From 17397d635cc76c1c1bf2ed3f2d8b0f67b4273bb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:24:09 +0100 Subject: [PATCH 1/3] #23783 --- htdocs/comm/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a57c7232885..cdcac66f54b 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -699,7 +699,7 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { /* * Last suppliers */ -if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->societe->lire) { +if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->fournisseur->lire) { $sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; From d8ff9468afa0342237acfd2088ce5e3f6c783887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:35:45 +0100 Subject: [PATCH 2/3] Update index.php --- htdocs/comm/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index cdcac66f54b..a57c7232885 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -699,7 +699,7 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { /* * Last suppliers */ -if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->fournisseur->lire) { +if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->societe->lire) { $sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; From f5600fdffc780de458ebedfc40c616b52e39485c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:38:46 +0100 Subject: [PATCH 3/3] Update index.php --- htdocs/comm/index.php | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a57c7232885..167005cf2f4 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -60,19 +60,11 @@ if (isset($user->socid) && $user->socid > 0) { $socid = $user->socid; } +restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0); + $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; $now = dol_now(); -// Security check -$socid = GETPOST("socid", 'int'); -if ($user->socid > 0) { - $action = ''; - $id = $user->socid; -} else { - $id = 0; -} -restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0); - $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);