From 1bac15d836f0e6da874a2ab897411134491db72e Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 2 Feb 2012 07:49:50 +0100 Subject: [PATCH] Fix: missing quotes --- htdocs/asterisk/cidlookup.php | 2 +- htdocs/comm/index.php | 32 +++++++++---------- htdocs/comm/prospect/class/prospect.class.php | 2 +- htdocs/comm/prospect/index.php | 24 +++++++------- htdocs/core/class/html.formcompany.class.php | 2 +- 5 files changed, 31 insertions(+), 31 deletions(-) diff --git a/htdocs/asterisk/cidlookup.php b/htdocs/asterisk/cidlookup.php index 8e3f933f257..f3539e672cd 100644 --- a/htdocs/asterisk/cidlookup.php +++ b/htdocs/asterisk/cidlookup.php @@ -42,7 +42,7 @@ if (empty($phone)) $sql = "SELECT nom as name FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON sp.fk_soc = s.rowid"; -$sql.= " WHERE s.entity IN (".getEntity(societe, 1).")"; +$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")"; $sql.= " AND (s.tel='".$db->escape($phone)."'"; $sql.= " OR sp.phone='".$db->escape($phone)."'"; $sql.= " OR sp.phone_perso='".$db->escape($phone)."'"; diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 276877bd88c..a7ec49e4aa9 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -141,11 +141,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire) $sql = "SELECT p.rowid, p.ref, p.total_ht, s.rowid as socid, s.nom as name, s.client, s.canvas"; $sql.= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_statut = 0"; $sql.= " AND p.fk_soc = s.rowid"; $sql.= " AND p.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; $resql=$db->query($sql); @@ -208,11 +208,11 @@ if ($conf->commande->enabled && $user->rights->commande->lire) $sql = "SELECT c.rowid, c.ref, c.total_ttc, s.rowid as socid, s.nom as name, s.client, s.canvas"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND c.fk_soc = ".$socid; $resql = $db->query($sql); @@ -283,10 +283,10 @@ if ($conf->societe->enabled && $user->rights->societe->lire) $sql = "SELECT s.rowid, s.nom as name, s.client, s.datec,s.tms"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.client IN (1, 2, 3)"; - $sql.= " AND s.entity IN (".getEntity('societe', 1).")"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + $sql.= " AND s.entity IN (".getEntity($companystatic->element, 1).")"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = $socid"; $sql .= " ORDER BY s.tms DESC"; $sql .= $db->plimit($max, 0); @@ -343,10 +343,10 @@ if ($conf->fournisseur->enabled && $user->rights->societe->lire) $sql = "SELECT s.nom as name, s.rowid, s.datec as dc, s.canvas, s.tms as dm"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fournisseur = 1"; - $sql.= " AND s.entity IN (".getEntity(societe, 1).")"; - if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + $sql.= " AND s.entity IN (".getEntity($companystatic->element, 1).")"; + if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY s.datec DESC"; $sql.= $db->plimit($max, 0); @@ -418,11 +418,11 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire && 0) // TODO A REFA $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= ", ".MAIN_DB_PREFIX."contrat as c"; $sql.= ", ".MAIN_DB_PREFIX."product as p"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY c.tms DESC"; $sql.= $db->plimit(5, 0); @@ -474,11 +474,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire) $sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.total as total_ttc, p.total_ht, p.ref, p.fk_statut, p.datep as dp"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_soc = s.rowid"; $sql.= " AND p.entity = ".$conf->entity; $sql.= " AND p.fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY p.rowid DESC"; @@ -547,8 +547,8 @@ if ($conf->propal->enabled && $user->rights->propale->lire) print ''; print ''; +llxFooter(); + $db->close(); - -llxFooter(); ?> \ No newline at end of file diff --git a/htdocs/comm/prospect/class/prospect.class.php b/htdocs/comm/prospect/class/prospect.class.php index ad5b8a4dcf9..7a5928058e1 100644 --- a/htdocs/comm/prospect/class/prospect.class.php +++ b/htdocs/comm/prospect/class/prospect.class.php @@ -69,7 +69,7 @@ class Prospect extends Societe $clause = "AND"; } $sql.= " ".$clause." s.client IN (1,2,3)"; - $sql.= " AND s.entity IN (".getEntity(societe, 1).")"; + $sql.= " AND s.entity IN (".getEntity($this->element, 1).")"; $sql.= " GROUP BY s.client"; $resql=$this->db->query($sql); diff --git a/htdocs/comm/prospect/index.php b/htdocs/comm/prospect/index.php index 0c649eb77cc..834db513855 100644 --- a/htdocs/comm/prospect/index.php +++ b/htdocs/comm/prospect/index.php @@ -72,11 +72,11 @@ if ($conf->propal->enabled) $sql = "SELECT count(*) as cc, st.libelle, st.id"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st "; -if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = st.id"; $sql.= " AND s.client IN (2, 3)"; -$sql.= " AND s.entity IN (".getEntity(societe, 1).")"; -if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +$sql.= " AND s.entity IN (".getEntity($companystatic->element, 1).")"; +if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " GROUP BY st.id"; $sql.= " ORDER BY st.id"; @@ -116,11 +116,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire) $sql = "SELECT p.rowid, p.ref, p.price, s.nom as sname"; $sql.= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_statut = 0"; $sql.= " AND p.fk_soc = s.rowid"; $sql.= " AND p.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$db->query($sql); if ($resql) @@ -177,12 +177,12 @@ if ($conf->propal->enabled && $user->rights->propale->lire) $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= ", ".MAIN_DB_PREFIX."propal as p"; $sql.= ", ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_soc = s.rowid"; $sql.= " AND p.fk_statut = c.id"; $sql.= " AND p.fk_statut = 1"; $sql.= " AND p.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY p.rowid DESC"; $sql.= $db->plimit(5, 0); @@ -239,10 +239,10 @@ if ($conf->propal->enabled && $user->rights->propale->lire) */ $sql = "SELECT s.nom as name, s.rowid as socid, s.client, s.canvas"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = 1"; -$sql.= " AND s.entity IN (".getEntity(societe, 1).")"; -if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +$sql.= " AND s.entity IN (".getEntity($companystatic->element, 1).")"; +if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY s.tms ASC"; $sql.= $db->plimit(15, 0); @@ -279,8 +279,8 @@ if ($resql) print ''; print ''; +llxFooter(); + $db->close(); - -llxFooter(); ?> \ No newline at end of file diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 2ba3f3e062a..b338e5f3192 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -526,7 +526,7 @@ class FormCompany $sql.= " WHERE rowid IN (".join(',',$limitto).")"; } } - $sql.= " AND s.entity IN (".getEntity(societe, 1).")"; + $sql.= " AND s.entity IN (".getEntity('societe', 1).")"; $sql.= " ORDER BY nom ASC"; //print $sql;