From c8d039508f976f36d7328b7288e712cb24cd9906 Mon Sep 17 00:00:00 2001 From: TuxGasy Date: Mon, 3 Jul 2017 14:01:11 +0200 Subject: [PATCH 01/13] Fix missing error message --- htdocs/expedition/class/expedition.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 857ac1d5271..c87e43c28fc 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -716,6 +716,7 @@ class Expedition extends CommonObject if ($result < 0) { $error++; $this->errors[]=$mouvS->error; + $this->errors = array_merge($this->errors, $mouvS->errors); break; } } From d9d9b748adb6993af1e9646b9a9230f82cbd54dc Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 3 Jul 2017 19:27:21 +0200 Subject: [PATCH 02/13] Fix: check if action type is different of 'user' (external module) --- htdocs/admin/dict.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 485c5713636..72888a8deb3 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1752,8 +1752,9 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='') } elseif ($fieldlist[$field] == 'type' && $tabname == MAIN_DB_PREFIX."c_actioncomm") { + $type = (! empty($obj->type)?$obj->type:'user'); // Check if type is different of 'user' (external module) print ''; - print 'user'; + print $type.''; print ''; } elseif ($fieldlist[$field] == 'recuperableonly' || $fieldlist[$field] == 'type_cdr' || $fieldlist[$field] == 'deductible' || $fieldlist[$field] == 'category_type') { From 3892da76066a96331598d6641872b973940a187d Mon Sep 17 00:00:00 2001 From: phf Date: Tue, 4 Jul 2017 12:09:56 +0200 Subject: [PATCH 03/13] Fix update row on xlsx import do not work as csv import --- .../modules/import/import_xlsx.modules.php | 215 +++++++++++++----- 1 file changed, 153 insertions(+), 62 deletions(-) diff --git a/htdocs/core/modules/import/import_xlsx.modules.php b/htdocs/core/modules/import/import_xlsx.modules.php index 917760dc900..eff3b8f8b21 100644 --- a/htdocs/core/modules/import/import_xlsx.modules.php +++ b/htdocs/core/modules/import/import_xlsx.modules.php @@ -292,10 +292,11 @@ class ImportXlsx extends ModeleImports * @param Object $objimport Object import (contains objimport->array_import_tables, objimport->array_import_fields, objimport->array_import_convertvalue, ...) * @param int $maxfields Max number of fields to use * @param string $importid Import key + * @param array $updatekeys Array of keys to use to try to do update * @return int <0 if KO, >0 if OK */ // What is this doing here ? it is common to all imports, is should be in the parent class - function import_insert($arrayrecord,$array_match_file_to_database,$objimport,$maxfields,$importid) + function import_insert($arrayrecord,$array_match_file_to_database,$objimport,$maxfields,$importid,$updatekeys) { global $langs,$conf,$user; global $thirdparty_static; // Specific to thirdparty import @@ -326,13 +327,15 @@ class ImportXlsx extends ModeleImports else { $last_insert_id_array = array(); // store the last inserted auto_increment id for each table, so that dependent tables can be inserted with the appropriate id (eg: extrafields fk_object will be set with the last inserted object's id) + $updatedone = false; + $insertdone = false; // For each table to insert, me make a separate insert foreach($objimport->array_import_tables[0] as $alias => $tablename) { // Build sql request $sql=''; - $listfields=''; - $listvalues=''; + $listfields=array(); + $listvalues=array(); $i=0; $errorforthistable=0; @@ -372,7 +375,7 @@ class ImportXlsx extends ModeleImports // Make some tests on $newval // Is it a required field ? - if (preg_match('/\*/',$objimport->array_import_fields[0][$val]) && ((string) $newval == '')) + if (preg_match('/\*/',$objimport->array_import_fields[0][$val]) && ((string) $newval=='')) { $this->errors[$error]['lib']=$langs->trans('ErrorMissingMandatoryValue',$key); $this->errors[$error]['type']='NOTNULL'; @@ -399,7 +402,7 @@ class ImportXlsx extends ModeleImports if ($isidorref == 'ref') // If value into input import file is a ref, we apply the function defined into descriptor { - $file=$objimport->array_import_convertvalue[0][$val]['classfile']; + $file=(empty($objimport->array_import_convertvalue[0][$val]['classfile'])?$objimport->array_import_convertvalue[0][$val]['file']:$objimport->array_import_convertvalue[0][$val]['classfile']); $class=$objimport->array_import_convertvalue[0][$val]['class']; $method=$objimport->array_import_convertvalue[0][$val]['method']; if ($this->cacheconvert[$file.'_'.$class.'_'.$method.'_'][$newval] != '') @@ -408,7 +411,12 @@ class ImportXlsx extends ModeleImports } else { - dol_include_once($file); + $resultload = dol_include_once($file); + if (empty($resultload)) + { + dol_print_error('', 'Error trying to call file='.$file.', class='.$class.', method='.$method); + break; + } $classinstance=new $class($this->db); // Try the fetch from code or ref call_user_func_array(array($classinstance, $method),array('', $newval)); @@ -481,6 +489,26 @@ class ImportXlsx extends ModeleImports } if (empty($newval)) $arrayrecord[($key-1)]['type']=-1; // If we get empty value, we will use "null" } + elseif ($objimport->array_import_convertvalue[0][$val]['rule']=='getrefifauto') + { + $defaultref=''; + // TODO provide the $modTask (module of generation of ref) as parameter of import_insert function + $obj = empty($conf->global->PROJECT_TASK_ADDON)?'mod_task_simple':$conf->global->PROJECT_TASK_ADDON; + if (! empty($conf->global->PROJECT_TASK_ADDON) && is_readable(DOL_DOCUMENT_ROOT ."/core/modules/project/task/".$conf->global->PROJECT_TASK_ADDON.".php")) + { + require_once DOL_DOCUMENT_ROOT ."/core/modules/project/task/".$conf->global->PROJECT_TASK_ADDON.'.php'; + $modTask = new $obj; + $defaultref = $modTask->getNextValue(null,null); + } + if (is_numeric($defaultref) && $defaultref <= 0) $defaultref=''; + $newval=$defaultref; + } + + + elseif ($objimport->array_import_convertvalue[0][$val]['rule']=='numeric') + { + $newval = price2num($newval); + } //print 'Val to use as insert is '.$newval.'
'; } @@ -541,42 +569,37 @@ class ImportXlsx extends ModeleImports } // Define $listfields and $listvalues to build SQL request - if ($listfields) { $listfields.=', '; $listvalues.=', '; } - $listfields.=$fieldname; + $listfields[] = $fieldname; // Note: arrayrecord (and 'type') is filled with ->import_read_record called by import.php page before calling import_insert - if (empty($newval) && $arrayrecord[($key-1)]['type'] < 0) $listvalues.=($newval=='0'?$newval:"null"); - elseif (empty($newval) && $arrayrecord[($key-1)]['type'] == 0) $listvalues.="''"; - else $listvalues.="'".$this->db->escape($newval)."'"; + if (empty($newval) && $arrayrecord[($key-1)]['type'] < 0) $listvalues[] = ($newval=='0'?$newval:"null"); + elseif (empty($newval) && $arrayrecord[($key-1)]['type'] == 0) $listvalues[] = "''"; + else $listvalues[] = "'".$this->db->escape($newval)."'"; } $i++; } // We add hidden fields (but only if there is at least one field to add into table) - if ($listfields && is_array($objimport->array_import_fieldshidden[0])) + if (!empty($listfields) && is_array($objimport->array_import_fieldshidden[0])) { // Loop on each hidden fields to add them into listfields/listvalues foreach($objimport->array_import_fieldshidden[0] as $key => $val) { if (! preg_match('/^'.preg_quote($alias).'\./', $key)) continue; // Not a field of current table - if ($listfields) { $listfields.=', '; $listvalues.=', '; } if ($val == 'user->id') { - $listfields.=preg_replace('/^'.preg_quote($alias).'\./','',$key); - $listvalues.=$user->id; + $listfields[] = preg_replace('/^'.preg_quote($alias).'\./','',$key); + $listvalues[] = $user->id; } elseif (preg_match('/^lastrowid-/',$val)) { $tmp=explode('-',$val); $lastinsertid=(isset($last_insert_id_array[$tmp[1]]))?$last_insert_id_array[$tmp[1]]:0; - $listfields.=preg_replace('/^'.preg_quote($alias).'\./','',$key); - $listvalues.=$lastinsertid; + $keyfield = preg_replace('/^'.preg_quote($alias).'\./','',$key); + $listfields[] = $keyfield; + $listvalues[] = $lastinsertid; //print $key."-".$val."-".$listfields."-".$listvalues."
";exit; - } else - { - $listfields.=preg_replace('/^'.preg_quote($alias).'\./','',$key); - $listvalues.=$val; - } + } } } //print 'listfields='.$listfields.'
listvalues='.$listvalues.'
'; @@ -584,49 +607,114 @@ class ImportXlsx extends ModeleImports // If no error for this $alias/$tablename, we have a complete $listfields and $listvalues that are defined if (! $errorforthistable) { - //print "$alias/$tablename/$listfields/$listvalues
"; - if ($listfields) + //print "$alias/$tablename/$listfields/$listvalues
"; + if (!empty($listfields)) { - //var_dump($objimport->array_import_convertvalue); exit; - - // Build SQL request - if (empty($tablewithentity_cache[$tablename])) - { - $sql ='INSERT INTO '.$tablename.'('.$listfields.', import_key'; - if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$objimport->array_import_tables_creator[0][$alias]; - $sql.=') VALUES('.$listvalues.", '".$importid."'"; - } - else - { - $sql ='INSERT INTO '.$tablename.'('.$listfields.', import_key, entity'; - if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$objimport->array_import_tables_creator[0][$alias]; - $sql.=') VALUES('.$listvalues.", '".$importid."', ".$conf->entity ; - } - if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$user->id; - $sql.=')'; - - //print($sql).'
'; - dol_syslog("import_csv.modules", LOG_DEBUG); - - //print '> '.join(',',$arrayrecord); - //print 'sql='.$sql; - //print '
'."\n"; - - // Run insert request - if ($sql) - { - $resql=$this->db->query($sql); - $last_insert_id_array[$tablename] = $this->db->last_insert_id($tablename); // store the last inserted auto_increment id for each table, so that dependent tables can be inserted with the appropriate id. This must be done just after the INSERT request, else we risk losing the id (because another sql query will be issued somewhere in Dolibarr). - if ($resql) - { - //print '.'; + $updatedone = false; + $insertdone = false; + if (!empty($updatekeys)) { + // We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields) + if (empty($lastinsertid)) { + $sqlSelect = 'SELECT rowid FROM '.$tablename; + + $data = array_combine($listfields, $listvalues); + $where = array(); + $filters = array(); + foreach ($updatekeys as $key) { + $col = $objimport->array_import_updatekeys[0][$key]; + $key=preg_replace('/^.*\./i','',$key); + $where[] = $key.' = '.$data[$key]; + $filters[] = $col.' = '.$data[$key]; + } + $sqlSelect.= ' WHERE '.implode(' AND ', $where); + + $resql=$this->db->query($sqlSelect); + if($resql) { + $res = $this->db->fetch_object($resql); + if($resql->num_rows == 1) { + $lastinsertid = $res->rowid; + $last_insert_id_array[$tablename] = $lastinsertid; + } else if($resql->num_rows > 1) { + $this->errors[$error]['lib']=$langs->trans('MultipleRecordFoundWithTheseFilters', implode($filters, ', ')); + $this->errors[$error]['type']='SQL'; + $error++; + } else { + // No record found with filters, insert will be tried below + } + } + else + { + //print 'E'; + $this->errors[$error]['lib']=$this->db->lasterror(); + $this->errors[$error]['type']='SQL'; + $error++; + } } - else + + if (!empty($lastinsertid)) { + // Build SQL UPDATE request + $sqlstart = 'UPDATE '.$tablename; + + $data = array_combine($listfields, $listvalues); + $set = array(); + foreach ($data as $key => $val) { + $set[] = $key.' = '.$val; + } + $sqlstart.= ' SET '.implode(', ', $set); + + if(empty($keyfield)) $keyfield = 'rowid'; + $sqlend = ' WHERE '.$keyfield.' = '.$lastinsertid; + + $sql = $sqlstart.$sqlend; + + // Run update request + $resql=$this->db->query($sql); + if($resql) { + // No error, update has been done. $this->db->db->affected_rows can be 0 if data hasn't changed + $updatedone = true; + } + else + { + //print 'E'; + $this->errors[$error]['lib']=$this->db->lasterror(); + $this->errors[$error]['type']='SQL'; + $error++; + } + } + } + + // Update not done, we do insert + if (!$error && !$updatedone) { + // Build SQL INSERT request + $sqlstart = 'INSERT INTO '.$tablename.'('.implode(', ', $listfields).', import_key'; + $sqlend = ') VALUES('.implode(', ', $listvalues).", '".$importid."'"; + if (! empty($tablewithentity_cache[$tablename])) { + $sqlstart.= ', entity'; + $sqlend.= ', '.$conf->entity; + } + if (! empty($objimport->array_import_tables_creator[0][$alias])) { + $sqlstart.= ', '.$objimport->array_import_tables_creator[0][$alias]; + $sqlend.=', '.$user->id; + } + $sql = $sqlstart.$sqlend.')'; + dol_syslog("import_xlsx.modules", LOG_DEBUG); + + // Run insert request + if ($sql) { - //print 'E'; - $this->errors[$error]['lib']=$this->db->lasterror(); - $this->errors[$error]['type']='SQL'; - $error++; + $resql=$this->db->query($sql); + if ($resql) + { + $last_insert_id_array[$tablename] = $this->db->last_insert_id($tablename); // store the last inserted auto_increment id for each table, so that child tables can be inserted with the appropriate id. This must be done just after the INSERT request, else we risk losing the id (because another sql query will be issued somewhere in Dolibarr). + $insertdone = true; + } + else + { + //print 'E'; + $this->errors[$error]['lib']=$this->db->lasterror(); + $this->errors[$error]['type']='SQL'; + $error++; + } } } } @@ -638,6 +726,9 @@ class ImportXlsx extends ModeleImports if ($error) break; } + + if($updatedone) $this->nbupdate++; + if($insertdone) $this->nbinsert++; } return 1; From 3f6778889b2c4baa60d78873e5f70edc62bcc962 Mon Sep 17 00:00:00 2001 From: Quentin Vial-Gouteyron Date: Tue, 4 Jul 2017 14:05:03 +0200 Subject: [PATCH 04/13] FIX erreur mysql migration --- htdocs/install/mysql/migration/5.0.0-6.0.0.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/5.0.0-6.0.0.sql b/htdocs/install/mysql/migration/5.0.0-6.0.0.sql index f418a5e6a1f..600503a8b7e 100644 --- a/htdocs/install/mysql/migration/5.0.0-6.0.0.sql +++ b/htdocs/install/mysql/migration/5.0.0-6.0.0.sql @@ -346,7 +346,7 @@ ALTER TABLE llx_product_fournisseur_price_log ADD COLUMN multicurrency_tx d ALTER TABLE llx_product_fournisseur_price_log ADD COLUMN multicurrency_price double(24,8) DEFAULT NULL; ALTER TABLE llx_product_fournisseur_price_log ADD COLUMN multicurrency_price_ttc double(24,8) DEFAULT NULL; -UPDATE TABLE llx_contrat set ref = rowid where ref is null or ref = ''; +UPDATE llx_contrat set ref = rowid where ref is null or ref = ''; create table llx_payment_various ( From 9f50882d6d835e553b37a0b575d8e9a437ff7609 Mon Sep 17 00:00:00 2001 From: TuxGasy Date: Tue, 4 Jul 2017 21:45:38 +0200 Subject: [PATCH 05/13] fix incorrect indent --- htdocs/expedition/class/expedition.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index c87e43c28fc..5803442d1ea 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -716,7 +716,7 @@ class Expedition extends CommonObject if ($result < 0) { $error++; $this->errors[]=$mouvS->error; - $this->errors = array_merge($this->errors, $mouvS->errors); + $this->errors = array_merge($this->errors, $mouvS->errors); break; } } From 5b154946a86b18a13fe78cd7f03f350e535ffe42 Mon Sep 17 00:00:00 2001 From: TuxGasy Date: Tue, 4 Jul 2017 21:48:38 +0200 Subject: [PATCH 06/13] fix missing error on stock mouvment with batch --- htdocs/expedition/class/expedition.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 5803442d1ea..9e057106dd8 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -730,6 +730,7 @@ class Expedition extends CommonObject if ($result < 0) { $error++; $this->errors[]=$mouvS->error; + $this->errors = array_merge($this->errors, $mouvS->errors); break; } } From a4b1c28696dbfd3a0308bae880adcb4ead44160e Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Wed, 5 Jul 2017 11:33:58 +0200 Subject: [PATCH 07/13] fix : accountancy right management --- htdocs/accountancy/admin/categories.php | 4 ++-- htdocs/accountancy/admin/categories_list.php | 2 +- htdocs/accountancy/admin/defaultaccounts.php | 2 +- htdocs/accountancy/admin/export.php | 2 +- htdocs/accountancy/admin/fiscalyear_card.php | 18 +++++++++--------- htdocs/accountancy/admin/index.php | 2 +- htdocs/accountancy/admin/journals_list.php | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index fd8c67246f4..11913c6d2e9 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -46,7 +46,7 @@ if ($cat_id == 0) { } // Security check -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } @@ -104,7 +104,7 @@ $formaccounting->select_accounting_category($cat_id, 'account_category', 1, 0, 0 print ''; print ''; -if (! empty($cat_id)) +if (! empty($cat_id)) { $return = $accountingcategory->getAccountsWithNoCategory($cat_id); if ($return < 0) { diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index cb852d82e0c..6c2b94d727a 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -57,7 +57,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 9cf4d2977fd..60b8424ff3e 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -42,7 +42,7 @@ $langs->load("salaries"); $langs->load("loan"); // Security check -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/export.php b/htdocs/accountancy/admin/export.php index 7a209be45b1..dfbeb09f25e 100644 --- a/htdocs/accountancy/admin/export.php +++ b/htdocs/accountancy/admin/export.php @@ -38,7 +38,7 @@ $langs->load("admin"); $langs->load("accountancy"); // Security check -if (empty($user->admin) || ! empty($user->rights->accountancy->chartofaccount)) +if (empty($user->admin) || ! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/fiscalyear_card.php b/htdocs/accountancy/admin/fiscalyear_card.php index 7a8ab0673a7..fa817942a54 100644 --- a/htdocs/accountancy/admin/fiscalyear_card.php +++ b/htdocs/accountancy/admin/fiscalyear_card.php @@ -43,10 +43,10 @@ $id = GETPOST('id', 'int'); // List of statut static $tmpstatut2label = array ( '0' => 'OpenFiscalYear', - '1' => 'CloseFiscalYear' + '1' => 'CloseFiscalYear' ); $statut2label = array ( - '' + '' ); foreach ( $tmpstatut2label as $key => $val ) $statut2label[$key] = $langs->trans($val); @@ -69,7 +69,7 @@ if ($action == 'confirm_delete' && $confirm == "yes") { } else { setEventMessages($object->error, $object->errors, 'errors'); } -} +} else if ($action == 'add') { if (! GETPOST('cancel', 'alpha')) { @@ -113,7 +113,7 @@ else if ($action == 'add') { header("Location: ./fiscalyear.php"); exit(); } -} +} // Update record else if ($action == 'update') { @@ -126,7 +126,7 @@ else if ($action == 'update') { $object->statut = GETPOST('statut', 'int'); $result = $object->update($user); - + if ($result > 0) { header("Location: " . $_SERVER["PHP_SELF"] . "?id=" . $id); exit(); @@ -151,7 +151,7 @@ llxHeader("",$title,$helpurl); $form = new Form($db); -if ($action == 'create') +if ($action == 'create') { print load_fiche_titre($langs->trans("NewFiscalYear")); @@ -184,7 +184,7 @@ if ($action == 'create') print $form->selectarray('statut', $statut2label, GETPOST('statut')); print ''; */ - + print ''; dol_fiche_end(); @@ -306,9 +306,9 @@ if ($action == 'create') print '
'; print '' . $langs->trans('Modify') . ''; - + // print '' . $langs->trans('Delete') . ''; - + print '
'; } } diff --git a/htdocs/accountancy/admin/index.php b/htdocs/accountancy/admin/index.php index ead997a5d8c..ce17979157b 100644 --- a/htdocs/accountancy/admin/index.php +++ b/htdocs/accountancy/admin/index.php @@ -266,7 +266,7 @@ if (! empty($user->admin)) } -// Param a user $user->rights->accountancy->chartofaccount can access +// Param a user $user->rights->accounting-->chartofaccount can access foreach ($list as $key) { print ''; diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index dca29fd28b8..e0e41a776be 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -41,7 +41,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! empty($user->rights->accountancy->chartofaccount)) +if (!$user->rights->accounting->chartofaccount) { accessforbidden(); } From 0fc6f6920e119f1630cb9a94dfdd72efd802cb87 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:14 +0200 Subject: [PATCH 08/13] Update categories.php --- htdocs/accountancy/admin/categories.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index 11913c6d2e9..f9200a575be 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -46,7 +46,7 @@ if ($cat_id == 0) { } // Security check -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -164,4 +164,4 @@ if ($action == 'display' || $action == 'delete') { llxFooter(); -$db->close(); \ No newline at end of file +$db->close(); From d880c943ae7961fcf925aea2f542a5e7c4525df5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:39 +0200 Subject: [PATCH 09/13] Update categories_list.php --- htdocs/accountancy/admin/categories_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index 6c2b94d727a..270d882eac7 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -57,7 +57,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 51a9c4fad56644701fa6b166f66bb85c8c591ecc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:57 +0200 Subject: [PATCH 10/13] Update defaultaccounts.php --- htdocs/accountancy/admin/defaultaccounts.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 60b8424ff3e..ce99bd6296c 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -42,7 +42,7 @@ $langs->load("salaries"); $langs->load("loan"); // Security check -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 2dd9cb61a6a18ec398607dd4a3d02bcf44313175 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:04:29 +0200 Subject: [PATCH 11/13] Update export.php --- htdocs/accountancy/admin/export.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/export.php b/htdocs/accountancy/admin/export.php index dfbeb09f25e..433448fa688 100644 --- a/htdocs/accountancy/admin/export.php +++ b/htdocs/accountancy/admin/export.php @@ -38,7 +38,7 @@ $langs->load("admin"); $langs->load("accountancy"); // Security check -if (empty($user->admin) || ! $user->rights->accounting-->chartofaccount) +if (empty($user->admin) && empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 5eaf49a265a9fb5b10edc2b863ed7dce06eb683c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:05:32 +0200 Subject: [PATCH 12/13] Update journals_list.php --- htdocs/accountancy/admin/journals_list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index e0e41a776be..eca8a4bdca0 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -41,7 +41,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (!$user->rights->accounting->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -743,4 +743,4 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='') print ''; } } -} \ No newline at end of file +} From 3270d141b040c59163ceb2e9b9be85ceaa9a5927 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:07:28 +0200 Subject: [PATCH 13/13] Update index.php --- htdocs/accountancy/admin/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/index.php b/htdocs/accountancy/admin/index.php index ce17979157b..b6aceb52ad4 100644 --- a/htdocs/accountancy/admin/index.php +++ b/htdocs/accountancy/admin/index.php @@ -266,7 +266,7 @@ if (! empty($user->admin)) } -// Param a user $user->rights->accounting-->chartofaccount can access +// Param a user $user->rights->accounting->chartofaccount can access foreach ($list as $key) { print '';