lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Can make a link between a member and a user

Browse Source
This commit is contained in:
Laurent Destailleur 2009-05-06 23:30:49 +00:00
parent cba6e942e7
commit 1e37d24bf4
11 changed files with 349 additions and 202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
htdocs/adherents/adherent.class.php
View File

@ -58,7 +58,6 @@ class Adherent extends CommonObject
var $login;
var $pass;
var $societe;
var $fk_soc;
var $adresse;
var $cp;
var $ville;
@ -90,6 +89,8 @@ class Adherent extends CommonObject
var $user_id;
var $user_login;
var $fk_soc;
// Fields loaded by fetch_subscriptions()
var $fistsubscription_date;
var $fistsubscription_amount;
@ -296,13 +297,30 @@ class Adherent extends CommonObject
$this->id=$id;
// Update minor fields
$result=$this->update($user,1,1);
$result=$this->update($user,1,1); // nosync is 1 to avoid update data of user
if ($result < 0)
{
$this->db->rollback();
return -1;
}
// Add link to user
if ($this->user_id)
{
// Add link to user
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
$sql.= " fk_member = '".$this->id."'";
$sql.= " WHERE rowid = ".$this->user_id;
dol_syslog("Adherent::create sql=".$sql);
$resql = $this->db->query($sql);
if (! $resql)
{
$this->error='Failed to update user to make link with member';
$this->db->rollback();
return -4;
}
}
$this->use_webcal=($conf->global->PHPWEBCALENDAR_MEMBERSTATUS=='always'?1:0);
if (! $notrigger)
@ -456,9 +474,23 @@ class Adherent extends CommonObject
}
}
if ($nbrowsaffected)
// Remove link to user
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL where fk_member = ".$this->id;
dol_syslog("Adherent::update sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
if (! $resql) { $this->error=$this->db->error(); $this->db->rollback(); return -5; }
// If there is a user linked to this member
if ($this->user_id > 0)
{
if ($this->user_id && ! $nosyncuser)
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = ".$this->id." where rowid = ".$this->user_id;
dol_syslog("Adherent::update sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
if (! $resql) { $this->error=$this->db->error(); $this->db->rollback(); return -5; }
}
if ($nbrowsaffected) // If something has change in data
{
if ($this->user_id > 0 && ! $nosyncuser)
{
require_once(DOL_DOCUMENT_ROOT."/user.class.php");
@ -1721,11 +1753,11 @@ class Adherent extends CommonObject
if ($user->societe_id) return -1; // protection pour eviter appel par utilisateur externe
$this->nbtodo=$this->nbtodolate=0;
$sql = "SELECT a.rowid, a.datefin";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as a";
$sql.= " WHERE a.statut=1";
$resql=$this->db->query($sql);
if ($resql)
{

208
htdocs/adherents/fiche.php
View File

@ -133,6 +133,10 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
{
$result=$adh->fetch($_POST["rowid"]);
// Is it a new link to a user ?
$nosyncuser=0;
if ($adh->user_id != $_POST["userid"]) $nosyncuser=1;
// If change (allowed on all members) or (allowed on myself and i am edited memeber)
if ($user->rights->adherent->creer || ($user->rights->adherent->self->creer && $adh->user_id == $user->id))
{
@ -177,6 +181,9 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
$adh->statut = $_POST["statut"];
$adh->public = $_POST["public"];
$adh->fk_soc = $_POST["socid"];
$adh->user_id = $_POST["userid"];
foreach($_POST as $key => $value)
{
if (ereg("^options_",$key))
@ -187,7 +194,7 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
}
}
$result=$adh->update($user,0);
$result=$adh->update($user,0,$nosyncuser);
if ($result >= 0 && ! sizeof($adh->errors))
{
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
@ -230,7 +237,7 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
}
}
if ($user->rights->adherent->creer && $_POST["action"] == 'add')
if ($_POST["action"] == 'add' && $user->rights->adherent->creer)
{
$datenaiss='';
if (isset($_POST["naissday"]) && $_POST["naissday"]
@ -265,6 +272,9 @@ if ($user->rights->adherent->creer && $_POST["action"] == 'add')
$morphy=$_POST["morphy"];
$cotisation=$_POST["cotisation"];
$userid=$_POST["userid"];
$socid=$_POST["socid"];
$adh->prenom = $prenom;
$adh->nom = $nom;
$adh->societe = $societe;
@ -283,8 +293,12 @@ if ($user->rights->adherent->creer && $_POST["action"] == 'add')
$adh->typeid = $typeid;
$adh->note = $comment;
$adh->morphy = $morphy;
foreach($_POST as $key => $value){
if (ereg("^options_",$key)){
$adh->user_id = $userid;
$adh->fk_soc = $socid;
foreach($_POST as $key => $value)
{
if (ereg("^options_",$key))
{
//escape values from POST, at least with addslashes, to avoid obvious SQL injections
//(array_options is directly input in the DB in adherent.class.php::update())
$adh->array_options[$key]=addslashes($_POST[$key]);
@ -374,9 +388,8 @@ if ($user->rights->adherent->creer && $_POST["action"] == 'add')
}
$db->commit();
Header("Location: liste.php?statut=-1");
exit;
$rowid=$adh->id;
$action='';
}
else
{
@ -537,6 +550,7 @@ if ($user->rights->adherent->creer && $_POST["action"] == 'confirm_add_spip' &&
llxHeader();
$html = new Form($db);
if ($errmsg)
{
@ -577,25 +591,34 @@ if ($action == 'edit')
dol_fiche_head($head, 'general', $langs->trans("Member"));
$rowspan=14;
$rowspan+=sizeof($adho->attribute_label);
if ($conf->societe->enabled) $rowspan++;
print '<form name="update" action="'.$_SERVER["PHP_SELF"].'" method="post" enctype="multipart/form-data">';
print "<input type=\"hidden\" name=\"action\" value=\"update\">";
print "<input type=\"hidden\" name=\"rowid\" value=\"$rowid\">";
print "<input type=\"hidden\" name=\"statut\" value=\"".$adh->statut."\">";
$htmls = new Form($db);
print '<table class="border" width="100%">';
// Ref
print '<tr><td>'.$langs->trans("Ref").'</td><td class="valeur" colspan="2">'.$adh->id.'&nbsp;</td></tr>';
print '<tr><td>'.$langs->trans("Ref").'</td><td class="valeur" colspan="2">'.$adh->id.'</td></tr>';
// Physique-Moral
$morphys["phy"] = $langs->trans("Physical");
$morphys["mor"] = $langs->trans("Morale");
print "<tr><td>".$langs->trans("Person").'*</td><td colspan="2">';
$html->select_array("morphy", $morphys, $adh->morphy);
print "</td></tr>";
// Societe
print '<tr><td>'.$langs->trans("Company").'</td><td colspan="2"><input type="text" name="societe" size="40" value="'.$adh->societe.'"></td></tr>';
// Nom
print '<tr><td>'.$langs->trans("Lastname").'*</td><td><input type="text" name="nom" size="40" value="'.$adh->nom.'"></td>';
// Photo
$rowspan=16;
$rowspan+=sizeof($adho->attribute_label);
print '<td align="center" valign="middle" width="25%" rowspan="'.$rowspan.'">';
if (file_exists($conf->adherent->dir_output."/".$adh->id.".jpg"))
{
@ -629,7 +652,7 @@ if ($action == 'edit')
print '<tr><td>'.$langs->trans("Type").'*</td><td>';
if ($user->rights->adherent->creer) // If $user->rights->adherent->self->creer, we do not allow.
{
$htmls->select_array("typeid", $adht->liste_array(), $adh->typeid);
$html->select_array("typeid", $adht->liste_array(), $adh->typeid);
}
else
{
@ -638,16 +661,6 @@ if ($action == 'edit')
}
print "</td></tr>";
// Physique-Moral
$morphys["phy"] = $langs->trans("Physical");
$morphys["mor"] = $langs->trans("Morale");
print "<tr><td>".$langs->trans("Person")."*</td><td>";
$htmls->select_array("morphy", $morphys, $adh->morphy);
print "</td></tr>";
// Societe
print '<tr><td>'.$langs->trans("Company").'</td><td><input type="text" name="societe" size="40" value="'.$adh->societe.'"></td></tr>';
// Adresse
print '<tr><td>'.$langs->trans("Address").'</td><td>';
print '<textarea name="adresse" wrap="soft" cols="40" rows="2">'.$adh->adresse.'</textarea></td></tr>';
@ -657,7 +670,7 @@ if ($action == 'edit')
// Pays
print '<tr><td>'.$langs->trans("Country").'</td><td>';
$htmls->select_pays($adh->pays_code?$adh->pays_code:$mysoc->pays_code,'pays');
$html->select_pays($adh->pays_code?$adh->pays_code:$mysoc->pays_code,'pays');
print '</td></tr>';
// Tel
@ -674,12 +687,12 @@ if ($action == 'edit')
// Date naissance
print "<tr><td>".$langs->trans("Birthday")."</td><td>\n";
$htmls->select_date(($adh->naiss ? $adh->naiss : -1),'naiss','','',1,'update');
$html->select_date(($adh->naiss ? $adh->naiss : -1),'naiss','','',1,'update');
print "</td></tr>\n";
// Profil public
print "<tr><td>".$langs->trans("Public")."</td><td>\n";
print $htmls->selectyesno("public",$adh->public,1);
print $html->selectyesno("public",$adh->public,1);
print "</td></tr>\n";
// Attributs supplementaires
@ -688,6 +701,19 @@ if ($action == 'edit')
print "<tr><td>$value</td><td><input type=\"text\" name=\"options_$key\" size=\"40\" value=\"".$adh->array_options["options_$key"]."\"></td></tr>\n";
}
// Third party Dolibarr
if ($conf->societe->enabled)
{
print '<tr><td>'.$langs->trans("LinkedToDolibarrThirdParty").'</td><td class="valeur">';
print $html->select_societes($adh->fk_soc,'socid','',1);
print '</td></tr>';
}
// Login Dolibarr
print '<tr><td>'.$langs->trans("LinkedToDolibarrUser").'</td><td class="valeur">';
print $html->select_users($adh->user_id,'userid',1);
print '</td></tr>';
print '<tr><td colspan="3" align="center">';
print '<input type="submit" class="button" name="submit" value="'.$langs->trans("Save").'">';
print ' &nbsp; &nbsp; &nbsp; ';
@ -709,16 +735,25 @@ if ($action == 'create')
/* */
/* ************************************************************************** */
$htmls = new Form($db);
$adht = new AdherentType($db);
print_fiche_titre($langs->trans("NewMember"));
print '<form name="add" action="fiche.php" method="post" enctype="multipart/form-data">';
print '<form name="add" action="'.$_SERVER["PHP_SELF"].'" method="post" enctype="multipart/form-data">';
print '<input type="hidden" name="action" value="add">';
print '<table class="border" width="100%">';
// Moral-Physique
$morphys["phy"] = "Physique";
$morphys["mor"] = "Morale";
print "<tr><td>".$langs->trans("Person")."*</td><td>\n";
$html->select_array("morphy", $morphys, $adh->morphy);
print "</td>\n";
// Company
print '<tr><td>'.$langs->trans("Company").'</td><td><input type="text" name="societe" size="40" value="'.$adh->societe.'"></td></tr>';
// Nom
print '<tr><td>'.$langs->trans("Lastname").'*</td><td><input type="text" name="nom" value="'.$adh->nom.'" size="40"></td>';
print '</tr>';
@ -750,22 +785,12 @@ if ($action == 'create')
$listetype=$adht->liste_array();
if (sizeof($listetype))
{
$htmls->select_array("typeid", $listetype, $typeid);
$html->select_array("typeid", $listetype, $typeid);
} else {
print '<font class="error">'.$langs->trans("NoTypeDefinedGoToSetup").'</font>';
}
print "</td>\n";
// Moral-Physique
$morphys["phy"] = "Physique";
$morphys["mor"] = "Morale";
print "<tr><td>".$langs->trans("Person")."*</td><td>\n";
$htmls->select_array("morphy", $morphys, $adh->morphy);
print "</td>\n";
print '<tr><td>'.$langs->trans("Company").'</td><td><input type="text" name="societe" size="40" value="'.$adh->societe.'"></td></tr>';
// Adresse
print '<tr><td valign="top">'.$langs->trans("Address").'</td><td>';
print '<textarea name="adresse" wrap="soft" cols="40" rows="2">'.$adh->adresse.'</textarea></td></tr>';
@ -775,7 +800,7 @@ if ($action == 'create')
// Pays
print '<tr><td>'.$langs->trans("Country").'</td><td>';
$htmls->select_pays($adh->pays_id ? $adh->pays_id : $mysoc->pays_id,'pays_id');
$html->select_pays($adh->pays_id ? $adh->pays_id : $mysoc->pays_id,'pays_id');
print '</td></tr>';
// Tel pro
@ -792,20 +817,32 @@ if ($action == 'create')
// Date naissance
print "<tr><td>".$langs->trans("Birthday")."</td><td>\n";
$htmls->select_date(($adh->naiss ? $adh->naiss : -1),'naiss','','',1,'add');
$html->select_date(($adh->naiss ? $adh->naiss : -1),'naiss','','',1,'add');
print "</td></tr>\n";
// Attribut optionnels
// Profil public
print "<tr><td>".$langs->trans("Public")."</td><td>\n";
print $html->selectyesno("public",$adh->public,1);
print "</td></tr>\n";
// Attribut optionnels
foreach($adho->attribute_label as $key=>$value)
{
print "<tr><td>$value</td><td><input type=\"text\" name=\"options_$key\" size=\"40\"></td></tr>\n";
}
// Profil public
print "<tr><td>".$langs->trans("Public")."</td><td>\n";
print $htmls->selectyesno("public",$adh->public,1);
print "</td></tr>\n";
// Third party Dolibarr
if ($conf->societe->enabled)
{
print '<tr><td>'.$langs->trans("LinkedToDolibarrThirdParty").'</td><td class="valeur">';
print $html->select_societes($adh->fk_soc,'socid','',1);
print '</td></tr>';
}
// Login Dolibarr
print '<tr><td>'.$langs->trans("LinkedToDolibarrUser").'</td><td class="valeur">';
print $html->select_users($adh->user_id,'userid',1);
print '</td></tr>';
print "</table>\n";
print '<br>';
@ -939,6 +976,8 @@ if ($rowid && $action != 'edit')
if ($ret == 'html') print '<br>';
}
$rowspan=14+sizeof($adho->attribute_label);
if ($conf->societe->enabled) $rowspan++;
print '<form action="fiche.php" method="post" enctype="multipart/form-data">';
print '<table class="border" width="100%">';
@ -949,7 +988,13 @@ if ($rowid && $action != 'edit')
print $html->showrefnav($adh,'rowid');
print '</td></tr>';
// Nom
// Morphy
print '<tr><td>'.$langs->trans("Person").'</td><td class="valeur" colspan="2">'.$adh->getmorphylib().'</td></tr>';
// Company
print '<tr><td>'.$langs->trans("Company").'</td><td class="valeur" colspan="2">'.$adh->societe.'</td></tr>';
// Nom
print '<tr><td>'.$langs->trans("Lastname").'</td><td class="valeur" colspan="2">'.$adh->nom.'&nbsp;</td>';
print '</tr>';
@ -958,7 +1003,6 @@ if ($rowid && $action != 'edit')
// Login
print '<tr><td>'.$langs->trans("Login").'</td><td class="valeur">'.$adh->login.'&nbsp;</td>';
$rowspan=16+sizeof($adho->attribute_label);
print '<td rowspan="'.$rowspan.'" align="center" valign="middle" width="25%">';
if (file_exists($conf->adherent->dir_output."/".$adh->id.".jpg"))
{
@ -977,13 +1021,7 @@ if ($rowid && $action != 'edit')
// Type
print '<tr><td>'.$langs->trans("Type").'</td><td class="valeur">'.$adht->getNomUrl(1)."</td></tr>\n";
// Morphy
print '<tr><td>'.$langs->trans("Person").'</td><td class="valeur">'.$adh->getmorphylib().'</td></tr>';
// Company
print '<tr><td>'.$langs->trans("Company").'</td><td class="valeur">'.$adh->societe.'</td></tr>';
// Adresse
// Address
print '<tr><td>'.$langs->trans("Address").'</td><td class="valeur">'.nl2br($adh->adresse).'</td></tr>';
// CP / Ville
@ -1013,22 +1051,16 @@ if ($rowid && $action != 'edit')
// Status
print '<tr><td>'.$langs->trans("Status").'</td><td class="valeur">'.$adh->getLibStatut(4).'</td></tr>';
// Login Dolibarr
print '<tr><td>'.$langs->trans("DolibarrLogin").'</td><td class="valeur">';
if ($adh->user_id)
{
$dolibarr_user=new User($db);
$dolibarr_user->id=$adh->user_id;
$result=$dolibarr_user->fetch();
print $dolibarr_user->getLoginUrl(1);
}
else print $langs->trans("NoDolibarrAccess");
print '</td></tr>';
// Other attributs
foreach($adho->attribute_label as $key=>$value)
{
print "<tr><td>$value</td><td>".$adh->array_options["options_$key"]."&nbsp;</td></tr>\n";
}
// Third party Dolibarr
if ($conf->societe->enabled)
{
print '<tr><td>'.$langs->trans("ThirdPartyDolibarr").'</td><td class="valeur">';
print '<tr><td>'.$langs->trans("LinkedToDolibarrThirdParty").'</td><td class="valeur">';
if ($adh->fk_soc)
{
$company=new Societe($db);
@ -1042,11 +1074,17 @@ if ($rowid && $action != 'edit')
print '</td></tr>';
}
// Other attributs
foreach($adho->attribute_label as $key=>$value)
{
print "<tr><td>$value</td><td>".$adh->array_options["options_$key"]."&nbsp;</td></tr>\n";
}
// Login Dolibarr
print '<tr><td>'.$langs->trans("LinkedToDolibarrUser").'</td><td class="valeur">';
if ($adh->user_id)
{
$dolibarr_user=new User($db);
$dolibarr_user->id=$adh->user_id;
$result=$dolibarr_user->fetch();
print $dolibarr_user->getLoginUrl(1);
}
else print $langs->trans("NoDolibarrAccess");
print '</td></tr>';
print "</table>\n";
print '</form>';
@ -1122,19 +1160,6 @@ if ($rowid && $action != 'edit')
}
}
// Create user
if (! $user->societe_id && ! $adh->user_id)
{
if ($user->rights->user->user->creer)
{
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&amp;action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a>';
}
else
{
print "<font class=\"butActionRefused\" href=\"#\">".$langs->trans("CreateDolibarrLogin")."</font>";
}
}
// Create third party
if ($conf->societe->enabled && ! $adh->fk_soc)
{
@ -1148,6 +1173,19 @@ if ($rowid && $action != 'edit')
}
}
// Create user
if (! $user->societe_id && ! $adh->user_id)
{
if ($user->rights->user->user->creer)
{
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&amp;action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a>';
}
else
{
print "<font class=\"butActionRefused\" href=\"#\">".$langs->trans("CreateDolibarrLogin")."</font>";
}
}
// Supprimer
if ($user->rights->adherent->supprimer)
{

23
htdocs/admin/const.php
View File

@ -105,19 +105,22 @@ print '</form>';
# Affiche lignes des constantes
if ($all==1){
if ($all==1)
{
$sql = "SELECT rowid, name, value, note, entity ";
$sql.= "FROM llx_const ";
$sql.= "WHERE entity IN (0,".$conf->entity.") ";
$sql.= "ORDER BY name ASC";
}else{
}
else
{
$sql = "SELECT rowid, name, value, note, entity ";
$sql.= "FROM llx_const ";
$sql.= "WHERE visible = 1 ";
$sql.= "AND entity IN (0,".$conf->entity.") ";
$sql.= "ORDER BY name ASC";
}
dol_syslog("Const::listConstant sql=".$sql,LOG_DEBUG);
dol_syslog("Const::listConstant sql=".$sql);
$result = $db->query($sql);
if ($result)
{
@ -130,22 +133,23 @@ if ($result)
$obj = $db->fetch_object($result);
$var=!$var;
print '<form action="const.php" method="POST">';
print "\n";
print '<form action="'.DOL_URL_ROOT.'/admin/const.php" method="POST">';
print '<input type="hidden" name="action" value="update">';
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
print '<input type="hidden" name="rowid" value="'.$obj->rowid.'">';
print '<input type="hidden" name="constname" value="'.$obj->name.'">';
print "<tr $bc[$var] class=value><td>$obj->name</td>\n";
// Value
print '<td>';
print '<input type="text" class="flat" size="30" name="constvalue" value="'.stripslashes($obj->value).'">';
print '<input type="text" class="flat" size="30" name="constvalue" value="'.$obj->value.'">';
print '</td><td>';
// Note
print '<input type="text" class="flat" size="40" name="constnote" value="'.stripslashes(nl2br($obj->note)).'">';
print '<input type="text" class="flat" size="40" name="constnote" value="'.nl2br($obj->note).'">';
print '</td>';
// Entity
if ($conf->multicompany->enabled)
{
@ -157,13 +161,14 @@ if ($result)
{
print '<input type="hidden" name="entity" value="'.$obj->entity.'">';
}
print '<td align="center">';
print '<input type="submit" class="button" value="'.$langs->trans("Modify").'" name="button"> &nbsp; ';
print '<a href="const.php?rowid='.$obj->rowid.'&entity='.$obj->entity.'&action=delete">'.img_delete().'</a>';
print "</td></tr>\n";
print '</form>';
print "\n";
$i++;
}
}

8
htdocs/langs/en_US/users.lang
View File

@ -71,8 +71,12 @@ ListOfGroupsForUser=List of groups for this user
UsersToAdd=Users to add to this group
GroupsToAdd=Groups to add to this user
NoLogin=No login
CreateDolibarrLogin=Create Dolibarr account
CreateDolibarrThirdParty=Create third party
LinkToCompanyContact=Link to third party / contact
LinkedToDolibarrMember=Link to member
LinkedToDolibarrUser=Link to Dolibarr user
LinkedToDolibarrThirdParty=Link to Dolibarr third party
CreateDolibarrLogin=Create a user
CreateDolibarrThirdParty=Create a third party
LoginAccountDisable=Account disabled, put a new login to activate it.
LoginAccountDisableInDolibarr=Account disabled in Dolibarr.
LoginAccountDisableInLdap=Account disabled in the domain.

6
htdocs/langs/fr_FR/users.lang
View File

@ -71,7 +71,11 @@ ListOfGroupsForUser=Liste des groupes pour cet utilisateur
UsersToAdd=Utilisateur à ajouter à ce groupe
GroupsToAdd=Groupes à ajouter pour cet utilisateur
NoLogin=Pas de login
CreateDolibarrLogin=Créer un compte Dolibarr
LinkToCompanyContact=Lien tiers / contact
LinkedToDolibarrMember=Lien adhérent
LinkedToDolibarrUser=Lien utilisateur Dolibarr
LinkedToDolibarrThirdParty=Lien tiers Dolibarr
CreateDolibarrLogin=Créer un compte utilisateur
CreateDolibarrThirdParty=Créer un tiers
LoginAccountDisable=Le compte est désactivé, mettre un nouveau login pour l'activer.
LoginAccountDisableInDolibarr=Le compte est désactivé sur Dolibarr.

2
htdocs/lib/security.lib.php
View File

@ -154,7 +154,7 @@ function dol_loginfunction($langs,$conf,$mysoc)
print '<tr><td align="left" valign="top" nowrap="nowrap"> &nbsp; <b>'.$langs->trans("Entity").'</b> &nbsp; </td>';
print '<td valign="top" nowrap="nowrap">';
$html->select_array('entity',$entity);
print $html->selectarray('entity',$entity);
print '</td></tr>';
}

84
htdocs/main.inc.php
View File

@ -81,21 +81,21 @@ function analyse_sql_injection(&$var)
$result = array();
foreach ($var as $key => $value)
{
if (test_sql_inject($key) > 0)
{
unset($var[$key]);
}
else
{
if (analyse_sql_injection($value))
{
$var[$key] = $value;
}
else
{
unset($var[$key]);
}
}
if (test_sql_inject($key) > 0)
{
unset($var[$key]);
}
else
{
if (analyse_sql_injection($value))
{
$var[$key] = $value;
}
else
{
unset($var[$key]);
}
}
}
return true;
}
@ -112,12 +112,8 @@ analyse_sql_injection($_POST);
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// Retrieve the entity in login form, and after in the cookie
$entityCookieName = "DOLENTITYID_dolibarr";
if (isset($_POST["entity"])) $_SESSION["dol_entity"] = $_POST["entity"];
if (isset($_COOKIE[$entityCookieName])) $_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
// Set and init common variables
// This include will set $conf, $langs and $mysoc objects
require_once("master.inc.php");
// Check if HTTPS
@ -166,7 +162,27 @@ session_name($sessionname);
session_start();
dol_syslog("Start session name=".$sessionname." Session id()=".session_id().", _SESSION['dol_login']=".(isset($_SESSION["dol_login"])?$_SESSION["dol_login"]:'').", ".ini_get("session.gc_maxlifetime"));
// Disable modules (this must be after session_start)
// Retrieve the entity in login form and in the cookie.
// This must be after the init of session (session_start) or this create serious pb of corrupted session.
$entityCookieName = "DOLENTITYID_dolibarr";
if (isset($_POST["loginfunction"]) && isset($_POST["entity"]))
{
$_SESSION["dol_entity"] = $_POST["entity"];
$conf->entity=$_SESSION["dol_entity"];
dol_syslog("Will work on entity ".$conf->entity);
// Now we need to reload the conf with the choosed entity
$conf->setValues($db);
}
elseif (isset($_COOKIE[$entityCookieName]))
{
$_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
$conf->entity=$_SESSION["dol_entity"];
dol_syslog("Will work on entity ".$conf->entity);
// Now we need to reload the conf with the choosed entity
$conf->setValues($db);
}
// Disable modules (this must be after session_start and after conf has been reloaded)
if (! empty($_REQUEST["disablemodules"])) $_SESSION["disablemodules"]=$_REQUEST["disablemodules"];
if (! empty($_SESSION["disablemodules"]))
{
@ -663,7 +679,7 @@ function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs
{
print "<head>\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$conf->character_set_client."\">\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$conf->character_set_client."\">\n";
// Affiche meta
print '<meta name="robots" content="noindex,nofollow">'."\n"; // Evite indexation par robots
@ -1088,8 +1104,8 @@ function llxFooter($foot='')
}
print '"</script>'."\n";
// Add Xdebug coverage of code
if (defined('XDEBUGCOVERAGE')) { var_dump(xdebug_get_code_coverage()); }
// Add Xdebug coverage of code
if (defined('XDEBUGCOVERAGE')) { var_dump(xdebug_get_code_coverage()); }
}
if ($conf->use_javascript_ajax)
@ -1098,21 +1114,21 @@ function llxFooter($foot='')
}
// If there is some logs in buffer to show
if (sizeof($conf->logbuffer))
{
if (sizeof($conf->logbuffer))
{
print "\n";
print "<!-- Start of log output\n";
//print '<div class="hidden">'."\n";
foreach($conf->logbuffer as $logline)
{
print $logline."<br>\n";
}
//print '</div>'."\n";
//print '<div class="hidden">'."\n";
foreach($conf->logbuffer as $logline)
{
print $logline."<br>\n";
}
//print '</div>'."\n";
print "End of log output -->\n";
}
}
print "\n";
if ($foot) print '<!-- '.$foot.' -->'."\n";
if ($foot) print '<!-- '.$foot.' -->'."\n";
print "</body>\n";
print "</html>\n";

3
htdocs/master.inc.php
View File

@ -115,7 +115,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/conf.class.php");
$conf = new Conf();
// Retrieve the entity
if (isset($_SESSION["dol_entity"])) $conf->entity = $_SESSION["dol_entity"];
// Removed: The session has not been initialized yet so using SESSION is forbidden here
//if (isset($_SESSION["dol_entity"])) $conf->entity = $_SESSION["dol_entity"];
// Identifiant propres au serveur base de donnee
$conf->db->host = $dolibarr_main_db_host;

41
htdocs/user.class.php
View File

@ -209,7 +209,7 @@ class User extends CommonObject
$this->societe_id = $obj->fk_societe;
$this->contact_id = $obj->fk_socpeople;
$this->fk_member = $obj->fk_member;
$this->next_prev_filter = 'entity IN (0,'.$conf->entity.')';
if (! $this->lang) $this->lang='fr_FR';
@ -273,7 +273,7 @@ class User extends CommonObject
function addrights($rid,$allmodule='',$allperms='')
{
global $conf;
dol_syslog("User::addrights $rid, $allmodule, $allperms");
$err=0;
$whereforadd='';
@ -371,7 +371,7 @@ class User extends CommonObject
function delrights($rid,$allmodule='',$allperms='')
{
global $conf;
$err=0;
$wherefordel='';
@ -474,7 +474,7 @@ class User extends CommonObject
function getrights($moduletag='')
{
global $conf;
if ($moduletag && isset($this->tab_loaded[$moduletag]) && $this->tab_loaded[$moduletag])
{
// Le fichier de ce module est deja charge
@ -684,7 +684,7 @@ class User extends CommonObject
}
/**
* \brief Cree l'utilisateur en base
* \brief Create user in database
* \param user Objet user qui demande la creation
* \param notrigger 1 ne declenche pas les triggers, 0 sinon
* \return int <0 si KO, id compte cree si OK
@ -693,8 +693,9 @@ class User extends CommonObject
{
global $conf,$langs;
// Nettoyage parametres
// Clean parameters
$this->login = trim($this->login);
if (! isset($this->entity)) $this->entity=$conf->entity; // If not defined, we use default value
dol_syslog("User::Create login=".$this->login.", user=".(is_object($user)?$user->id:''), LOG_DEBUG);
@ -920,7 +921,7 @@ class User extends CommonObject
function set_default_rights()
{
global $conf;
$sql = "SELECT id FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE bydefault = 1";
$sql.= " AND entity = ".$conf->entity;
@ -970,7 +971,7 @@ class User extends CommonObject
dol_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember);
// Nettoyage parametres
// Clean parameters
$this->nom = trim($this->nom);
$this->prenom = trim($this->prenom);
$this->fullname = $this->prenom." ".$this->nom;
@ -1014,7 +1015,7 @@ class User extends CommonObject
{
$nbrowsaffected+=$this->db->affected_rows($resql);
// Mise a jour mot de passe
// Mise a jour mot de passe
if ($this->pass)
{
if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted)
@ -1025,9 +1026,23 @@ class User extends CommonObject
}
}
if ($nbrowsaffected)
// If user is linked to a member, remove old link to this member
if ($this->fk_member > 0)
{
if ($this->fk_member && ! $nosyncmember)
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL where fk_member = ".$this->fk_member;
dol_syslog("User::update sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
if (! $resql) { $this->error=$this->db->error(); $this->db->rollback(); return -5; }
}
// Set link to user
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member =".($this->fk_member>0?$this->fk_member:'null')." where rowid = ".$this->id;
dol_syslog("User::update sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
if (! $resql) { $this->error=$this->db->error(); $this->db->rollback(); return -5; }
if ($nbrowsaffected) // If something has changed in data
{
if ($this->fk_member > 0 && ! $nosyncmember)
{
require_once(DOL_DOCUMENT_ROOT."/adherents/adherent.class.php");
@ -1042,7 +1057,7 @@ class User extends CommonObject
$adh->nom=$this->nom;
$adh->login=$this->login;
$adh->pass=$this->pass;
$adh->societe=$this->societe_id;
$adh->societe=(empty($adh->societe) && $this->societe_id ? $this->societe_id : $adh->societe);
$adh->email=$this->email;
$adh->phone=$this->office_phone;
@ -1052,7 +1067,7 @@ class User extends CommonObject
$adh->user_id=$this->id;
$adh->user_login=$this->login;
//$adh->entity=$this->entity;
$result=$adh->update($user,0,1);

131
htdocs/user/fiche.php
View File

@ -829,7 +829,9 @@ else
print '<td colspan="2">'.$fuser->prenom.'</td>';
print "</tr>\n";
$rowspan=12;
$rowspan=11;
if ($conf->societe->enabled) $rowspan++;
if ($conf->adherent->enabled) $rowspan++;
// Login
print '<tr><td width="25%" valign="top">'.$langs->trans("Login").'</td>';
@ -922,30 +924,6 @@ else
}
print '</td></tr>';
// Company / Contact
print '<tr><td width="25%" valign="top">'.$langs->trans("Company").' / '.$langs->trans("Contact").'</td>';
print '<td>';
if ($fuser->societe_id > 0)
{
$societe = new Societe($db);
$societe->fetch($fuser->societe_id);
print $societe->getNomUrl(1,'');
}
else
{
print $langs->trans("ThisUserIsNot");
}
if ($fuser->contact_id)
{
$contact = new Contact($db);
$contact->fetch($fuser->contact_id);
if ($fuser->societe_id > 0) print ' / ';
else print '<br>';
print '<a href="'.DOL_URL_ROOT.'/contact/fiche.php?id='.$fuser->contact_id.'">'.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).'</a>';
}
print '</td>';
print "</tr>\n";
// Tel pro
print '<tr><td width="25%" valign="top">'.$langs->trans("PhonePro").'</td>';
print '<td>'.dol_print_phone($fuser->office_phone,'',0,0,1).'</td>';
@ -1000,12 +978,39 @@ else
print "</tr>\n";
}
// Company / Contact
if ($conf->societe->enabled)
{
print '<tr><td width="25%" valign="top">'.$langs->trans("LinkToCompanyContact").'</td>';
print '<td>';
if ($fuser->societe_id > 0)
{
$societe = new Societe($db);
$societe->fetch($fuser->societe_id);
print $societe->getNomUrl(1,'');
}
else
{
print $langs->trans("ThisUserIsNot");
}
if ($fuser->contact_id)
{
$contact = new Contact($db);
$contact->fetch($fuser->contact_id);
if ($fuser->societe_id > 0) print ' / ';
else print '<br>';
print '<a href="'.DOL_URL_ROOT.'/contact/fiche.php?id='.$fuser->contact_id.'">'.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).'</a>';
}
print '</td>';
print "</tr>\n";
}
// Module Adherent
if ($conf->adherent->enabled)
{
$langs->load("members");
print '<tr><td width="25%" valign="top">'.$langs->trans("MemberAccount").'</td>';
print '<td colspan="2">';
print '<tr><td width="25%" valign="top">'.$langs->trans("LinkedToDolibarrMember").'</td>';
print '<td>';
if ($fuser->fk_member)
{
$adh=new Adherent($db);
@ -1261,7 +1266,9 @@ else
print '<input type="hidden" name="entity" value="'.$conf->entity.'">';
print '<table width="100%" class="border">';
$rowspan=10;
$rowspan=9;
if ($conf->societe->enabled) $rowspan++;
if ($conf->adherent->enabled) $rowspan++;
print '<tr><td width="25%" valign="top">'.$langs->trans("Ref").'</td>';
print '<td colspan="2">';
@ -1398,28 +1405,6 @@ else
}
print '</td></tr>';
// Company / Contact
print '<tr><td width="25%" valign="top">'.$langs->trans("Company").' / '.$langs->trans("Contact").'</td>';
print '<td>';
if ($fuser->societe_id > 0)
{
$societe = new Societe($db);
$societe->fetch($fuser->societe_id);
print $societe->getNomUrl(1,'');
if ($fuser->contact_id)
{
$contact = new Contact($db);
$contact->fetch($fuser->contact_id);
print ' / '.'<a href="'.DOL_URL_ROOT.'/contact/fiche.php?id='.$fuser->contact_id.'">'.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).'</a>';
}
}
else
{
print $langs->trans("ThisUserIsNot");
}
print '</td>';
print "</tr>\n";
// Tel pro
print "<tr>".'<td valign="top">'.$langs->trans("PhonePro").'</td>';
print '<td>';
@ -1511,6 +1496,52 @@ else
print '</td></tr>';
}
// Company / Contact
if ($conf->societe->enabled)
{
print '<tr><td width="25%" valign="top">'.$langs->trans("LinkToCompanyContact").'</td>';
print '<td>';
if ($fuser->societe_id > 0)
{
$societe = new Societe($db);
$societe->fetch($fuser->societe_id);
print $societe->getNomUrl(1,'');
if ($fuser->contact_id)
{
$contact = new Contact($db);
$contact->fetch($fuser->contact_id);
print ' / '.'<a href="'.DOL_URL_ROOT.'/contact/fiche.php?id='.$fuser->contact_id.'">'.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).'</a>';
}
}
else
{
print $langs->trans("ThisUserIsNot");
}
print '</td>';
print "</tr>\n";
}
// Module Adherent
if ($conf->adherent->enabled)
{
$langs->load("members");
print '<tr><td width="25%" valign="top">'.$langs->trans("LinkedToDolibarrMember").'</td>';
print '<td>';
if ($fuser->fk_member)
{
$adh=new Adherent($db);
$adh->fetch($fuser->fk_member);
$adh->ref=$adh->login; // Force to show login instead of id
print $adh->getNomUrl(1);
}
else
{
print $langs->trans("UserNotLinkedToMember");
}
print '</td>';
print "</tr>\n";
}
print '<tr><td align="center" colspan="3">';
print '<input value="'.$langs->trans("Save").'" class="button" type="submit" name="save">';
print ' &nbsp; ';

1
mysql/tables/llx_adherent.key.sql
View File

@ -20,6 +20,7 @@
ALTER TABLE llx_adherent ADD UNIQUE INDEX uk_adherent_login (login);
ALTER TABLE llx_adherent ADD UNIQUE INDEX uk_adherent_fk_soc (fk_soc);
ALTER TABLE llx_adherent ADD INDEX idx_adherent_fk_soc (fk_soc);
ALTER TABLE llx_adherent ADD INDEX idx_adherent_fk_adherent_type (fk_adherent_type);