@@ -98,6 +98,28 @@ if (empty($action)) {
$arrayfields = array();
+$accounting_product_modes = array(
+ 'ACCOUNTANCY_SELL',
+ 'ACCOUNTANCY_SELL_INTRA',
+ 'ACCOUNTANCY_SELL_EXPORT',
+ 'ACCOUNTANCY_BUY',
+ 'ACCOUNTANCY_BUY_INTRA',
+ 'ACCOUNTANCY_BUY_EXPORT'
+);
+
+if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
+ $accountancy_field_name = "accountancy_code_buy";
+} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
+ $accountancy_field_name = "accountancy_code_buy_intra";
+} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
+ $accountancy_field_name = "accountancy_code_buy_export";
+} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
+ $accountancy_field_name = "accountancy_code_sell";
+} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
+ $accountancy_field_name = "accountancy_code_sell_intra";
+} else { // $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT'
+ $accountancy_field_name = "accountancy_code_sell_export";
+}
/*
* Actions
@@ -133,15 +155,6 @@ if ($action == 'update') {
if (!empty($btn_changetype)) {
$error = 0;
- $accounting_product_modes = array(
- 'ACCOUNTANCY_SELL',
- 'ACCOUNTANCY_SELL_INTRA',
- 'ACCOUNTANCY_SELL_EXPORT',
- 'ACCOUNTANCY_BUY',
- 'ACCOUNTANCY_BUY_INTRA',
- 'ACCOUNTANCY_BUY_EXPORT'
- );
-
if (in_array($accounting_product_mode, $accounting_product_modes)) {
if (!dolibarr_set_const($db, 'ACCOUNTING_PRODUCT_MODE', $accounting_product_mode, 'chaine', 0, '', $conf->entity)) {
$error++;
@@ -153,7 +166,7 @@ if ($action == 'update') {
if (!empty($btn_changeaccount)) {
//$msg = '' . $langs->trans("Processing") . '...
';
- if (!empty($chk_prod)) {
+ if (!empty($chk_prod) && in_array($accounting_product_mode, $accounting_product_modes)) {
$accounting = new AccountingAccount($db);
//$msg .= '' . count($chk_prod) . ' ' . $langs->trans("SelectedLines") . '
';
@@ -175,26 +188,15 @@ if ($action == 'update') {
} else {
$db->begin();
- $sql = " UPDATE ".MAIN_DB_PREFIX."product";
- if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
- $sql .= " SET accountancy_code_buy = ".$accounting->account_number;
+ if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql = "INSERT INTO ".MAIN_DB_PREFIX."product_perentity (fk_product, entity, '".$db->escape($accountancy_field_name)."')";
+ $sql .= " VALUES (".((int) $productid).", ".((int) $conf->entity).", '".$db->escape($accounting->account_number)."')";
+ $sql .= " ON DUPLICATE KEY UPDATE ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
+ } else {
+ $sql = " UPDATE ".MAIN_DB_PREFIX."product";
+ $sql .= " SET ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
+ $sql .= " WHERE rowid = ".((int) $productid);
}
- if ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
- $sql .= " SET accountancy_code_buy_intra = ".$accounting->account_number;
- }
- if ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
- $sql .= " SET accountancy_code_buy_export = ".$accounting->account_number;
- }
- if ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
- $sql .= " SET accountancy_code_sell = ".$accounting->account_number;
- }
- if ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
- $sql .= " SET accountancy_code_sell_intra = ".$accounting->account_number;
- }
- if ($accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
- $sql .= " SET accountancy_code_sell_export = ".$accounting->account_number;
- }
- $sql .= " WHERE rowid = ".((int) $productid);
dol_syslog("/accountancy/admin/productaccount.php sql=".$sql, LOG_DEBUG);
if ($db->query($sql)) {
@@ -267,50 +269,25 @@ if (empty($pcgvercode)) {
}
$sql = "SELECT p.rowid, p.ref, p.label, p.description, p.tosell, p.tobuy, p.tva_tx,";
-$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
-$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
+if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " pa.accountancy_code_sell, pa.accountancy_code_sell_intra, pa.accountancy_code_sell_export,";
+ $sql .= " pa.accountancy_code_buy, pa.accountancy_code_buy_intra, pa.accountancy_code_buy_export,";
+} else {
+ $sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
+ $sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
+}
$sql .= " p.tms, p.fk_product_type as product_type,";
$sql .= " aa.rowid as aaid";
$sql .= " FROM ".MAIN_DB_PREFIX."product as p";
-$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON";
-if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
- $sql .= " p.accountancy_code_buy = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
- $sql .= " p.accountancy_code_buy_intra = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
- $sql .= " p.accountancy_code_buy_export = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
- $sql .= " p.accountancy_code_sell = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
- $sql .= " p.accountancy_code_sell_intra = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
+if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
+ $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = pa." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
} else {
- $sql .= " p.accountancy_code_sell_export = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
+ $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = p." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
}
$sql .= ' WHERE p.entity IN ('.getEntity('product').')';
-if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_buy", $search_current_account);
- }
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_buy_intra", $search_current_account);
- }
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_buy_export", $search_current_account);
- }
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_sell", $search_current_account);
- }
-} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_sell_intra", $search_current_account);
- }
-} else {
- if (strlen(trim($search_current_account))) {
- $sql .= natural_search("p.accountancy_code_sell_export", $search_current_account);
- }
+if (strlen(trim($search_current_account))) {
+ $sql .= natural_search((empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "pa.") . $accountancy_field_name, $search_current_account);
}
if ($search_current_account_valid == 'withoutvalidaccount') {
$sql .= " AND aa.account_number IS NULL";
@@ -459,7 +436,7 @@ if ($result) {
// On sell
if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print ''.$form->selectyesno('search_onsell', $search_onsell, 1, false, 1).' | ';
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY' || $accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
+ } else {
// On buy
print ''.$form->selectyesno('search_onpurchase', $search_onpurchase, 1, false, 1).' | ';
}
@@ -484,26 +461,12 @@ if ($result) {
}
print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "p.tva_tx", "", $param, '', $sortfield, $sortorder, 'right ');
// On sell / On purchase
- if ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
+ if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_sell";
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
- print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_sell_intra";
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
- print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_sell_export";
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
+ } else {
print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_buy";
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
- print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_buy_intra";
- } elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
- print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
- $fieldtosortaccount = "p.accountancy_code_buy_export";
}
- print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], $fieldtosortaccount, "", $param, '', $sortfield, $sortorder);
+ print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "pa.") . $accountancy_field_name, "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("AssignDedicatedAccountingAccount");
$clickpitco = $form->showCheckAddButtons('checkforselect', 1);
print_liste_field_titre($clickpitco, '', '', '', '', '', '', '', 'center ');
@@ -607,11 +570,10 @@ if ($result) {
print vatrate($obj->tva_tx);
print '';
+ // On sell / On purchase
if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print ''.$product_static->getLibStatut(3, 0).' | ';
- }
-
- if ($accounting_product_mode == 'ACCOUNTANCY_BUY' || $accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
+ } else {
print ''.$product_static->getLibStatut(3, 1).' | ';
}
diff --git a/htdocs/accountancy/admin/subaccount.php b/htdocs/accountancy/admin/subaccount.php
index 4b7d4d029b5..ad1804048c3 100644
--- a/htdocs/accountancy/admin/subaccount.php
+++ b/htdocs/accountancy/admin/subaccount.php
@@ -118,9 +118,10 @@ if (empty($reshook)) {
$form = new Form($db);
+$help_url = '';
$title = $langs->trans('ChartOfIndividualAccountsOfSubsidiaryLedger');
-llxHeader('', $title);
+llxHeader('', $title, $help_url);
// Customer
$sql = "SELECT sa.rowid, sa.nom as label, sa.code_compta as subaccount, '1' as type, sa.entity";
@@ -314,7 +315,7 @@ if ($resql) {
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'title_accountancy', 0, '', '', $limit, 0, 0, 1);
- print ''.$langs->trans("WarningCreateSubAccounts").'
';
+ print ''.$langs->trans("WarningCreateSubAccounts").'
';
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
@@ -418,11 +419,11 @@ if ($resql) {
if (!empty($arrayfields['reconcilable']['checked'])) {
print '';
if (empty($obj->reconcilable)) {
- print '';
+ print '';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '';
} else {
- print '';
+ print '';
print img_picto($langs->trans("Activated"), 'switch_on');
print '';
}
diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php
index 35473c6329e..e03790a8995 100644
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@@ -135,6 +135,18 @@ if (!empty($search_accountancy_code_end)) {
$param .= '&search_accountancy_code_end='.$search_accountancy_code_end;
}
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
+
+
/*
* Action
*/
diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php
index 3ab9ed0a702..e3cac139c08 100644
--- a/htdocs/accountancy/bookkeeping/card.php
+++ b/htdocs/accountancy/bookkeeping/card.php
@@ -44,13 +44,6 @@ $id = GETPOST('id', 'int'); // id of record
$mode = GETPOST('mode', 'aZ09'); // '' or '_tmp'
$piece_num = GETPOST("piece_num", 'int'); // id of transaction (several lines share the same transaction id)
-// Security check
-if ($user->socid > 0) {
- accessforbidden();
-}
-
-$mesg = '';
-
$accountingaccount = new AccountingAccount($db);
$accountingjournal = new AccountingJournal($db);
@@ -83,6 +76,17 @@ if (!empty($update)) {
$object = new BookKeeping($db);
+// Security check
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Actions
@@ -539,11 +543,11 @@ if ($action == 'create') {
print ' | ' . $langs->trans("Status") . ' | ';
print '';
if (empty($object->validated)) {
- print '';
+ print '';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '';
} else {
- print '';
+ print '';
print img_picto($langs->trans("Activated"), 'switch_on');
print '';
}
diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
index 8ca4175f87f..498c513b761 100644
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@@ -3,7 +3,7 @@
* Copyright (C) 2013-2016 Florian Henry
* Copyright (C) 2013-2020 Alexandre Spangaro
* Copyright (C) 2016-2017 Laurent Destailleur
- * Copyright (C) 2018 Frédéric France
+ * Copyright (C) 2018-2021 Frédéric France
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -45,14 +45,14 @@ $search_mvt_num = GETPOST('search_mvt_num', 'int');
$search_doc_type = GETPOST("search_doc_type", 'alpha');
$search_doc_ref = GETPOST("search_doc_ref", 'alpha');
$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
-$search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
+$search_date_end = dol_mktime(23, 59, 59, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
$search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
$search_date_creation_start = dol_mktime(0, 0, 0, GETPOST('date_creation_startmonth', 'int'), GETPOST('date_creation_startday', 'int'), GETPOST('date_creation_startyear', 'int'));
-$search_date_creation_end = dol_mktime(0, 0, 0, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int'));
+$search_date_creation_end = dol_mktime(23, 59, 59, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int'));
$search_date_modification_start = dol_mktime(0, 0, 0, GETPOST('date_modification_startmonth', 'int'), GETPOST('date_modification_startday', 'int'), GETPOST('date_modification_startyear', 'int'));
-$search_date_modification_end = dol_mktime(0, 0, 0, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int'));
+$search_date_modification_end = dol_mktime(23, 59, 59, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int'));
$search_date_export_start = dol_mktime(0, 0, 0, GETPOST('date_export_startmonth', 'int'), GETPOST('date_export_startday', 'int'), GETPOST('date_export_startyear', 'int'));
-$search_date_export_end = dol_mktime(0, 0, 0, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int'));
+$search_date_export_end = dol_mktime(23, 59, 59, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int'));
//var_dump($search_date_start);exit;
if (GETPOST("button_delmvt_x") || GETPOST("button_delmvt.x") || GETPOST("button_delmvt")) {
@@ -171,6 +171,16 @@ if (empty($listofformat[$formatexportset])) {
$error = 0;
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Actions
@@ -471,7 +481,7 @@ if (count($filter) > 0) {
}
}
$sql .= ' WHERE t.entity IN ('.getEntity('accountancy').')';
-if ($conf->global->ACCOUNTING_REEXPORT == 0) {
+if (empty($conf->global->ACCOUNTING_REEXPORT)) {
$sql .= " AND t.date_export IS NULL";
}
if (count($sqlwhere) > 0) {
@@ -487,7 +497,7 @@ if (!empty($sortfield)) {
// Must be after definition of $sql
if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->export) {
// TODO Replace the fetchAll + ->export later that consume too much memory on large export with the query($sql) and loop on each line to export them.
- $result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', $conf->global->ACCOUNTING_REEXPORT);
+ $result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', (empty($conf->global->ACCOUNTING_REEXPORT) ? 0 : 1));
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
@@ -510,7 +520,7 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex
$sql = " UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping";
$sql .= " SET date_export = '".$db->idate($now)."'";
$sql .= " , date_validated = '".$db->idate($now)."'";
- $sql .= " WHERE rowid = ".$movement->id;
+ $sql .= " WHERE rowid = ".((int) $movement->id);
dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported sql=".$sql, LOG_DEBUG);
$result = $db->query($sql);
@@ -717,7 +727,9 @@ if (!empty($arrayfields['t.piece_num']['checked'])) {
}
// Code journal
if (!empty($arrayfields['t.code_journal']['checked'])) {
- print ' | ';
+ print '';
+ print $formaccounting->multi_select_journal($search_ledger_code, 'search_ledger_code', 0, 1, 1, 1);
+ print ' | ';
}
// Date document
if (!empty($arrayfields['t.doc_date']['checked'])) {
@@ -738,12 +750,10 @@ if (!empty($arrayfields['t.doc_ref']['checked'])) {
if (!empty($arrayfields['t.numero_compte']['checked'])) {
print '';
print ' ';
- print $langs->trans('From').' ';
- print $formaccounting->select_account($search_accountancy_code_start, 'search_accountancy_code_start', 1, array(), 1, 1, 'maxwidth200');
+ print $formaccounting->select_account($search_accountancy_code_start, 'search_accountancy_code_start', $langs->trans('From'), array(), 1, 1, 'maxwidth200', 1);
print ' ';
print '';
- print $langs->trans('to').' ';
- print $formaccounting->select_account($search_accountancy_code_end, 'search_accountancy_code_end', 1, array(), 1, 1, 'maxwidth200');
+ print $formaccounting->select_account($search_accountancy_code_end, 'search_accountancy_code_end', $langs->trans('to'), array(), 1, 1, 'maxwidth200', 1);
print ' ';
print ' | ';
}
diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php
index 99b644d1e0a..406664938cc 100644
--- a/htdocs/accountancy/bookkeeping/listbyaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbyaccount.php
@@ -46,7 +46,7 @@ $search_date_endyear = GETPOST('search_date_endyear', 'int');
$search_date_endmonth = GETPOST('search_date_endmonth', 'int');
$search_date_endday = GETPOST('search_date_endday', 'int');
$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear);
-$search_date_end = dol_mktime(0, 0, 0, $search_date_endmonth, $search_date_endday, $search_date_endyear);
+$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear);
$search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
$search_date_export_startyear = GETPOST('search_date_export_startyear', 'int');
$search_date_export_startmonth = GETPOST('search_date_export_startmonth', 'int');
@@ -163,6 +163,16 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Action
diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php
index 72b6574bea5..129e695de3c 100644
--- a/htdocs/accountancy/bookkeeping/listbysubaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php
@@ -163,10 +163,21 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Action
*/
+
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
}
diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
index a2192d5ea60..0064e8c4715 100644
--- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
+++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
@@ -94,6 +94,16 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Action
@@ -128,7 +138,7 @@ $form = new Form($db);
$formaccounting = new FormAccounting($db);
$title = $object->name." - ".$langs->trans('TabLetteringCustomer');
-$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
+$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas|DE:Modul_Geschäftspartner';
llxHeader('', $title, $help_url);
$head = societe_prepare_head($object);
diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
index f8167846aff..a73f711e15a 100644
--- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
+++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
@@ -94,10 +94,21 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
* Action
*/
+
if ($action == 'lettering') {
$result = $lettering->updateLettering($toselect);
@@ -127,7 +138,7 @@ $form = new Form($db);
$formaccounting = new FormAccounting($db);
$title = $object->name." - ".$langs->trans('TabLetteringSupplier');
-$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
+$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas|DE:Modul_Geschäftspartner';
llxHeader('', $title, $help_url);
$head = societe_prepare_head($object);
diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php
index 95d88c80c87..3e171110c8b 100644
--- a/htdocs/accountancy/class/accountancycategory.class.php
+++ b/htdocs/accountancy/class/accountancycategory.class.php
@@ -261,7 +261,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " t.active";
$sql .= " FROM ".MAIN_DB_PREFIX."c_accounting_category as t";
if ($id) {
- $sql .= " WHERE t.rowid = ".$id;
+ $sql .= " WHERE t.rowid = ".((int) $id);
} else {
$sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Dont't use entity if you use rowid
if ($code) {
@@ -354,7 +354,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " position=".(isset($this->position) ? $this->position : "null").",";
$sql .= " fk_country=".(isset($this->fk_country) ? $this->fk_country : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null")."";
- $sql .= " WHERE rowid=".$this->id;
+ $sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@@ -392,7 +392,7 @@ class AccountancyCategory // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_accounting_category";
- $sql .= " WHERE rowid=".$this->id;
+ $sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@@ -428,7 +428,7 @@ class AccountancyCategory // extends CommonObject
global $conf;
$sql = "SELECT t.rowid, t.account_number, t.label";
$sql .= " FROM ".MAIN_DB_PREFIX."accounting_account as t";
- $sql .= " WHERE t.fk_accounting_category = ".$id;
+ $sql .= " WHERE t.fk_accounting_category = ".((int) $id);
$sql .= " AND t.entity = ".$conf->entity;
$this->lines_display = array();
@@ -743,7 +743,7 @@ class AccountancyCategory // extends CommonObject
}
$listofaccount .= "'".$cptcursor."'";
}
- $sql .= " AND t.numero_compte IN (".$listofaccount.")";
+ $sql .= " AND t.numero_compte IN (".$this->db->sanitize($listofaccount).")";
} else {
$sql .= " AND t.numero_compte = '".$this->db->escape($cpt)."'";
}
@@ -863,7 +863,7 @@ class AccountancyCategory // extends CommonObject
if (!empty($cat_id)) {
$sql = "SELECT t.rowid, t.account_number, t.label as account_label";
$sql .= " FROM ".MAIN_DB_PREFIX."accounting_account as t";
- $sql .= " WHERE t.fk_accounting_category = ".$cat_id;
+ $sql .= " WHERE t.fk_accounting_category = ".((int) $cat_id);
$sql .= " AND t.entity = ".$conf->entity;
$sql .= " ORDER BY t.account_number";
} else {
diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php
index 4467844b04e..ad3e863cc8c 100644
--- a/htdocs/accountancy/class/accountancyexport.class.php
+++ b/htdocs/accountancy/class/accountancyexport.class.php
@@ -542,17 +542,17 @@ class AccountancyExport
// Credit invoice - invert sens
/*
- if ($data->montant < 0) {
- if ($data->sens == 'C') {
- $Tab['sens'] = 'D';
- } else {
- $Tab['sens'] = 'C';
- }
- $Tab['signe_montant'] = '-';
- } else {
- $Tab['sens'] = $data->sens; // C or D
- $Tab['signe_montant'] = '+';
- }*/
+ if ($data->montant < 0) {
+ if ($data->sens == 'C') {
+ $Tab['sens'] = 'D';
+ } else {
+ $Tab['sens'] = 'C';
+ }
+ $Tab['signe_montant'] = '-';
+ } else {
+ $Tab['sens'] = $data->sens; // C or D
+ $Tab['signe_montant'] = '+';
+ }*/
$Tab['sens'] = $data->sens; // C or D
$Tab['signe_montant'] = '+';
@@ -856,8 +856,8 @@ class AccountancyExport
foreach ($objectLines as $line) {
if ($line->debit == 0 && $line->credit == 0) {
- //unset($array[$line]);
- } else {
+ //unset($array[$line]);
+ } else {
$date_creation = dol_print_date($line->date_creation, '%Y%m%d');
$date_document = dol_print_date($line->doc_date, '%Y%m%d');
$date_lettering = dol_print_date($line->date_lettering, '%Y%m%d');
@@ -1644,7 +1644,7 @@ class AccountancyExport
// Get new customer invoice ref and company name
$sql = 'SELECT f.ref, s.nom FROM ' . MAIN_DB_PREFIX . 'facture as f';
$sql .= ' LEFT JOIN ' . MAIN_DB_PREFIX . 'societe AS s ON f.fk_soc = s.rowid';
- $sql .= ' WHERE f.rowid = ' . $line->fk_doc;
+ $sql .= ' WHERE f.rowid = '.((int) $line->fk_doc);
$resql = $this->db->query($sql);
if ($resql) {
if ($obj = $this->db->fetch_object($resql)) {
@@ -1658,7 +1658,7 @@ class AccountancyExport
// Get new supplier invoice ref and company name
$sql = 'SELECT ff.ref, s.nom FROM ' . MAIN_DB_PREFIX . 'facture_fourn as ff';
$sql .= ' LEFT JOIN ' . MAIN_DB_PREFIX . 'societe AS s ON ff.fk_soc = s.rowid';
- $sql .= ' WHERE ff.rowid = ' . $line->fk_doc;
+ $sql .= ' WHERE ff.rowid = '.((int) $line->fk_doc);
$resql = $this->db->query($sql);
if ($resql) {
if ($obj = $this->db->fetch_object($resql)) {
diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php
index d5fad9b8f60..a7d89c45294 100644
--- a/htdocs/accountancy/class/accountingaccount.class.php
+++ b/htdocs/accountancy/class/accountingaccount.class.php
@@ -414,7 +414,7 @@ class AccountingAccount extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_account";
- $sql .= " WHERE rowid=".$this->id;
+ $sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete sql=".$sql);
$resql = $this->db->query($sql);
@@ -553,7 +553,7 @@ class AccountingAccount extends CommonObject
{
$sql = 'SELECT a.rowid, a.datec, a.fk_user_author, a.fk_user_modif, a.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as a';
- $sql .= ' WHERE a.rowid = '.$id;
+ $sql .= ' WHERE a.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info sql='.$sql);
$result = $this->db->query($sql);
diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php
index 27a84270e95..7286e954d0e 100644
--- a/htdocs/accountancy/class/bookkeeping.class.php
+++ b/htdocs/accountancy/class/bookkeeping.class.php
@@ -729,7 +729,7 @@ class BookKeeping extends CommonObject
if (null !== $ref) {
$sql .= " AND t.ref = '".$this->db->escape($ref)."'";
} else {
- $sql .= ' AND t.rowid = '.$id;
+ $sql .= ' AND t.rowid = '.((int) $id);
}
$resql = $this->db->query($sql);
@@ -1262,7 +1262,7 @@ class BookKeeping extends CommonObject
$sql .= ' code_journal = '.(isset($this->code_journal) ? "'".$this->db->escape($this->code_journal)."'" : "null").',';
$sql .= ' journal_label = '.(isset($this->journal_label) ? "'".$this->db->escape($this->journal_label)."'" : "null").',';
$sql .= ' piece_num = '.(isset($this->piece_num) ? $this->piece_num : "null");
- $sql .= ' WHERE rowid='.$this->id;
+ $sql .= ' WHERE rowid='.((int) $this->id);
$this->db->begin();
@@ -1359,7 +1359,7 @@ class BookKeeping extends CommonObject
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.$mode;
- $sql .= ' WHERE rowid='.$this->id;
+ $sql .= ' WHERE rowid='.((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
diff --git a/htdocs/accountancy/class/lettering.class.php b/htdocs/accountancy/class/lettering.class.php
index ad6f186d68f..b2abf01948e 100644
--- a/htdocs/accountancy/class/lettering.class.php
+++ b/htdocs/accountancy/class/lettering.class.php
@@ -126,7 +126,7 @@ class Lettering extends BookKeeping
if (count($ids_fact)) {
$sql = 'SELECT bk.rowid, facf.ref, facf.ref_supplier ';
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn facf ";
- $sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = facf.rowid AND facf.rowid IN (".implode(',', $ids_fact)."))";
+ $sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = facf.rowid AND facf.rowid IN (".$this->db->sanitize(implode(',', $ids_fact))."))";
$sql .= " WHERE bk.code_journal IN (SELECT code FROM ".MAIN_DB_PREFIX."accounting_journal WHERE nature=3 AND entity=".$conf->entity.") ";
$sql .= " AND facf.entity = ".$conf->entity;
$sql .= " AND ( ";
@@ -185,7 +185,7 @@ class Lettering extends BookKeeping
if (count($ids_fact)) {
$sql = 'SELECT bk.rowid, fac.ref, fac.ref_supplier ';
$sql .= " FROM ".MAIN_DB_PREFIX."facture fac ";
- $sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = fac.rowid AND fac.rowid IN (".implode(',', $ids_fact)."))";
+ $sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = fac.rowid AND fac.rowid IN (".$this->db->sanitize(implode(',', $ids_fact))."))";
$sql .= " WHERE code_journal IN (SELECT code FROM ".MAIN_DB_PREFIX."accounting_journal WHERE nature=2 AND entity=".$conf->entity.") ";
$sql .= " AND fac.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND ( ";
@@ -255,7 +255,7 @@ class Lettering extends BookKeeping
}
$sql = "SELECT SUM(ABS(debit)) as deb, SUM(ABS(credit)) as cred FROM ".MAIN_DB_PREFIX."accounting_bookkeeping WHERE ";
- $sql .= " rowid IN (".implode(',', $ids).") AND date_validated IS NULL";
+ $sql .= " rowid IN (".$this->db->sanitize(implode(',', $ids)).") AND date_validated IS NULL";
$result = $this->db->query($sql);
if ($result) {
$obj = $this->db->fetch_object($result);
@@ -276,7 +276,7 @@ class Lettering extends BookKeeping
$sql = "UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping SET";
$sql .= " lettering_code='".$this->db->escape($lettre)."'";
$sql .= " , date_lettering = '".$this->db->idate($now)."'"; // todo correct date it's false
- $sql .= " WHERE rowid IN (".implode(',', $ids).") AND date_validated IS NULL ";
+ $sql .= " WHERE rowid IN (".$this->db->sanitize(implode(',', $ids)).") AND date_validated IS NULL ";
$this->db->begin();
dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG);
diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php
index 94e59de1812..390c288b606 100644
--- a/htdocs/accountancy/closure/index.php
+++ b/htdocs/accountancy/closure/index.php
@@ -35,17 +35,6 @@ $socid = GETPOST('socid', 'int');
$action = GETPOST('action', 'aZ09');
-// Security check
-if (empty($conf->accounting->enabled)) {
- accessforbidden();
-}
-if ($user->socid > 0) {
- accessforbidden();
-}
-if (!$user->rights->accounting->fiscalyear->write) {
- accessforbidden();
-}
-
$object = new BookKeeping($db);
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
@@ -67,10 +56,23 @@ $search_date_start = dol_mktime(0, 0, 0, $month_start, 1, $year_start);
$search_date_end = dol_get_last_day($year_end, $month_end);
$year_current = $year_start;
+// Security check
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
+if ($user->socid > 0) {
+ accessforbidden();
+}
+if (!$user->rights->accounting->fiscalyear->write) {
+ accessforbidden();
+}
+
+
/*
* Actions
*/
-if ($action == 'validate_movements_confirm' && $user->rights->accounting->fiscalyear->write) {
+
+if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting->fiscalyear->write)) {
$result = $object->fetchAll();
if ($result < 0) {
@@ -89,9 +91,9 @@ if ($action == 'validate_movements_confirm' && $user->rights->accounting->fiscal
$sql = " UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping";
$sql .= " SET date_validated = '".$db->idate($now)."'";
- $sql .= " WHERE rowid = ".$movement->id;
- $sql .= " AND doc_date >= '" . dol_print_date($date_start, 'dayrfc') . "'";
- $sql .= " AND doc_date <= '" . dol_print_date($date_end, 'dayrfc') . "'";
+ $sql .= " WHERE rowid = ".((int) $movement->id);
+ $sql .= " AND doc_date >= '" . $db->idate($date_start) . "'";
+ $sql .= " AND doc_date <= '" . $db->idate($date_end) . "'";
dol_syslog("/accountancy/closure/index.php :: Function validate_movement_confirm Specify movements as validated sql=".$sql, LOG_DEBUG);
$result = $db->query($sql);
diff --git a/htdocs/accountancy/customer/card.php b/htdocs/accountancy/customer/card.php
index 9807922c43f..f0bcd9f7a49 100644
--- a/htdocs/accountancy/customer/card.php
+++ b/htdocs/accountancy/customer/card.php
@@ -1,7 +1,7 @@
* Copyright (C) 2013-2014 Florian Henry
- * Copyright (C) 2013-2017 Alexandre Spangaro
+ * Copyright (C) 2013-2021 Alexandre Spangaro
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -38,9 +38,16 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
if ($user->socid > 0) {
accessforbidden();
}
+if (empty($user->rights->accounting->mouvements->lire)) {
+ accessforbidden();
+}
+
/*
@@ -54,8 +61,8 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
}
$sql = " UPDATE ".MAIN_DB_PREFIX."facturedet";
- $sql .= " SET fk_code_ventilation = ".$codeventil;
- $sql .= " WHERE rowid = ".$id;
+ $sql .= " SET fk_code_ventilation = ".((int) $codeventil);
+ $sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@@ -93,13 +100,21 @@ $formaccounting = new FormAccounting($db);
if (!empty($id)) {
$sql = "SELECT f.ref, f.rowid as facid, l.fk_product, l.description, l.price,";
- $sql .= " l.qty, l.rowid, l.tva_tx, l.remise_percent, l.subprice, p.accountancy_code_sell as code_sell,";
+ $sql .= " l.qty, l.rowid, l.tva_tx, l.remise_percent, l.subprice,";
+ if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " pa.accountancy_code_sell as code_sell,";
+ } else {
+ $sql .= " p.accountancy_code_sell as code_sell,";
+ }
$sql .= " l.fk_code_ventilation, aa.account_number, aa.label";
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
+ if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
+ }
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = l.fk_facture";
- $sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".$id;
+ $sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/customer/card.php sql=".$sql, LOG_DEBUG);
diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php
index a0da7ace065..0b32e2802c4 100644
--- a/htdocs/accountancy/customer/index.php
+++ b/htdocs/accountancy/customer/index.php
@@ -1,7 +1,7 @@
* Copyright (C) 2013-2014 Florian Henry
- * Copyright (C) 2013-2020 Alexandre Spangaro
+ * Copyright (C) 2013-2021 Alexandre Spangaro
* Copyright (C) 2014 Juanjo Menent
* Copyright (C) 2015 Jean-François Ferry
*
@@ -125,19 +125,34 @@ if ($action == 'validatehistory') {
$sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
- $sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
+ if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
+ } else {
+ $sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
+ }
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
- $sql .= " s.tva_intra, s.accountancy_code_sell as company_code_sell";
+ $sql .= " s.tva_intra,";
+ if (!empty($conf->global->ACCOUNTANCY_COMPANY_SHARED)) {
+ $sql .= " sa.accountancy_code_sell as company_code_sell";
+ } else {
+ $sql .= " s.accountancy_code_sell as company_code_sell";
+ }
+
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
- $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON p.accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
- $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON p.accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
- $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON p.accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
- $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON s.accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
+ if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
+ $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
+ }
+ $alias_societe_perentity = empty($conf->global->ACCOUNTANCY_COMPANY_SHARED) ? "s" : "sa";
+ $alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "pa";
+ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
+ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
+ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
+ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_societe_perentity . ".accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
$sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0";
$sql .= " AND l.product_type <= 2";
@@ -192,8 +207,8 @@ if ($action == 'validatehistory') {
if ($objp->aarowid_suggest > 0) {
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facturedet";
- $sqlupdate .= " SET fk_code_ventilation = ".$objp->aarowid_suggest;
- $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".$objp->rowid;
+ $sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest);
+ $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $objp->rowid);
$resqlupdate = $db->query($sqlupdate);
if (!$resqlupdate) {
diff --git a/htdocs/accountancy/customer/lines.php b/htdocs/accountancy/customer/lines.php
index 983e7957583..6f522750398 100644
--- a/htdocs/accountancy/customer/lines.php
+++ b/htdocs/accountancy/customer/lines.php
@@ -1,6 +1,6 @@
- * Copyright (C) 2013-2020 Alexandre Spangaro
+ * Copyright (C) 2013-2021 Alexandre Spangaro
* Copyright (C) 2014-2015 Ari Elbaz (elarifr)
* Copyright (C) 2014-2016 Florian Henry
* Copyright (C) 2014 Juanjo Menent
@@ -80,13 +80,17 @@ if (!$sortorder) {
}
// Security check
+if (empty($conf->accounting->enabled)) {
+ accessforbidden();
+}
if ($user->socid > 0) {
accessforbidden();
}
-if (!$user->rights->accounting->bind->write) {
+if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
+
$formaccounting = new FormAccounting($db);
@@ -112,7 +116,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_tvaintra = '';
}
-if (is_array($changeaccount) && count($changeaccount) > 0) {
+if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {
@@ -125,7 +129,7 @@ if (is_array($changeaccount) && count($changeaccount) > 0) {
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facturedet as l";
$sql1 .= " SET l.fk_code_ventilation=".(GETPOST('account_parent', 'int') > 0 ? GETPOST('account_parent', 'int') : '0');
- $sql1 .= ' WHERE l.rowid IN ('.implode(',', $changeaccount).')';
+ $sql1 .= ' WHERE l.rowid IN ('.$db->sanitize(implode(',', $changeaccount)).')';
dol_syslog('accountancy/customer/lines.php::changeaccount sql= '.$sql1);
$resql1 = $db->query($sql1);
@@ -178,9 +182,13 @@ print ''."\n";
}
@@ -802,10 +863,14 @@ if ($rowid > 0) {
if ($object->morphy == 'mor') {
$companyname = $object->company;
- if (!empty($fullname)) $companyalias = $fullname;
+ if (!empty($fullname)) {
+ $companyalias = $fullname;
+ }
} else {
$companyname = $fullname;
- if (!empty($object->company)) $companyalias = $object->company;
+ if (!empty($object->company)) {
+ $companyalias = $object->company;
+ }
}
// Create a form array
@@ -886,7 +951,9 @@ if ($rowid > 0) {
// Label
print '| '.$langs->trans("Label").' | ';
print 'global->MEMBER_NO_DEFAULT_LABEL)) {
+ print $langs->trans("Subscription").' '.dol_print_date(($datefrom ? $datefrom : time()), "%Y");
+ }
print '"> | ';
// Complementary action
@@ -914,16 +981,21 @@ if ($rowid > 0) {
print 'fk_soc)) print ' disabled';
print '> '.$langs->trans("MoreActionInvoiceOnly");
- if ($object->fk_soc) print ' ('.$langs->trans("ThirdParty").': '.$company->getNomUrl(1).')';
- else {
+ if ($object->fk_soc) {
+ print ' ('.$langs->trans("ThirdParty").': '.$company->getNomUrl(1).')';
+ } else {
print ' (';
- if (empty($object->fk_soc)) print img_warning($langs->trans("NoThirdPartyAssociatedToMember"));
+ if (empty($object->fk_soc)) {
+ print img_warning($langs->trans("NoThirdPartyAssociatedToMember"));
+ }
print $langs->trans("NoThirdPartyAssociatedToMember");
print ' - ';
print $langs->trans("CreateDolibarrThirdParty");
print ')';
}
- if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') print '. '.$langs->trans("NoVatOnSubscription", 0).'';
+ if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') {
+ print '. '.$langs->trans("NoVatOnSubscription", 0).'';
+ }
if (!empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (!empty($conf->product->enabled) || !empty($conf->service->enabled))) {
$prodtmp = new Product($db);
$result = $prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
@@ -943,13 +1015,17 @@ if ($rowid > 0) {
print ' ('.$langs->trans("ThirdParty").': '.$company->getNomUrl(1).')';
} else {
print ' (';
- if (empty($object->fk_soc)) print img_warning($langs->trans("NoThirdPartyAssociatedToMember"));
+ if (empty($object->fk_soc)) {
+ print img_warning($langs->trans("NoThirdPartyAssociatedToMember"));
+ }
print $langs->trans("NoThirdPartyAssociatedToMember");
print ' - ';
print $langs->trans("CreateDolibarrThirdParty");
print ')';
}
- if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') print '. '.$langs->trans("NoVatOnSubscription", 0).'';
+ if (empty($conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS) || $conf->global->ADHERENT_VAT_FOR_SUBSCRIPTIONS != 'defaultforfoundationcountry') {
+ print '. '.$langs->trans("NoVatOnSubscription", 0).'';
+ }
if (!empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) && (!empty($conf->product->enabled) || !empty($conf->service->enabled))) {
$prodtmp = new Product($db);
$result = $prodtmp->fetch($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
@@ -964,6 +1040,7 @@ if ($rowid > 0) {
// Bank account
print '| '.$langs->trans("FinancialAccount").' | ';
+ print img_picto('', 'bank_account');
$form->select_comptes(GETPOST('accountid'), 'accountid', 0, '', 2);
print " | \n";
diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php
index f0f982b8764..575d6d2301b 100644
--- a/htdocs/adherents/subscription/card.php
+++ b/htdocs/adherents/subscription/card.php
@@ -48,8 +48,9 @@ $note = GETPOST('note', 'alpha');
$typeid = (int) GETPOST('typeid', 'int');
$amount = price2num(GETPOST('amount', 'alpha'), 'MT');
-if (!$user->rights->adherent->cotisation->lire)
+if (!$user->rights->adherent->cotisation->lire) {
accessforbidden();
+}
$permissionnote = $user->rights->adherent->cotisation->creer; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->rights->adherent->cotisation->creer; // Used by the include of actions_dellink.inc.php
@@ -65,7 +66,9 @@ $result = restrictedArea($user, 'subscription', 0); // TODO Check on object id
* Actions
*/
-if ($cancel) $action = '';
+if ($cancel) {
+ $action = '';
+}
//include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include, not include_once
@@ -122,7 +125,9 @@ if ($user->rights->adherent->cotisation->creer && $action == 'update' && !$cance
$errmsg = $object->error;
} else {
foreach ($object->errors as $error) {
- if ($errmsg) $errmsg .= '
';
+ if ($errmsg) {
+ $errmsg .= '
';
+ }
$errmsg .= $error;
}
}
@@ -269,7 +274,9 @@ if ($rowid && $action != 'edit') {
//$formquestion=array();
//$formquestion['text']=''.$langs->trans("ThisWillAlsoDeleteBankRecord").'';
$text = $langs->trans("ConfirmDeleteSubscription");
- if (!empty($conf->banque->enabled) && !empty($conf->global->ADHERENT_BANK_USE)) $text .= '
'.img_warning().' '.$langs->trans("ThisWillAlsoDeleteBankRecord");
+ if (!empty($conf->banque->enabled) && !empty($conf->global->ADHERENT_BANK_USE)) {
+ $text .= '
'.img_warning().' '.$langs->trans("ThisWillAlsoDeleteBankRecord");
+ }
print $form->formconfirm($_SERVER["PHP_SELF"]."?rowid=".$object->id, $langs->trans("DeleteSubscription"), $text, "confirm_delete", $formquestion, 0, 1);
}
@@ -342,9 +349,8 @@ if ($rowid && $action != 'edit') {
print dol_get_fiche_end();
/*
- * Barre d'actions
- *
- */
+ * Action bar
+ */
print '';
if ($user->rights->adherent->cotisation->creer) {
@@ -366,17 +372,17 @@ if ($rowid && $action != 'edit') {
print ' ';
print ' '; // ancre
- // Documents generes
+ // Generated documents
/*
- $filename = dol_sanitizeFileName($object->ref);
- $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);
- $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id;
- $genallowed = $user->rights->facture->lire;
- $delallowed = $user->rights->facture->creer;
+ $filename = dol_sanitizeFileName($object->ref);
+ $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);
+ $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id;
+ $genallowed = $user->rights->facture->lire;
+ $delallowed = $user->rights->facture->creer;
- print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);
- $somethingshown = $formfile->numoffiles;
- */
+ print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);
+ $somethingshown = $formfile->numoffiles;
+ */
// Show links to link elements
//$linktoelem = $form->showLinkToObjectBlock($object, null, array('subscription'));
$somethingshown = $form->showLinkedObjectBlock($object, '');
@@ -384,16 +390,16 @@ if ($rowid && $action != 'edit') {
// Show links to link elements
/*$linktoelem = $form->showLinkToObjectBlock($object,array('order'));
if ($linktoelem) print ($somethingshown?'':' ').$linktoelem;
- */
+ */
print ' ';
// List of actions on element
/*
- include_once DOL_DOCUMENT_ROOT . '/core/class/html.formactions.class.php';
- $formactions = new FormActions($db);
- $somethingshown = $formactions->showactions($object, 'invoice', $socid, 1);
- */
+ include_once DOL_DOCUMENT_ROOT . '/core/class/html.formactions.class.php';
+ $formactions = new FormActions($db);
+ $somethingshown = $formactions->showactions($object, 'invoice', $socid, 1);
+ */
print ' ';
}
diff --git a/htdocs/adherents/subscription/info.php b/htdocs/adherents/subscription/info.php
index a7a4a897505..080e2c0330c 100644
--- a/htdocs/adherents/subscription/info.php
+++ b/htdocs/adherents/subscription/info.php
@@ -31,8 +31,9 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php';
// Load translation files required by the page
$langs->loadLangs(array("companies", "members", "bills", "users"));
-if (!$user->rights->adherent->lire)
+if (!$user->rights->adherent->lire) {
accessforbidden();
+}
$rowid = GETPOST("rowid", 'int');
diff --git a/htdocs/adherents/subscription/list.php b/htdocs/adherents/subscription/list.php
index 4dbfdd5c851..6b76fc3d502 100644
--- a/htdocs/adherents/subscription/list.php
+++ b/htdocs/adherents/subscription/list.php
@@ -55,12 +55,18 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
-if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
+if (empty($page) || $page == -1) {
+ $page = 0;
+} // If $page is not defined, or '' or -1
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
-if (!$sortorder) { $sortorder = "DESC"; }
-if (!$sortfield) { $sortfield = "c.dateadh"; }
+if (!$sortorder) {
+ $sortorder = "DESC";
+}
+if (!$sortfield) {
+ $sortfield = "c.dateadh";
+}
$object = new Subscription($db);
@@ -102,12 +108,18 @@ $result = restrictedArea($user, 'adherent', '', '', 'cotisation');
* Actions
*/
-if (GETPOST('cancel', 'alpha')) { $action = 'list'; $massaction = ''; }
-if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction = ''; }
+if (GETPOST('cancel', 'alpha')) {
+ $action = 'list'; $massaction = '';
+}
+if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') {
+ $massaction = '';
+}
$parameters = array('socid'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
-if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+if ($reshook < 0) {
+ setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
+}
if (empty($reshook)) {
// Selection of new fields
@@ -157,16 +169,33 @@ if (isset($date_select) && $date_select != '') {
$sql .= " AND c.dateadh < '".((int) $date_select + 1)."-01-01 00:00:00'";
}
if ($search_ref) {
- if (is_numeric($search_ref)) $sql .= " AND (c.rowid = ".$db->escape($search_ref).")";
- else $sql .= " AND 1 = 2"; // Always wrong
+ if (is_numeric($search_ref)) {
+ $sql .= " AND (c.rowid = ".$db->escape($search_ref).")";
+ } else {
+ $sql .= " AND 1 = 2"; // Always wrong
+ }
+}
+if ($search_type) {
+ $sql .= natural_search(array('c.fk_type'), $search_type);
+}
+if ($search_lastname) {
+ $sql .= natural_search(array('d.lastname', 'd.societe'), $search_lastname);
+}
+if ($search_firstname) {
+ $sql .= natural_search(array('d.firstname'), $search_firstname);
+}
+if ($search_login) {
+ $sql .= natural_search('d.login', $search_login);
+}
+if ($search_note) {
+ $sql .= natural_search('c.note', $search_note);
+}
+if ($search_account > 0) {
+ $sql .= " AND b.fk_account = ".((int) $search_account);
+}
+if ($search_amount) {
+ $sql .= natural_search('c.subscription', $search_amount, 1);
}
-if ($search_type) $sql .= natural_search(array('c.fk_type'), $search_type);
-if ($search_lastname) $sql .= natural_search(array('d.lastname', 'd.societe'), $search_lastname);
-if ($search_firstname) $sql .= natural_search(array('d.firstname'), $search_firstname);
-if ($search_login) $sql .= natural_search('d.login', $search_login);
-if ($search_note) $sql .= natural_search('c.note', $search_note);
-if ($search_account > 0) $sql .= " AND b.fk_account = ".urldecode($search_account);
-if ($search_amount) $sql .= natural_search('c.subscription', $search_amount, 1);
// Add where from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php';
@@ -182,8 +211,11 @@ $sql .= $db->order($sortfield, $sortorder);
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$resql = $db->query($sql);
- if ($resql) $nbtotalofrecords = $db->num_rows($resql);
- else dol_print_error($db);
+ if ($resql) {
+ $nbtotalofrecords = $db->num_rows($resql);
+ } else {
+ dol_print_error($db);
+ }
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0
$page = 0;
$offset = 0;
@@ -215,19 +247,41 @@ llxHeader('', $langs->trans("ListOfSubscriptions"), $help_url);
$i = 0;
$title = $langs->trans("ListOfSubscriptions");
-if (!empty($date_select)) $title .= ' ('.$langs->trans("Year").' '.$date_select.')';
+if (!empty($date_select)) {
+ $title .= ' ('.$langs->trans("Year").' '.$date_select.')';
+}
$param = '';
-if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage);
-if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit);
-if ($statut != '') $param .= "&statut=".urlencode($statut);
-if ($search_type) $param .= "&search_type=".urlencode($search_type);
-if ($date_select) $param .= "&date_select=".urlencode($date_select);
-if ($search_lastname) $param .= "&search_lastname=".urlencode($search_lastname);
-if ($search_login) $param .= "&search_login=".urlencode($search_login);
-if ($search_account) $param .= "&search_account=".urlencode($search_account);
-if ($search_amount) $param .= "&search_amount=".urlencode($search_amount);
-if ($optioncss != '') $param .= '&optioncss='.urlencode($optioncss);
+if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
+ $param .= '&contextpage='.urlencode($contextpage);
+}
+if ($limit > 0 && $limit != $conf->liste_limit) {
+ $param .= '&limit='.urlencode($limit);
+}
+if ($statut != '') {
+ $param .= "&statut=".urlencode($statut);
+}
+if ($search_type) {
+ $param .= "&search_type=".urlencode($search_type);
+}
+if ($date_select) {
+ $param .= "&date_select=".urlencode($date_select);
+}
+if ($search_lastname) {
+ $param .= "&search_lastname=".urlencode($search_lastname);
+}
+if ($search_login) {
+ $param .= "&search_login=".urlencode($search_login);
+}
+if ($search_account) {
+ $param .= "&search_account=".urlencode($search_account);
+}
+if ($search_amount) {
+ $param .= "&search_amount=".urlencode($search_amount);
+}
+if ($optioncss != '') {
+ $param .= '&optioncss='.urlencode($optioncss);
+}
// Add $param from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';
@@ -237,7 +291,9 @@ $arrayofmassactions = array(
//'builddoc'=>$langs->trans("PDFMerge"),
);
//if ($user->rights->adherent->supprimer) $arrayofmassactions['predelete']=' '.$langs->trans("Delete");
-if (in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions = array();
+if (in_array($massaction, array('presend', 'predelete'))) {
+ $arrayofmassactions = array();
+}
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
$newcardbutton = '';
@@ -246,7 +302,9 @@ if ($user->rights->adherent->cotisation->creer) {
}
print ' |