diff --git a/htdocs/contact/canvas/actions_contactcard_common.class.php b/htdocs/contact/canvas/actions_contactcard_common.class.php
index d4162aafef2..bb348d4f660 100644
--- a/htdocs/contact/canvas/actions_contactcard_common.class.php
+++ b/htdocs/contact/canvas/actions_contactcard_common.class.php
@@ -213,6 +213,8 @@ abstract class ActionsContactCardCommon
global $conf, $langs, $user, $canvas;
global $form, $formcompany, $objsoc;
+ if ($action == 'create' || $action == 'edit') $this->assign_post($action);
+
foreach($this->object as $key => $value)
{
$this->tpl[$key] = $value;
@@ -395,7 +397,7 @@ abstract class ActionsContactCardCommon
/**
* Assigne les valeurs POST dans l'objet
*/
- function assign_post()
+ function assign_post($action)
{
global $langs, $mysoc;
diff --git a/htdocs/contact/canvas/default/actions_contactcard_default.class.php b/htdocs/contact/canvas/default/actions_contactcard_default.class.php
index c96cec3d6e6..1f57250d554 100644
--- a/htdocs/contact/canvas/default/actions_contactcard_default.class.php
+++ b/htdocs/contact/canvas/default/actions_contactcard_default.class.php
@@ -51,14 +51,6 @@ class ActionsContactCardDefault extends ActionsContactCardCommon
}
- /**
- * Assigne les valeurs POST dans l'objet
- */
- function assign_post()
- {
- parent::assign_post();
- }
-
/**
* Assign custom values for canvas
*
@@ -69,7 +61,7 @@ class ActionsContactCardDefault extends ActionsContactCardCommon
global $conf, $db, $langs, $user;
global $form;
- parent::assign_values($action);
+ parent::assign_values($action);
$this->tpl['title'] = $this->getTitle($action);
$this->tpl['error'] = $this->error;
diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php
index 752d44b5e1d..93384e618bf 100644
--- a/htdocs/contact/fiche.php
+++ b/htdocs/contact/fiche.php
@@ -47,22 +47,17 @@ if ($user->societe_id) $socid=$user->societe_id;
$object = new Contact($db);
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
-if ($id) $object->getCanvas($id);
+$object->getCanvas($id);
$canvas = $object->canvas?$object->canvas:GETPOST("canvas");
if (! empty($canvas))
{
require_once(DOL_DOCUMENT_ROOT."/core/class/canvas.class.php");
$objcanvas = new Canvas($db,$action);
$objcanvas->getCanvas('contact','contactcard',$canvas);
+}
- // Security check
- $result = $objcanvas->restrictedArea($user, 'contact', $id, 'socpeople');
-}
-else
-{
- // Security check
- $result = restrictedArea($user, 'contact', $id, 'socpeople'); // If we create a contact with no company (shared contacts), no check on write permission
-}
+// Security check
+$result = restrictedArea($user, 'contact', $id, 'socpeople', '', '', '', $objcanvas); // If we create a contact with no company (shared contacts), no check on write permission
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
@@ -300,7 +295,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
// -----------------------------------------
if ($action == 'create')
{
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action); // Show template
}
@@ -313,7 +307,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->fetch($id,$user);
$objcanvas->control->object=$object;
}
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action); // Show template
}
diff --git a/htdocs/core/class/canvas.class.php b/htdocs/core/class/canvas.class.php
index 4664d2a1188..032b646d340 100644
--- a/htdocs/core/class/canvas.class.php
+++ b/htdocs/core/class/canvas.class.php
@@ -181,44 +181,12 @@ class Canvas
}
}
- /**
- * Check permissions of a user to show a page and an object. Check read permission.
- * If $_REQUEST['action'] defined, we also check write permission.
- *
- * @param user User to check
- * @param features Features to check (in most cases, it's module name)
- * @param objectid Object ID if we want to check permission on a particular record (optionnal)
- * @param dbtablename Table name where object is stored. Not used if objectid is null (optionnal)
- * @param feature2 Feature to check (second level of permission)
- * @param dbt_keyfield Field name for socid foreign key if not fk_soc. (optionnal)
- * @param dbt_select Field name for select if not rowid. (optionnal)
- * @return int 1
- */
- function restrictedArea($user, $features='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
- {
- // If function to check permission is overwritten, we use new one
- if (method_exists($this->control,'restrictedArea')) return $this->control->restrictedArea($user,$features,$objectid,$dbtablename,$feature2,$dbt_keyfield,$dbt_select);
- else return restrictedArea($user,$features,$objectid,$dbtablename,$feature2,$dbt_keyfield,$dbt_select);
- }
-
-
- /**
- * Assign values into POST into object
- *
- * // TODO This should be useless. POST is already visible from everywhere.
- */
- function assign_post()
- {
- if (empty($_POST)) return;
- if (method_exists($this->control,'assign_post')) $this->control->assign_post();
- }
-
/**
* Shared method for canvas to assign values for templates
*/
- function assign_values()
+ function assign_values($action)
{
- if (method_exists($this->control,'assign_values')) $this->control->assign_values($this->action);
+ if (method_exists($this->control,'assign_values')) $this->control->assign_values($action);
}
/**
diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index 2fa52305e0f..95f30b62d11 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -2038,27 +2038,34 @@ function info_admin($text,$infoonimgalt=0)
* @param objectid Object ID if we want to check permission on a particular record (optionnal)
* @param dbtablename Table name where object is stored. Not used if objectid is null (optionnal)
* @param feature2 Feature to check, second level of permission (optionnal)
- * @param dbt_keyfield Field name for socid foreign key if not fk_soc. (optionnal)
- * @param dbt_select Field name for select if not rowid. (optionnal)
+ * @param dbt_keyfield Field name for socid foreign key if not fk_soc (optionnal)
+ * @param dbt_select Field name for select if not rowid (optionnal)
+ * @param objcanvas Object canvas
* @return int Always 1, die process if not allowed
*/
-function restrictedArea($user, $features='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
+function restrictedArea($user, $features='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $objcanvas=null)
{
global $db, $conf;
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
- if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
-
//print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
//print ", perm: ".$features."->".$feature2."=".$user->rights->$features->$feature2->lire."
";
+
+ // If we use canvas, we try to use function that overlod restrictarea if provided with canvas
+ if (is_object($objcanvas))
+ {
+ if (method_exists($objcanvas->control,'restrictedArea')) return $objcanvas->control->restrictedArea($user,$features,$objectid,$dbtablename,$feature2,$dbt_keyfield,$dbt_select);
+ }
+
+ if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
// More features to check
$features = explode("&",$features);
//var_dump($features);
// Check read permission from module
- // TODO Replace "feature" param by permission for reading
+ // TODO Replace "feature" param into caller by first level of permission
$readok=1;
foreach ($features as $feature)
{
diff --git a/htdocs/product/canvas/product/actions_card_product.class.php b/htdocs/product/canvas/product/actions_card_product.class.php
index 970b6fc9c59..ca531655eb9 100755
--- a/htdocs/product/canvas/product/actions_card_product.class.php
+++ b/htdocs/product/canvas/product/actions_card_product.class.php
@@ -77,11 +77,71 @@ class ActionsCardProduct extends Product
*
* @param action Type of action
*/
- function assign_values($action='')
+ function assign_values($action)
{
global $conf,$langs,$user;
global $html, $formproduct;
+ // canvas
+ $this->tpl['canvas'] = $this->canvas;
+
+ // id
+ $this->tpl['id'] = $this->id;
+
+ // Ref
+ $this->tpl['ref'] = $this->ref;
+
+ // Label
+ $this->tpl['label'] = $this->libelle;
+
+ // Description
+ $this->tpl['description'] = nl2br($this->description);
+
+ // Statut
+ $this->tpl['status'] = $this->getLibStatut(2);
+
+ // Note
+ $this->tpl['note'] = nl2br($this->note);
+
+ if ($action == 'create')
+ {
+ // Price
+ $this->tpl['price'] = $this->price;
+ $this->tpl['price_min'] = $this->price_min;
+ $this->tpl['price_base_type'] = $html->load_PriceBaseType($this->price_base_type, "price_base_type");
+
+ // VAT
+ $this->tpl['tva_tx'] = $html->load_tva("tva_tx",-1,$mysoc,'');
+ }
+
+ if ($action == 'create' || $action == 'edit')
+ {
+ // Status
+ $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell"));
+ $this->tpl['status'] = $html->selectarray('statut',$statutarray,$this->status);
+
+ //To Buy
+ $statutarray=array('1' => $langs->trans("Yes"), '0' => $langs->trans("No"));
+ $this->tpl['tobuy'] = $html->selectarray('tobuy',$statutarray,$this->status_buy);
+
+ $this->tpl['description'] = $this->description;
+ $this->tpl['note'] = $this->note;
+ }
+
+ if ($action == 'view')
+ {
+ // Ref
+ $this->tpl['ref'] = $html->showrefnav($this,'ref','',1,'ref');
+
+ // Accountancy buy code
+ $this->tpl['accountancyBuyCodeKey'] = $html->editfieldkey("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
+ $this->tpl['accountancyBuyCodeVal'] = $html->editfieldval("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
+
+ // Accountancy sell code
+ $this->tpl['accountancySellCodeKey'] = $html->editfieldkey("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
+ $this->tpl['accountancySellCodeVal'] = $html->editfieldval("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
+ }
+
$this->tpl['finished'] = $this->object->finished;
$this->tpl['ref'] = $this->object->ref;
$this->tpl['label'] = $this->object->label;
diff --git a/htdocs/product/canvas/service/actions_card_service.class.php b/htdocs/product/canvas/service/actions_card_service.class.php
index 97970d4e48b..ca7ea4e11c1 100755
--- a/htdocs/product/canvas/service/actions_card_service.class.php
+++ b/htdocs/product/canvas/service/actions_card_service.class.php
@@ -77,11 +77,71 @@ class ActionsCardService extends Product
*
* @param action Type of action
*/
- function assign_values($action='')
+ function assign_values($action)
{
global $conf,$langs,$user;
global $html, $formproduct;
+ // canvas
+ $this->tpl['canvas'] = $this->canvas;
+
+ // id
+ $this->tpl['id'] = $this->id;
+
+ // Ref
+ $this->tpl['ref'] = $this->ref;
+
+ // Label
+ $this->tpl['label'] = $this->libelle;
+
+ // Description
+ $this->tpl['description'] = nl2br($this->description);
+
+ // Statut
+ $this->tpl['status'] = $this->getLibStatut(2);
+
+ // Note
+ $this->tpl['note'] = nl2br($this->note);
+
+ if ($action == 'create')
+ {
+ // Price
+ $this->tpl['price'] = $this->price;
+ $this->tpl['price_min'] = $this->price_min;
+ $this->tpl['price_base_type'] = $html->load_PriceBaseType($this->price_base_type, "price_base_type");
+
+ // VAT
+ $this->tpl['tva_tx'] = $html->load_tva("tva_tx",-1,$mysoc,'');
+ }
+
+ if ($action == 'create' || $action == 'edit')
+ {
+ // Status
+ $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell"));
+ $this->tpl['status'] = $html->selectarray('statut',$statutarray,$this->status);
+
+ //To Buy
+ $statutarray=array('1' => $langs->trans("Yes"), '0' => $langs->trans("No"));
+ $this->tpl['tobuy'] = $html->selectarray('tobuy',$statutarray,$this->status_buy);
+
+ $this->tpl['description'] = $this->description;
+ $this->tpl['note'] = $this->note;
+ }
+
+ if ($action == 'view')
+ {
+ // Ref
+ $this->tpl['ref'] = $html->showrefnav($this,'ref','',1,'ref');
+
+ // Accountancy buy code
+ $this->tpl['accountancyBuyCodeKey'] = $html->editfieldkey("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
+ $this->tpl['accountancyBuyCodeVal'] = $html->editfieldval("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
+
+ // Accountancy sell code
+ $this->tpl['accountancySellCodeKey'] = $html->editfieldkey("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
+ $this->tpl['accountancySellCodeVal'] = $html->editfieldval("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
+ }
+
$this->tpl['finished'] = $this->object->finished;
$this->tpl['ref'] = $this->object->ref;
$this->tpl['label'] = $this->object->label;
diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php
index 806c1972a46..3d37a5a2a0b 100644
--- a/htdocs/product/class/product.class.php
+++ b/htdocs/product/class/product.class.php
@@ -2877,76 +2877,6 @@ class Product extends CommonObject
}
-
- /**
- * Affecte les valeurs communes
- */
- function assign_values($action='')
- {
- global $conf,$langs;
- global $html;
-
- // canvas
- $this->tpl['canvas'] = $this->canvas;
-
- // id
- $this->tpl['id'] = $this->id;
-
- // Ref
- $this->tpl['ref'] = $this->ref;
-
- // Label
- $this->tpl['label'] = $this->libelle;
-
- // Description
- $this->tpl['description'] = nl2br($this->description);
-
- // Statut
- $this->tpl['status'] = $this->getLibStatut(2);
-
- // Note
- $this->tpl['note'] = nl2br($this->note);
-
- if ($action == 'create')
- {
- // Price
- $this->tpl['price'] = $this->price;
- $this->tpl['price_min'] = $this->price_min;
- $this->tpl['price_base_type'] = $html->load_PriceBaseType($this->price_base_type, "price_base_type");
-
- // VAT
- $this->tpl['tva_tx'] = $html->load_tva("tva_tx",-1,$mysoc,'');
- }
-
- if ($action == 'create' || $action == 'edit')
- {
- // Status
- $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell"));
- $this->tpl['status'] = $html->selectarray('statut',$statutarray,$this->status);
-
- //To Buy
- $statutarray=array('1' => $langs->trans("Yes"), '0' => $langs->trans("No"));
- $this->tpl['tobuy'] = $html->selectarray('tobuy',$statutarray,$this->status_buy);
-
- $this->tpl['description'] = $this->description;
- $this->tpl['note'] = $this->note;
- }
-
- if ($action == 'view')
- {
- // Ref
- $this->tpl['ref'] = $html->showrefnav($this,'ref','',1,'ref');
-
- // Accountancy buy code
- $this->tpl['accountancyBuyCodeKey'] = $html->editfieldkey("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
- $this->tpl['accountancyBuyCodeVal'] = $html->editfieldval("ProductAccountancyBuyCode",'productaccountancycodesell',$this->accountancy_code_sell,'id',$this->id,$user->rights->produit->creer);
-
- // Accountancy sell code
- $this->tpl['accountancySellCodeKey'] = $html->editfieldkey("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
- $this->tpl['accountancySellCodeVal'] = $html->editfieldval("ProductAccountancySellCode",'productaccountancycodebuy',$this->accountancy_code_buy,'id',$this->id,$user->rights->produit->creer);
- }
- }
-
/**
* Return if object is a product
* @return boolean True if it's a product
diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php
index 599302fe580..ba1fe5bb4ea 100644
--- a/htdocs/product/fiche.php
+++ b/htdocs/product/fiche.php
@@ -56,7 +56,7 @@ $object = new Product($db);
$extrafields = new ExtraFields($db);
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
-if ($id || $ref) $object->getCanvas($id,$ref);
+$object->getCanvas($id,$ref);
$canvas = $object->canvas?$object->canvas:GETPOST("canvas");
if (! empty($canvas))
{
@@ -68,7 +68,7 @@ if (! empty($canvas))
// Security check
if (isset($id) || isset($ref)) $value = isset($id)?$id:(isset($ref)?$ref:'');
$type = isset($ref)?'ref':'rowid';
-$result=restrictedArea($user,'produit|service',$value,'product','','',$type);
+$result=restrictedArea($user,'produit|service',$value,'product','','',$type, $objcanvas);
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
@@ -644,7 +644,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
// -----------------------------------------
if ($action == 'create')
{
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action,0); // Show template
}
@@ -657,7 +656,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->fetch($id);
$objcanvas->control->object=$object;
}
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action); // Show template
}
diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php
index de8347ea424..70aa51b2b2e 100644
--- a/htdocs/product/liste.php
+++ b/htdocs/product/liste.php
@@ -58,26 +58,19 @@ $limit = $conf->liste_limit;
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
-//if ($id) $object->getCanvas($id);
+//$object->getCanvas($id);
$canvas = GETPOST("canvas");
if (! empty($canvas))
{
require_once(DOL_DOCUMENT_ROOT."/core/class/canvas.class.php");
$objcanvas = new Canvas($db,$action);
$objcanvas->getCanvas('product','list',$canvas);
+}
- // Security check
- if ($type=='0') $result=$objcanvas->restrictedArea($user,'produit');
- else if ($type=='1') $result=$objcanvas->restrictedArea($user,'service');
- else $result=$objcanvas->restrictedArea($user,'produit|service');
-}
-else
-{
- // Security check
- if ($type=='0') $result=restrictedArea($user,'produit');
- else if ($type=='1') $result=restrictedArea($user,'service');
- else $result=restrictedArea($user,'produit|service');
-}
+// Security check
+if ($type=='0') $result=restrictedArea($user,'produit','','','','','',$objcanvas);
+else if ($type=='1') $result=restrictedArea($user,'service','','','','','',$objcanvas);
+else $result=restrictedArea($user,'produit|service','','','','','',$objcanvas);
/*
diff --git a/htdocs/societe/canvas/actions_card_common.class.php b/htdocs/societe/canvas/actions_card_common.class.php
index 7add0d7b62c..e42eb3eb147 100644
--- a/htdocs/societe/canvas/actions_card_common.class.php
+++ b/htdocs/societe/canvas/actions_card_common.class.php
@@ -365,11 +365,13 @@ abstract class ActionsCardCommon
* Assigne les valeurs par defaut pour le canvas
* @param action Type of template
*/
- function assign_values($action='')
+ function assign_values($action)
{
global $conf, $langs, $user, $mysoc, $canvas;
global $form, $formadmin, $formcompany;
+ if ($action == 'create' || $action == 'edit') $this->assign_post();
+
if ($_GET["type"]=='f') { $this->object->fournisseur=1; }
if ($_GET["type"]=='c') { $this->object->client=1; }
if ($_GET["type"]=='p') { $this->object->client=2; }
@@ -650,7 +652,7 @@ abstract class ActionsCardCommon
/**
* Assigne les valeurs POST dans l'objet
*/
- function assign_post()
+ function assign_post($action)
{
global $langs, $mysoc;
diff --git a/htdocs/societe/canvas/default/actions_card_default.class.php b/htdocs/societe/canvas/default/actions_card_default.class.php
index 5c0d7ffcd6a..b85fd705a49 100644
--- a/htdocs/societe/canvas/default/actions_card_default.class.php
+++ b/htdocs/societe/canvas/default/actions_card_default.class.php
@@ -84,7 +84,7 @@ class ActionsCardDefault extends ActionsCardCommon
*
* @param string $action Type of action
*/
- function assign_values($action='')
+ function assign_values($action)
{
global $conf, $langs, $user, $mysoc;
global $form, $formadmin, $formcompany;
diff --git a/htdocs/societe/canvas/default/tpl/card_create.tpl.php b/htdocs/societe/canvas/default/tpl/card_create.tpl.php
index fbcec1822f6..b2f80ed59d4 100644
--- a/htdocs/societe/canvas/default/tpl/card_create.tpl.php
+++ b/htdocs/societe/canvas/default/tpl/card_create.tpl.php
@@ -27,9 +27,9 @@
control->tpl['ajax_selecttype']; ?>
trans("ThirdPartyType") ?>:
->
+
trans("Company/Fundation"); ?>
-> trans("Individual"); ?> (trans("ToCreateContactWithSameName") ?>)
+ trans("Individual"); ?> (trans("ToCreateContactWithSameName") ?>)
control->tpl['ajax_selectcountry']; ?>
diff --git a/htdocs/societe/canvas/individual/actions_card_individual.class.php b/htdocs/societe/canvas/individual/actions_card_individual.class.php
index e9012d4e20d..c28766b2690 100644
--- a/htdocs/societe/canvas/individual/actions_card_individual.class.php
+++ b/htdocs/societe/canvas/individual/actions_card_individual.class.php
@@ -84,7 +84,7 @@ class ActionsCardIndividual extends ActionsCardCommon
*
* @param string $action Type of action
*/
- function assign_values($action='')
+ function assign_values($action)
{
global $conf, $langs;
global $form, $formcompany;
diff --git a/htdocs/societe/canvas/individual/tpl/card_create.tpl.php b/htdocs/societe/canvas/individual/tpl/card_create.tpl.php
index 69e420cf996..c8a21b821d5 100644
--- a/htdocs/societe/canvas/individual/tpl/card_create.tpl.php
+++ b/htdocs/societe/canvas/individual/tpl/card_create.tpl.php
@@ -29,9 +29,9 @@ dol_htmloutput_errors($this->control->tpl['error'],$this->control->tpl['errors']
control->tpl['ajax_selecttype']; ?>
trans("ThirdPartyType") ?>:
->
+
trans("Company/Fundation"); ?>
-> trans("Individual"); ?> (trans("ToCreateContactWithSameName") ?>)
+ trans("Individual"); ?> (trans("ToCreateContactWithSameName") ?>)
control->tpl['ajax_selectcountry']; ?>
diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php
index f2637207840..4d3d7c2644c 100644
--- a/htdocs/societe/soc.php
+++ b/htdocs/societe/soc.php
@@ -56,22 +56,18 @@ $object = new Societe($db);
$extrafields = new ExtraFields($db);
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
-if ($socid) $object->getCanvas($socid);
+$object->getCanvas($socid);
$canvas = $object->canvas?$object->canvas:GETPOST("canvas");
if (! empty($canvas))
{
require_once(DOL_DOCUMENT_ROOT."/core/class/canvas.class.php");
$objcanvas = new Canvas($db,$action);
$objcanvas->getCanvas('thirdparty','card',$canvas);
- // Security check
- $result = $objcanvas->restrictedArea($user, 'societe', $socid);
-}
-else
-{
- // Security check
- $result = restrictedArea($user, 'societe', $socid);
}
+// Security check
+$result = restrictedArea($user, 'societe', $socid, '', '', '', '', $objcanvas);
+
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
$hookmanager=new HookManager($db);
@@ -492,7 +488,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
// -----------------------------------------
if ($action == 'create')
{
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action,0); // Show template
}
@@ -505,7 +500,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
$object->fetch($socid);
$objcanvas->control->object=$object;
}
- $objcanvas->assign_post(); // TODO: Put code of assign_post into assign_values to keep only assign_values
$objcanvas->assign_values($action); // Set value for templates
$objcanvas->display_canvas($action); // Show template
}
diff --git a/htdocs/societe/societe.php b/htdocs/societe/societe.php
index 4c2e717abe1..00d84ab4e81 100644
--- a/htdocs/societe/societe.php
+++ b/htdocs/societe/societe.php
@@ -36,23 +36,23 @@ $socid = GETPOST("socid");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user,'societe',$socid,'');
-$search_nom=trim(isset($_GET["search_nom"])?$_GET["search_nom"]:$_POST["search_nom"]);
-$search_nom_only=trim(isset($_GET["search_nom_only"])?$_GET["search_nom_only"]:$_POST["search_nom_only"]);
-$search_all=trim(isset($_GET["search_all"])?$_GET["search_all"]:$_POST["search_all"]);
-$search_ville=trim(isset($_GET["search_ville"])?$_GET["search_ville"]:$_POST["search_ville"]);
-$socname=trim(isset($_GET["socname"])?$_GET["socname"]:$_POST["socname"]);
-$search_idprof1=trim($_REQUEST['search_idprof1']);
-$search_idprof2=trim($_REQUEST['search_idprof2']);
-$search_idprof3=trim($_REQUEST['search_idprof3']);
-$search_idprof4=trim($_REQUEST['search_idprof4']);
+$search_nom=trim(GETPOST("search_nom"));
+$search_nom_only=trim(GETPOST("search_nom_only"));
+$search_all=trim(GETPOST("search_all"));
+$search_ville=trim(GETPOT("search_ville"));
+$socname=trim(GETPOST("socname"));
+$search_idprof1=trim(GETPOST('search_idprof1'));
+$search_idprof2=trim(GETPOST('search_idprof2'));
+$search_idprof3=trim(GETPOST('search_idprof3'));
+$search_idprof4=trim(GETPOST('search_idprof4'));
+$search_sale=trim(GETPOST("search_sale"));
+$search_categ=trim(GETPOST("search_categ"));
+$mode=GETPOST("mode");
+$modesearch=GETPOST("mode-search");
-// Load sale and categ filters
-$search_sale = GETPOST("search_sale");
-$search_categ = GETPOST("search_categ");
-
-$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
-$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
-$page=isset($_GET["page"])?$_GET["page"]:$_POST["page"];
+$sortfield=GETPOST("sortfield");
+$sortorder=GETPOST("sortorder");
+$page=GETPOST("page");
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="s.nom";
if ($page == -1) { $page = 0 ; }
@@ -66,12 +66,9 @@ $pagenext = $page + 1;
*/
// Recherche
-$mode=isset($_GET["mode"])?$_GET["mode"]:$_POST["mode"];
-$modesearch=isset($_GET["mode-search"])?$_GET["mode-search"]:$_POST["mode-search"];
-
if ($mode == 'search')
{
- $_POST["search_nom"]=$socname;
+ $search_nom=$socname;
$sql = "SELECT s.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
@@ -117,13 +114,6 @@ if ($mode == 'search')
}
}
-// Security check
-if ($user->societe_id > 0)
-{
- $action = '';
- $socid = $user->societe_id;
-}
-
/*