diff --git a/htdocs/comm/action/fiche.php3 b/htdocs/comm/action/fiche.php3 index 62ad9cb2085..3c248c01284 100644 --- a/htdocs/comm/action/fiche.php3 +++ b/htdocs/comm/action/fiche.php3 @@ -1,5 +1,5 @@ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -25,6 +25,16 @@ require("../../lib/webcal.class.php3"); require("../../cactioncomm.class.php3"); require("../../actioncomm.class.php3"); +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} + + $db = new Db(); /* diff --git a/htdocs/comm/action/index.php3 b/htdocs/comm/action/index.php3 index f7baee2412a..2aefcf50e90 100644 --- a/htdocs/comm/action/index.php3 +++ b/htdocs/comm/action/index.php3 @@ -1,8 +1,5 @@ - * - * $Id$ - * $Source$ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,19 +15,29 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + * $Id$ + * $Source$ + * */ require("./pre.inc.php3"); - require("../../contact.class.php3"); require("../../lib/webcal.class.php3"); require("../../cactioncomm.class.php3"); require("../../actioncomm.class.php3"); +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socid = $user->societe_id; +} llxHeader(); -$db = new Db(); +$db = new Db(); if ($page == -1) { $page = 0 ; } $limit = $conf->liste_limit; @@ -40,36 +47,37 @@ $offset = $limit * $page ; * * */ -if ($action=='delete_action') { +if ($action=='delete_action') +{ $actioncomm = new ActionComm($db); $actioncomm->delete($actionid); } /* - * - * * */ -if ($action=='add_action') { +if ($action=='add_action') +{ $contact = new Contact($db); $contact->fetch($contactid); - $actioncomm = new ActionComm($db); - if ($actionid == 5) { - $actioncomm->date = $db->idate(mktime($heurehour,$heuremin,0,$remonth,$reday,$reyear)); - } else { + if ($actionid == 5) + { + $actioncomm->date = $db->idate(mktime($heurehour,$heuremin,0,$remonth,$reday,$reyear)); + } + else + { $actioncomm->date = $date; - } + } $actioncomm->type = $actionid; $actioncomm->contact = $contactid; - + $actioncomm->societe = $socid; $actioncomm->note = $note; $actioncomm->add($user); - $societe = new Societe($db); $societe->fetch($socid); @@ -104,7 +112,6 @@ if ($action=='add_action') { } - /* * * Liste @@ -154,7 +161,9 @@ $sql .= " WHERE a.fk_soc = $socid AND c.id=a.fk_action AND a.fk_user_author = u. print $db->error() . '
' . $sql; } -} else { +} +else +{ print_barre_liste("Liste des actions commerciales effectuées",$page, $PHP_SELF); diff --git a/htdocs/comm/contact.php3 b/htdocs/comm/contact.php3 index 23b7d2bb77b..a0b23cdc4ef 100644 --- a/htdocs/comm/contact.php3 +++ b/htdocs/comm/contact.php3 @@ -1,5 +1,5 @@ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,12 +21,24 @@ */ require("./pre.inc.php3"); +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socid = $user->societe_id; +} + llxHeader(); $db = new Db(); -if ($sortorder == "") { + +if ($sortorder == "") +{ $sortorder="ASC"; } -if ($sortfield == "") { +if ($sortfield == "") +{ $sortfield="p.name"; } @@ -48,29 +60,32 @@ print_barre_liste("Liste des contacts",$page, $PHP_SELF); $sql = "SELECT s.idp, s.nom, st.libelle as stcomm, p.idp as cidp, p.name, p.firstname, p.email, p.phone "; $sql .= "FROM societe as s, socpeople as p, c_stcomm as st WHERE s.fk_stcomm = st.id AND s.idp = p.fk_soc"; -if (strlen($stcomm)) +if (strlen($stcomm)) // statut commercial { $sql .= " AND s.fk_stcomm=$stcomm"; } -if (strlen($begin)) +if (strlen($begin)) // filtre sur la premiere lettre du nom { $sql .= " AND upper(p.name) like '$begin%'"; } -if ($contactname) { - $sql .= " AND lower(p.name) like '%".strtolower($contactname)."%'"; +if ($contactname) // acces a partir du module de recherche +{ + $sql .= " AND ( lower(p.name) like '%".strtolower($contactname)."%' OR lower(p.firstname) like '%".strtolower($contactname)."%') "; $sortfield = "lower(p.name)"; $sortorder = "ASC"; } -if ($socid) { +if ($socid) +{ $sql .= " AND s.idp = $socid"; } $sql .= " ORDER BY $sortfield $sortorder " . $db->plimit( $limit, $offset); $result = $db->query($sql); + if ($result) { $num = $db->num_rows(); @@ -111,7 +126,14 @@ if ($result) print ''.$obj->phone.' '; - print "idp&setcontact=$obj->cidp&action=create\">[Propal]\n"; + if ($user->societe_id == 0) + { + print "idp&setcontact=$obj->cidp&action=create\">[Propal]\n"; + } + else + { + print " "; + } print "\n"; $i++; } diff --git a/htdocs/comm/fiche.php3 b/htdocs/comm/fiche.php3 index 0a1454a5671..85c03a512e1 100644 --- a/htdocs/comm/fiche.php3 +++ b/htdocs/comm/fiche.php3 @@ -1,8 +1,5 @@ - * - * $Id$ - * $Source$ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,6 +15,9 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + * $Id$ + * $Source$ + * */ require("./pre.inc.php3"); require("../contact.class.php3"); diff --git a/htdocs/comm/propal.php3 b/htdocs/comm/propal.php3 index 80cdac5a955..05dedef218e 100644 --- a/htdocs/comm/propal.php3 +++ b/htdocs/comm/propal.php3 @@ -1,8 +1,5 @@ - * - * $Id$ - * $Source$ +/* Copyright (C) 2001-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,6 +15,9 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + * $Id$ + * $Source$ + * */ require("./pre.inc.php3"); @@ -32,6 +32,16 @@ require("../actioncomm.class.php3"); * */ +/* + * Sécurité accés client + */ +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} + + llxHeader(); $db = new Db(); @@ -160,6 +170,10 @@ if ($propalid) { $sql .= " FROM societe as s, llx_propal as p, c_propalst as c, socpeople as x"; $sql .= " WHERE p.fk_soc = s.idp AND p.fk_statut = c.id AND x.idp = p.fk_soc_contact AND p.rowid = $propalid"; + if ($socidp) { + $sql .= " AND s.idp = $socidp"; + } + $result = $db->query($sql); if ( $result ) diff --git a/htdocs/fichinter/fiche.php3 b/htdocs/fichinter/fiche.php3 index 6caf76627c8..93e3612fd3f 100644 --- a/htdocs/fichinter/fiche.php3 +++ b/htdocs/fichinter/fiche.php3 @@ -1,5 +1,5 @@ +/* Copyright (C) 2002-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -434,11 +434,11 @@ $sql .= " FROM societe as s, llx_fichinter as f "; $sql .= " WHERE f.fk_soc = s.idp "; if ($socidp) { - $sql .= "AND s.idp = $socidp"; + $sql .= " AND s.idp = $socidp"; } if ($fichinter > 0) { - $sql .= "AND s.idp = $fichinter->societe_id"; + $sql .= " AND s.idp = $fichinter->societe_id"; } $sql .= " ORDER BY f.datei DESC ;"; diff --git a/htdocs/fichinter/index.php3 b/htdocs/fichinter/index.php3 index 5d2f25cf8b3..b8d4501f153 100644 --- a/htdocs/fichinter/index.php3 +++ b/htdocs/fichinter/index.php3 @@ -1,5 +1,5 @@ +/* Copyright (C) 2002-2003 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -25,10 +25,18 @@ require("../contact.class.php3"); llxHeader(); $db = new Db(); -if ($sortorder == "") { + +/* + * Liste + * + */ + +if ($sortorder == "") +{ $sortorder="ASC"; } -if ($sortfield == "") { +if ($sortfield == "") +{ $sortfield="nom"; } @@ -38,9 +46,15 @@ print_titre("Liste des fiches d'intervention"); $sql = "SELECT s.nom,s.idp, f.ref,".$db->pdate("f.datei")." as dp, f.rowid as fichid, f.fk_statut, f.duree"; $sql .= " FROM societe as s, llx_fichinter as f "; $sql .= " WHERE f.fk_soc = s.idp "; + +if ($user->societe_id > 0) { + $sql .= " AND s.idp = " . $user->societe_id; +} + $sql .= " ORDER BY f.datei DESC ;"; -if ( $db->query($sql) ) { +if ( $db->query($sql) ) +{ $num = $db->num_rows(); $i = 0; print "

"; @@ -49,27 +63,38 @@ if ( $db->query($sql) ) { print ""; print ""; print ''; - print ""; + print ''; print "\n"; $var=True; - while ($i < $num) { - $objp = $db->fetch_object( $i); - $var=!$var; - print ""; - print "\n"; - print "\n"; - print "\n"; - print ''; - print "\n"; - print ''; - print "\n"; - - $i++; - } + while ($i < $num) + { + $objp = $db->fetch_object( $i); + $var=!$var; + print ""; + print "\n"; + print "\n"; + print "\n"; + print ''; + print ''; + if ($user->societe_id == 0) + { + print ''; + } + else + { + print ""; + } + print "\n"; + + $i++; + } + print "
SocieteDateDuréeStatut Statut 
fichid\">$objp->refidp\">$objp->nom".strftime("%d %B %Y",$objp->dp)."'.sprintf("%.1f",$objp->duree).'$objp->fk_statut[Fiche Inter]
fichid\">$objp->refidp\">$objp->nom".strftime("%d %B %Y",$objp->dp)."'.sprintf("%.1f",$objp->duree).''.$objp->fk_statut.'[Fiche Inter] 
"; $db->free(); -} else { +} +else +{ print $db->error(); print "

$sql"; }