token='.newToken().'&id='.$object->id.(!empty($urlfrom) ? '&urlfrom='.$urlfrom : '').'">'.$langs->trans("DeleteMailing").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -2592,13 +2592,13 @@ if ($action == 'create' && $usercancreate) {
|
||||
|
||||
// Cancel order
|
||||
if ($object->statut == Commande::STATUS_VALIDATED && (!empty($usercanclose) || !empty($usercancancel))) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel">'.$langs->trans("Cancel").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel&token='.newtoken().'">'.$langs->trans("Cancel").'</a>';
|
||||
}
|
||||
|
||||
// Delete order
|
||||
if ($usercandelete) {
|
||||
if ($numshipping == 0) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ShippingExist").'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
|
||||
@ -1683,7 +1683,7 @@ if ($resql) {
|
||||
}
|
||||
}
|
||||
if ($user->rights->banque->modifier) {
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&rowid='.$objp->rowid.'&id='.$objp->bankid.'&page='.$page.'">';
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&rowid='.$objp->rowid.'&id='.$objp->bankid.'&page='.$page.'">';
|
||||
print img_delete('', 'class="marginleftonly"');
|
||||
print '</a>';
|
||||
}
|
||||
|
||||
@ -146,8 +146,8 @@ if ($result) {
|
||||
//print '<a href="'.DOL_URL_ROOT.'/compta/bank/budget.php?bid='.$objp->rowid.'">'.$langs->trans("List").'</a>';
|
||||
print '</td>';
|
||||
print '<td class="center">';
|
||||
print '<a class="editfielda reposition marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&action=edit&token='.newToken().'">'.img_edit().'</a>';
|
||||
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&action=delete&token='.newToken().'">'.img_delete().'</a>';
|
||||
print '<a class="editfielda reposition marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&action=edit&token='.newToken().'">'.img_edit().'</a>';
|
||||
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?categid='.$objp->rowid.'&action=delete&token='.newToken().'">'.img_delete().'</a>';
|
||||
print '</td>';
|
||||
}
|
||||
print "</tr>";
|
||||
|
||||
@ -5513,7 +5513,7 @@ if ($action == 'create') {
|
||||
} elseif ($objectidnext) {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("DisabledBecauseReplacedInvoice").'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?facid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?facid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans('Delete').'</a>';
|
||||
|
||||
@ -445,7 +445,7 @@ print '<div class="tabsAction">';
|
||||
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION)) {
|
||||
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '') {
|
||||
if ($user->rights->facture->paiement) {
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&facid='.$objp->facid.'&action=valide">'.$langs->trans('Valid').'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&facid='.$objp->facid.'&action=valide&token='.newtoken().'">'.$langs->trans('Valid').'</a>';
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -453,7 +453,7 @@ if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION)) {
|
||||
if ($user->socid == 0 && $action == '') {
|
||||
if ($user->rights->facture->paiement) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete&token='.newtoken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$title_button.'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -710,11 +710,11 @@ if ($action == 'new') {
|
||||
print '<div class="tabsAction">';
|
||||
|
||||
if ($user->socid == 0 && !empty($object->id) && $object->statut == 0 && $user->rights->banque->cheque) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=valide&token='.newToken().'&sortfield='.$sortfield.'&sortorder='.$sortorder.'">'.$langs->trans('Validate').'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=valide&token='.newToken().'&sortfield='.$sortfield.'&sortorder='.$sortorder.'">'.$langs->trans('Validate').'</a>';
|
||||
}
|
||||
|
||||
if ($user->socid == 0 && !empty($object->id) && $user->rights->banque->cheque) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&sortfield='.$sortfield.'&sortorder='.$sortorder.'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&sortfield='.$sortfield.'&sortorder='.$sortorder.'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
print '</div>';
|
||||
|
||||
|
||||
@ -251,7 +251,7 @@ if (! empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
if ($action == '') {
|
||||
if ($user->rights->tax->charges->supprimer) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentWithOneInvoicePaid")).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -307,7 +307,7 @@ if (! empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
if ($action == '') {
|
||||
if ($user->rights->tax->charges->supprimer) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="card.php?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="card.php?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentVATPaid")).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -777,7 +777,7 @@ if ($id > 0) {
|
||||
|
||||
// Delete
|
||||
if ($user->rights->tax->charges->supprimer && empty($totalpaye)) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.(dol_escape_htmltag($langs->trans("DisabledBecausePayments"))).'">'.$langs->trans("Delete").'</a></div>';
|
||||
}
|
||||
|
||||
@ -139,15 +139,15 @@ if (!empty($this->control->tpl['action_delete'])) {
|
||||
if (empty($user->socid)) {
|
||||
print '<div class="tabsAction">';
|
||||
if ($user->rights->societe->contact->creer) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
|
||||
}
|
||||
|
||||
if (!$this->control->tpl['user_id'] && $user->rights->user->user->creer) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
|
||||
if ($user->rights->societe->contact->supprimer) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
print '</div><br>';
|
||||
|
||||
@ -1546,12 +1546,12 @@ if ($action == 'create') {
|
||||
print '</a>';
|
||||
}
|
||||
if ($user->rights->contrat->creer && ($object->statut >= 0)) {
|
||||
print '<a class="reposition marginrightonly editfielda" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=editline&rowid='.$objp->rowid.'">';
|
||||
print '<a class="reposition marginrightonly editfielda" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=editline&rowid='.$objp->rowid.'">';
|
||||
print img_edit();
|
||||
print '</a>';
|
||||
}
|
||||
if ($user->rights->contrat->creer && ($object->statut >= 0)) {
|
||||
print '<a class="reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=deleteline&token='.newToken().'&rowid='.$objp->rowid.'">';
|
||||
print '<a class="reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=deleteline&token='.newToken().'&rowid='.$objp->rowid.'">';
|
||||
print img_delete();
|
||||
print '</a>';
|
||||
}
|
||||
@ -2103,7 +2103,7 @@ if ($action == 'create') {
|
||||
// - Droit de creer + mode brouillon (erreur creation)
|
||||
// - Droit de supprimer
|
||||
if (($user->rights->contrat->creer && $object->statut == $object::STATUS_DRAFT) || $user->rights->contrat->supprimer) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans("Delete").'</a></div>';
|
||||
}
|
||||
|
||||
@ -8205,10 +8205,10 @@ abstract class CommonObject
|
||||
// Special cas for product
|
||||
if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) {
|
||||
// Link to resize
|
||||
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> ';
|
||||
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> ';
|
||||
|
||||
// Link to delete
|
||||
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
$return .= img_delete().'</a>';
|
||||
}
|
||||
}
|
||||
@ -8234,10 +8234,10 @@ abstract class CommonObject
|
||||
// Special case for product
|
||||
if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) {
|
||||
// Link to resize
|
||||
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> ';
|
||||
$return .= '<a href="'.DOL_URL_ROOT.'/core/photos_resize.php?modulepart='.urlencode('produit|service').'&id='.$this->id.'&file='.urlencode($pdir.$viewfilename).'" title="'.dol_escape_htmltag($langs->trans("Resize")).'">'.img_picto($langs->trans("Resize"), 'resize', '').'</a> ';
|
||||
|
||||
// Link to delete
|
||||
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
|
||||
$return .= img_delete().'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
@ -651,9 +651,9 @@ if ($action == 'create') { // Create. Seems to no be used
|
||||
|
||||
if ($user->rights->expedition->delivery->supprimer) {
|
||||
if ($conf->expedition_bon->enabled) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&expid='.$object->origin_id.'&action=delete&token='.newToken().'&backtopage='.urlencode(DOL_URL_ROOT.'/expedition/card.php?id='.$object->origin_id).'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&expid='.$object->origin_id.'&action=delete&token='.newToken().'&backtopage='.urlencode(DOL_URL_ROOT.'/expedition/card.php?id='.$object->origin_id).'">'.$langs->trans("Delete").'</a>';
|
||||
} else {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -213,7 +213,7 @@ print '<div class="tabsAction">';
|
||||
if (empty($action)) {
|
||||
if ($user->rights->don->supprimer) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentWithOneInvoicePaid")).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -558,16 +558,16 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
if (empty($reshook)) {
|
||||
// Send
|
||||
if (empty($user->socid)) {
|
||||
print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=presend&mode=init#formmailbeforetitle');
|
||||
print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=presend&token='.newtoken().'&mode=init#formmailbeforetitle');
|
||||
}
|
||||
|
||||
print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=edit', '', $permissiontoadd);
|
||||
print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=edit&token='.newtoken().'', '', $permissiontoadd);
|
||||
|
||||
// Clone
|
||||
print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&socid='.$object->socid.'&action=clone&object=scrumsprint', '', $permissiontoadd);
|
||||
print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&socid='.$object->socid.'&action=clone&token='.newtoken().'&object=scrumsprint', '', $permissiontoadd);
|
||||
|
||||
// Delete (need delete permission, or if draft, just need create/modify permission)
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&action=delete&token='.newtoken().'', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
}
|
||||
print '</div>'."\n";
|
||||
}
|
||||
|
||||
@ -643,11 +643,11 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').'&action=edit', '', $permissiontoadd);
|
||||
|
||||
// Clone
|
||||
print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object=scrumsprint', '', $permissiontoadd);
|
||||
print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&token='.newtoken().'&object=scrumsprint', '', $permissiontoadd);
|
||||
|
||||
|
||||
// Delete (need delete permission, or if draft, just need create/modify permission)
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newtoken().'', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
}
|
||||
print '</div>'."\n";
|
||||
}
|
||||
|
||||
@ -2363,10 +2363,10 @@ if ($action == 'create') {
|
||||
} elseif ($object->statut == Expedition::STATUS_DRAFT) {
|
||||
// edit-delete buttons
|
||||
print '<td class="linecoledit center">';
|
||||
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&lineid='.$lines[$i]->id.'">'.img_edit().'</a>';
|
||||
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&token='.newtoken().'&lineid='.$lines[$i]->id.'">'.img_edit().'</a>';
|
||||
print '</td>';
|
||||
print '<td class="linecoldelete" width="10">';
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
|
||||
print '</td>';
|
||||
|
||||
// Display lines extrafields
|
||||
@ -2489,13 +2489,13 @@ if ($action == 'create') {
|
||||
// Cancel
|
||||
if ($object->statut == Expedition::STATUS_VALIDATED) {
|
||||
if ($user->rights->expedition->supprimer) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel">'.$langs->trans("Cancel").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel&token='.newtoken().'">'.$langs->trans("Cancel").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
// Delete
|
||||
if ($user->rights->expedition->supprimer) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -2155,10 +2155,10 @@ if ($action == 'create') {
|
||||
if (($object->status < ExpenseReport::STATUS_VALIDATED || $object->status == ExpenseReport::STATUS_REFUSED) && $user->rights->expensereport->creer) {
|
||||
print '<td class="nowrap right">';
|
||||
|
||||
print '<a class="editfielda reposition paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&token='.newToken().'&rowid='.$line->rowid.'">';
|
||||
print '<a class="editfielda reposition paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&token='.newToken().'&rowid='.$line->rowid.'">';
|
||||
print img_edit();
|
||||
print '</a> ';
|
||||
print '<a class="paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_line&token='.newToken().'&rowid='.$line->rowid.'">';
|
||||
print '<a class="paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_line&token='.newToken().'&rowid='.$line->rowid.'">';
|
||||
print img_delete();
|
||||
print '</a>';
|
||||
|
||||
|
||||
@ -240,7 +240,7 @@ print '<div class="tabsAction">';
|
||||
if ($action == '') {
|
||||
if ($user->rights->expensereport->supprimer) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($title_button).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -2570,7 +2570,7 @@ if ($action == 'create') {
|
||||
if ($hasreception) {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ReceptionExist").'">'.$langs->trans("Delete").'</a>';
|
||||
} else {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -3531,7 +3531,7 @@ if ($action == 'create') {
|
||||
} elseif ($isErasable <= 0) { // Any other cases
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("DisabledBecauseNotErasable").'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete'.($conf->use_javascript_ajax ? ' reposition' : '').'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
}
|
||||
print '</div>';
|
||||
|
||||
@ -345,7 +345,7 @@ if ($result > 0) {
|
||||
if ($user->socid == 0 && $action == '') {
|
||||
if ($user->rights->fournisseur->facture->supprimer) {
|
||||
if ($allow_delete) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$title_button.'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -438,7 +438,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
*/
|
||||
|
||||
// Delete (need delete permission, or if draft, just need create/modify permission)
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newtoken(), '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
|
||||
}
|
||||
print '</div>'."\n";
|
||||
}
|
||||
|
||||
@ -727,12 +727,12 @@ if ($id > 0) {
|
||||
|
||||
// Classify 'paid'
|
||||
if (($object->paid == 0 || $object->paid == 2) && round($staytopay) <= 0 && $user->rights->loan->write) {
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/loan/card.php?id='.$object->id.'&action=paid&token='.newToken().'">'.$langs->trans("ClassifyPaid").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/loan/card.php?id='.$object->id.'&action=paid&token='.newToken().'">'.$langs->trans("ClassifyPaid").'</a></div>';
|
||||
}
|
||||
|
||||
// Delete
|
||||
if (($object->paid == 0 || $object->paid == 2) && $user->rights->loan->delete) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/loan/card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/loan/card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
}
|
||||
|
||||
print "</div>";
|
||||
|
||||
@ -222,7 +222,7 @@ print '<div class="tabsAction">';
|
||||
|
||||
if (empty($action) && !empty($user->rights->loan->delete)) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="card.php?id='.$id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="card.php?id='.$id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentWithOneInvoicePaid")).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -464,10 +464,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
|
||||
// Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request)
|
||||
$arrayofactiontoforcetokencheck = array(
|
||||
'activate', 'add', 'addrights', 'addtimespent',
|
||||
'delete', 'deletecontact', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights',
|
||||
'disable',
|
||||
'doprev', 'donext', 'dvprev', 'dvnext',
|
||||
'enable',
|
||||
'install',
|
||||
'setpricelevel',
|
||||
'update'
|
||||
@ -476,7 +473,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
|
||||
if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) {
|
||||
$sensitiveget = true;
|
||||
}
|
||||
if (preg_match('/^(classify|confirm_|disable_|enable_|setremise)/', GETPOST('action', 'aZ09'))) {
|
||||
if (preg_match('/^(classify|confirm_|delete|disable|enable|setremise)/', GETPOST('action', 'aZ09'))) {
|
||||
$sensitiveget = true;
|
||||
}
|
||||
|
||||
|
||||
@ -2525,7 +2525,7 @@ if ($action != 'create' && $action != 'edit') {
|
||||
if (!empty($conf->use_javascript_ajax) && empty($conf->dol_use_jmobile)) {
|
||||
print '<span id="action-delete" class="butActionDelete">'.$langs->trans('Delete').'</span>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ProductIsUsed").'">'.$langs->trans("Delete").'</a>';
|
||||
|
||||
@ -190,7 +190,7 @@ print '<span id="back" class="butAction">'.$langs->trans("Back").'</span>';
|
||||
if ($eid == 0) {
|
||||
print '<div class="inline-block divButAction"><span id="action-delete" class="butActionRefused classfortooltip">'.$langs->trans('Delete').'</span></div>'."\n";
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&tab='.$tab.'&eid='.$eid.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&tab='.$tab.'&eid='.$eid.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
|
||||
}
|
||||
print '</div>';
|
||||
|
||||
|
||||
@ -953,9 +953,9 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_
|
||||
print '<td class="right">'.price($prices['remise_percent']).' %</td>';
|
||||
print '<td class="center">';
|
||||
if (($user->rights->produit->creer || $user->rights->service->creer)) {
|
||||
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
|
||||
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
|
||||
print img_edit().'</a>';
|
||||
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
|
||||
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
|
||||
print img_delete().'</a>';
|
||||
} else {
|
||||
print ' ';
|
||||
@ -1106,9 +1106,9 @@ if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_
|
||||
print '<td class="right">'.price($prices['remise_percent']).' %</td>';
|
||||
print '<td class="center">';
|
||||
if (($user->rights->produit->creer || $user->rights->service->creer)) {
|
||||
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
|
||||
print '<a class="editfielda marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
|
||||
print img_edit().'</a>';
|
||||
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
|
||||
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
|
||||
print img_delete().'</a>';
|
||||
} else {
|
||||
print ' ';
|
||||
@ -1638,7 +1638,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action == 'showlog_defaul
|
||||
|
||||
print '<td class="right">';
|
||||
if ($candelete || ($db->jdate($objp->dp) >= dol_now())) { // Test on date is to be able to delete a corrupted record with a date in future
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'&lineid='.$objp->rowid.'">';
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'&lineid='.$objp->rowid.'">';
|
||||
print img_delete();
|
||||
print '</a>';
|
||||
} else {
|
||||
@ -2193,11 +2193,11 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
|
||||
print img_info($langs->trans('PriceByCustomerLog'));
|
||||
print '</a>';
|
||||
print ' ';
|
||||
print '<a class="marginleftonly editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit_customer_price&id='.$object->id.'&lineid='.$line->id.'">';
|
||||
print '<a class="marginleftonly editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit_customer_price&id='.$object->id.'&lineid='.$line->id.'">';
|
||||
print img_edit('default', 0, 'style="vertical-align: middle;"');
|
||||
print '</a>';
|
||||
print ' ';
|
||||
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete_customer_price&token='.newToken().'&id='.$object->id.'&lineid='.$line->id.'">';
|
||||
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete_customer_price&token='.newToken().'&id='.$object->id.'&lineid='.$line->id.'">';
|
||||
print img_delete('default', 'style="vertical-align: middle;"');
|
||||
print '</a>';
|
||||
print '</td>';
|
||||
|
||||
@ -532,12 +532,12 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
if (empty($reshook)) {
|
||||
/*TODO if ($user->rights->stock->lire)
|
||||
{
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit">'.$langs->trans("Modify").'</a></div>'."\n";
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newtoken().'">'.$langs->trans("Modify").'</a></div>'."\n";
|
||||
}
|
||||
|
||||
if ($user->rights->stock->supprimer)
|
||||
{
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a></div>'."\n";
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a></div>'."\n";
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
||||
@ -1343,7 +1343,7 @@ if ($action == 'create' && $user->rights->projet->creer) {
|
||||
// Delete
|
||||
if ($user->rights->projet->supprimer || ($object->statut == Project::STATUS_DRAFT && $user->rights->projet->creer)) {
|
||||
if ($userDelete > 0 || ($object->statut == Project::STATUS_DRAFT && $user->rights->projet->creer)) {
|
||||
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="card.php?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotOwnerOfProject").'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -606,7 +606,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
// Delete
|
||||
if ($user->rights->projet->supprimer) {
|
||||
if (!$object->hasChildren() && !$object->hasTimeSpent()) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'&withproject='.$withproject.'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newToken().'&withproject='.$withproject.'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("TaskHasChild").'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -1729,12 +1729,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) {
|
||||
}
|
||||
|
||||
print ' ';
|
||||
print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=editline&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
|
||||
print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=editline&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
|
||||
print img_edit();
|
||||
print '</a>';
|
||||
|
||||
print ' ';
|
||||
print '<a class="reposition paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
|
||||
print '<a class="reposition paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
|
||||
print img_delete('default', 'class="pictodelete paddingleft"');
|
||||
print '</a>';
|
||||
|
||||
|
||||
@ -1920,10 +1920,10 @@ if ($action == 'create') {
|
||||
} elseif ($object->statut == Reception::STATUS_DRAFT) {
|
||||
// edit-delete buttons
|
||||
print '<td class="linecoledit center">';
|
||||
print '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_edit().'</a>';
|
||||
print '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_edit().'</a>';
|
||||
print '</td>';
|
||||
print '<td class="linecoldelete" width="10">';
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
|
||||
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'</a>';
|
||||
print '</td>';
|
||||
|
||||
// Display lines extrafields
|
||||
@ -2026,12 +2026,12 @@ if ($action == 'create') {
|
||||
$label = "ClassifyBilled";
|
||||
$paramaction = 'classifybilled';
|
||||
}
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action='.$paramaction.'">'.$langs->trans($label).'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action='.$paramaction.'">'.$langs->trans($label).'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
if ($user->rights->reception->supprimer) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -620,7 +620,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
|
||||
// Delete (need delete permission, or if draft, just need create/modify permission)
|
||||
if ($permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd)) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
}
|
||||
|
||||
@ -505,7 +505,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
|
||||
// Delete (need delete permission, or if draft, just need create/modify permission)
|
||||
if ($permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd)) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
}
|
||||
|
||||
@ -347,7 +347,7 @@ if ($action == 'create' || $object->fetch($id, $ref) > 0) {
|
||||
// Delete resource
|
||||
if ($user->rights->resource->delete) {
|
||||
print '<div class="inline-block divButAction">';
|
||||
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete&token='.newToken().'" class="butActionDelete">'.$langs->trans('Delete').'</a>';
|
||||
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=delete&token='.newToken().'" class="butActionDelete">'.$langs->trans('Delete').'</a>';
|
||||
print '</div>';
|
||||
}
|
||||
}
|
||||
|
||||
@ -248,7 +248,7 @@ print '<div class="tabsAction">';
|
||||
if ($action == '') {
|
||||
if ($user->rights->salaries->delete) {
|
||||
if (!$disable_delete) {
|
||||
print '<a class="butActionDelete" href="card.php?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
print '<a class="butActionDelete" href="card.php?id='.GETPOST('id', 'int').'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>';
|
||||
} else {
|
||||
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("CantRemovePaymentSalaryPaid")).'">'.$langs->trans('Delete').'</a>';
|
||||
}
|
||||
|
||||
@ -267,7 +267,7 @@ for ($i = 1; $i <= 4; $i++) {
|
||||
<?php if ($conf->use_javascript_ajax) { ?>
|
||||
<span id="action-delete" class="butActionDelete"><?php echo $langs->trans('Delete'); ?></span>
|
||||
<?php } else { ?>
|
||||
<a class="butActionDelete" href="<?php echo $_SERVER["PHP_SELF"].'?socid='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>"><?php echo $langs->trans('Delete'); ?></a>
|
||||
<a class="butActionDelete" href="<?php echo $_SERVER["PHP_SELF"].'?socid='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>"><?php echo $langs->trans('Delete'); ?></a>
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
@ -194,7 +194,7 @@ if ($this->control->tpl['action_delete']) {
|
||||
<?php if ($conf->use_javascript_ajax) { ?>
|
||||
<span id="action-delete" class="butActionDelete"><?php echo $langs->trans('Delete'); ?></span>
|
||||
<?php } else { ?>
|
||||
<a class="butActionDelete" href="<?php echo $_SERVER["PHP_SELF"].'?socid='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>"><?php echo $langs->trans('Delete'); ?></a>
|
||||
<a class="butActionDelete" href="<?php echo $_SERVER["PHP_SELF"].'?socid='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>"><?php echo $langs->trans('Delete'); ?></a>
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
@ -2942,7 +2942,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
if ($conf->use_javascript_ajax && empty($conf->dol_use_jmobile)) { // We can't use preloaded confirm form with jmobile
|
||||
print '<span id="action-delete" class="butActionDelete">'.$langs->trans('Delete').'</span>'."\n";
|
||||
} else {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'</a>'."\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -620,11 +620,11 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
|
||||
print img_info();
|
||||
print '</a>';
|
||||
print ' ';
|
||||
print '<a class="editfielda paddingleftonly paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?action=edit_customer_price&socid='.$object->id.'&lineid='.$line->id.'">';
|
||||
print '<a class="editfielda paddingleftonly paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?action=edit_customer_price&socid='.$object->id.'&lineid='.$line->id.'">';
|
||||
print img_edit('default', 0, 'style="vertical-align: middle;"');
|
||||
print '</a>';
|
||||
print ' ';
|
||||
print '<a class="paddingleftonly paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?action=delete_customer_price&token='.newToken().'&socid='.$object->id.'&lineid='.$line->id.'">';
|
||||
print '<a class="paddingleftonly paddingrightonly" href="'.$_SERVER["PHP_SELF"].'?action=delete_customer_price&token='.newToken().'&socid='.$object->id.'&lineid='.$line->id.'">';
|
||||
print img_delete('default', 'style="vertical-align: middle;"');
|
||||
print '</a>';
|
||||
print '</td>';
|
||||
|
||||
@ -1889,12 +1889,12 @@ if ($action == 'create') {
|
||||
|
||||
// Clone
|
||||
if ($usercancreate) {
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object='.$object->element.'">'.$langs->trans("ToClone").'</a></div>';
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object='.$object->element.'">'.$langs->trans("ToClone").'</a></div>';
|
||||
}
|
||||
|
||||
// Delete
|
||||
if (($object->statut == SupplierProposal::STATUS_DRAFT && $usercancreate) || $usercandelete) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'"';
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'"';
|
||||
print '>'.$langs->trans('Delete').'</a></div>';
|
||||
}
|
||||
}
|
||||
|
||||
@ -380,11 +380,11 @@ if ($action == 'create') {
|
||||
}
|
||||
|
||||
if ($caneditperms) {
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
|
||||
}
|
||||
|
||||
if ($candisableperms) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$object->id.'&token='.newToken().'">'.$langs->trans("DeleteGroup").'</a>';
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$object->id.'&token='.newToken().'">'.$langs->trans("DeleteGroup").'</a>';
|
||||
}
|
||||
|
||||
print "</div>\n";
|
||||
|
||||
@ -337,7 +337,7 @@ if ($result > 0) {
|
||||
print $langs->trans("SMS");
|
||||
}
|
||||
print '</td>';
|
||||
print '<td class="right"><a href="card.php?id='.$id.'&action=delete&token='.newToken().'&actid='.$obj->rowid.'">'.img_delete().'</a></td>';
|
||||
print '<td class="right"><a href="card.php?id='.$id.'&action=delete&token='.newToken().'&actid='.$obj->rowid.'">'.img_delete().'</a></td>';
|
||||
print '</tr>';
|
||||
$i++;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user