From 2d7ba68d4930e3805269491aff779e13a9a1bb19 Mon Sep 17 00:00:00 2001 From: Rodolphe Quiedeville Date: Sun, 23 Mar 2003 18:17:15 +0000 Subject: [PATCH] Filtre acces client --- htdocs/compta/index.php3 | 140 +++++++++++++++++++++++---------------- htdocs/fourn/index.php3 | 40 ++++++----- 2 files changed, 109 insertions(+), 71 deletions(-) diff --git a/htdocs/compta/index.php3 b/htdocs/compta/index.php3 index 473a4acb081..a37318aa5ea 100644 --- a/htdocs/compta/index.php3 +++ b/htdocs/compta/index.php3 @@ -1,5 +1,5 @@ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,6 +21,16 @@ */ require("./pre.inc.php3"); +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} + + llxHeader(); $db = new Db(); @@ -61,41 +71,47 @@ print_titre(translate("Espace compta")); print ''; print '
'; -/* - * Charges a payer - * - */ -$sql = "SELECT c.amount, cc.libelle"; -$sql .= " FROM llx_chargesociales as c, c_chargesociales as cc"; -$sql .= " WHERE c.fk_type = cc.id AND c.paye=0"; -if ( $db->query($sql) ) +if ($user->societe_id == 0) { - $num = $db->num_rows(); - if ($num) + + + /* + * Charges a payer + * + */ + $sql = "SELECT c.amount, cc.libelle"; + $sql .= " FROM llx_chargesociales as c, c_chargesociales as cc"; + $sql .= " WHERE c.fk_type = cc.id AND c.paye=0"; + + if ( $db->query($sql) ) { - print ""; - print ""; - print ""; - print "\n"; - $i = 0; - - while ($i < $num) + $num = $db->num_rows(); + if ($num) { - $obj = $db->fetch_object( $i); - $var = !$var; - print ""; - print ''; - print ''; - print ''; - $i++; + print "
Charges à payer
'.$obj->libelle.''.price($obj->amount).'
"; + print ""; + print ""; + print "\n"; + $i = 0; + + while ($i < $num) + { + $obj = $db->fetch_object( $i); + $var = !$var; + print ""; + print ''; + print ''; + print ''; + $i++; + } + print '
Charges à payer
'.$obj->libelle.''.price($obj->amount).'

'; } - print '

'; } -} -else -{ - print $db->error(); + else + { + print $db->error(); + } } /* * Propales @@ -108,6 +124,10 @@ if ($user->comm > 0 && $conf->commercial ) print "\n"; $sql = "SELECT count(*) FROM llx_propal WHERE fk_statut = 2"; + if ($socidp) + { + $sql .= " AND fk_soc = $socidp"; + } if (valeur($sql)) { $var=!$var; @@ -125,6 +145,10 @@ print ''.translate("Bills").''; print "\n"; $sql = "SELECT facnumber, rowid FROM llx_facture WHERE paye = 0"; +if ($socidp) +{ + $sql .= " AND fk_soc = $socidp"; +} if ( $db->query($sql) ) { $num = $db->num_rows(); @@ -204,41 +228,45 @@ if ( $result ) { * */ + /* * Charges a payer * */ -$sql = "SELECT ff.amount, ff.libelle"; -$sql .= " FROM llx_facture_fourn as ff"; -$sql .= " WHERE ff.paye=0"; - -if ( $db->query($sql) ) +if ($user->societe_id == 0) { - $num = $db->num_rows(); - if ($num) + $sql = "SELECT ff.amount, ff.libelle"; + $sql .= " FROM llx_facture_fourn as ff"; + $sql .= " WHERE ff.paye=0"; + + if ( $db->query($sql) ) { - print ''; - print ''; - print ''; - print "\n"; - $i = 0; - - while ($i < $num) + $num = $db->num_rows(); + if ($num) { - $obj = $db->fetch_object( $i); - $var = !$var; - print ""; - print ''; - print ''; - print ''; - $i++; + print '
Charges à payer
'.$obj->libelle.''.price($obj->amount).'
'; + print ''; + print ''; + print "\n"; + $i = 0; + + while ($i < $num) + { + $obj = $db->fetch_object( $i); + $var = !$var; + print ""; + print ''; + print ''; + print ''; + $i++; + } + print '
Charges à payer
'.$obj->libelle.''.price($obj->amount).'

'; } - print '
'; } -} -else -{ - print $db->error(); + else + { + print $db->error(); + } } print ' '; diff --git a/htdocs/fourn/index.php3 b/htdocs/fourn/index.php3 index 18f5515c489..85f00e1b9f2 100644 --- a/htdocs/fourn/index.php3 +++ b/htdocs/fourn/index.php3 @@ -22,15 +22,18 @@ require("./pre.inc.php3"); require("../contact.class.php3"); +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} llxHeader(); + $db = new Db(); -if ($sortorder == "") { - $sortorder="ASC"; -} -if ($sortfield == "") { - $sortfield="nom"; -} if ($action == 'note') { $sql = "UPDATE societe SET note='$note' WHERE idp=$socid"; @@ -86,21 +89,24 @@ if ($mode == 'search') { $db->free(); } } -/* - * - * Mode fiche - * - * - */ -if ($socid > 0) { -} else { /* * Mode Liste * * * */ + + if ($sortorder == "") + { + $sortorder="ASC"; + } + if ($sortfield == "") + { + $sortfield="nom"; + } + + print_barre_liste("Liste des fournisseurs",$page, $PHP_SELF); $sql = "SELECT s.idp, s.nom, s.ville,".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm FROM societe as s, c_stcomm as st WHERE s.fk_stcomm = st.id AND s.fournisseur=1"; @@ -109,6 +115,10 @@ if ($socid > 0) { $sql .= " AND s.fk_stcomm=$stcomm"; } + if ($socidp) { + $sql .= " AND s.idp=$socidp"; + } + if (strlen($begin)) { $sql .= " AND upper(s.nom) like '$begin%'"; } @@ -159,7 +169,7 @@ if ($socid > 0) { } else { print $db->error(); } -} + $db->close(); llxFooter("Dernière modification $Date$ révision $Revision$");