lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of ssh://git@github.com/Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur 2012-03-28 20:13:15 +02:00
commit 3659191d83
10 changed files with 76 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/admin/commande.php
View File

@ -47,8 +47,8 @@ $value = GETPOST('value','alpha');
if ($action == 'updateMask')
{
$maskconstorder=GETPOST("maskconstorder");
$maskorder=GETPOST("maskorder");
$maskconstorder=GETPOST('maskconstorder','alpha');
$maskorder=GETPOST('maskorder','alpha');
if ($maskconstorder) $res = dolibarr_set_const($db,$maskconstorder,$maskorder,'chaine',0,'',$conf->entity);
@ -66,7 +66,7 @@ if ($action == 'updateMask')
if ($action == 'specimen')
{
$modele=GETPOST("module");
$modele=GETPOST('module','alpha');
$commande = new Commande($db);
$commande->initAsSpecimen();
@ -111,8 +111,8 @@ if ($action == 'specimen')
if ($action == 'set')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$type='order';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)";
@ -142,8 +142,8 @@ if ($action == 'del')
if ($action == 'setdoc')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$db->begin();

4
htdocs/admin/confexped.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -34,7 +34,7 @@ $langs->load("deliveries");
if (!$user->admin)
accessforbidden();
$action=GETPOST("action");
$action=GETPOST('action','alpha');
// Shipment note
if ($action == 'activate_sending')

10
htdocs/admin/contract.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
/* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -30,8 +30,8 @@ $langs->load("errors");
if (!$user->admin) accessforbidden();
$action = GETPOST("action");
$value = GETPOST("value");
$action = GETPOST('action','alpha');
$value = GETPOST('value','alpha');
if (empty($conf->global->CONTRACT_ADDON))
{
@ -45,8 +45,8 @@ if (empty($conf->global->CONTRACT_ADDON))
if ($action == 'updateMask')
{
$maskconst=$_POST['maskconstcontract'];
$maskvalue=$_POST['maskcontract'];
$maskconst = GETPOST('maskconstcontract','alpha');
$maskvalue = GETPOST('maskcontract','alpha');
if ($maskconst) $res = dolibarr_set_const($db,$maskconst,$maskvalue,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;

32
htdocs/admin/expedition.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2011 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -37,8 +37,8 @@ $langs->load("deliveries");
if (!$user->admin) accessforbidden();
$action=GETPOST("action");
$value=GETPOST("value");
$action=GETPOST('action','alpha');
$value=GETPOST('value','alpha');
if (empty($conf->global->EXPEDITION_ADDON_NUMBER))
{
@ -51,7 +51,7 @@ if (empty($conf->global->EXPEDITION_ADDON_NUMBER))
*/
if ($action == 'specimen')
{
$modele=GETPOST("module");
$modele=GETPOST('module','alpha');
$exp = new Expedition($db);
$exp->initAsSpecimen();
@ -89,8 +89,8 @@ if ($action == 'specimen')
// Activate a model
if ($action == 'set')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$type='shipping';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)";
@ -121,8 +121,8 @@ if ($action == 'del')
// Set default model
if ($action == 'setdoc')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$db->begin();
@ -158,9 +158,9 @@ if ($action == 'setdoc')
// TODO A quoi servent les methode d'expedition ?
if ($action == 'setmethod' || $action== 'setmod')
{
$module=GETPOST("module");
$moduleid=GETPOST("moduleid");
$statut=GETPOST("statut");
$module=GETPOST('module','alpha');
$moduleid=GETPOST('moduleid','alpha');
$statut=GETPOST('statut','alpha');
require_once(DOL_DOCUMENT_ROOT."/core/modules/expedition/methode_expedition_$module.modules.php");
@ -231,7 +231,7 @@ if ($action == 'setmod')
// TODO Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
$module=GETPOST("module");
$module=GETPOST('module','alpha');
dolibarr_set_const($db, "EXPEDITION_ADDON",$module,'chaine',0,'',$conf->entity);
@ -239,8 +239,8 @@ if ($action == 'setmod')
if ($action == 'updateMask')
{
$maskconst=GETPOST("maskconstexpedition");
$maskvalue=GETPOST("maskexpedition");
$maskconst=GETPOST('maskconstexpedition','alpha');
$maskvalue=GETPOST('maskexpedition','alpha');
if ($maskconst) $res = dolibarr_set_const($db,$maskconst,$maskvalue,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;
@ -262,7 +262,7 @@ if ($action == 'setmodel')
if ($action == 'set_SHIPPING_DRAFT_WATERMARK')
{
$draft=GETPOST("SHIPPING_DRAFT_WATERMARK");
$draft=GETPOST('SHIPPING_DRAFT_WATERMARK','alpha');
$res = dolibarr_set_const($db, "SHIPPING_DRAFT_WATERMARK",trim($draft),'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;
@ -279,7 +279,7 @@ if ($action == 'set_SHIPPING_DRAFT_WATERMARK')
if ($action == 'set_SHIPPING_FREE_TEXT')
{
$free=GETPOST("SHIPPING_FREE_TEXT");
$free=GETPOST('SHIPPING_FREE_TEXT','alpha');
$res = dolibarr_set_const($db, "SHIPPING_FREE_TEXT",$free,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;

24
htdocs/admin/fichinter.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2012 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2012 Philippe Grand <philippe.grand@atoo-net.com>
*
* This program is free software; you can redistribute it and/or modify
@ -39,8 +39,8 @@ $langs->load("interventions");
if (!$user->admin)
accessforbidden();
$action = GETPOST("action");
$value = GETPOST("value");
$action = GETPOST('action','alpha');
$value = GETPOST('value','alpha');
/*
@ -48,8 +48,8 @@ $value = GETPOST("value");
*/
if ($action == 'updateMask')
{
$maskconst=GETPOST("maskconst");
$maskvalue=GETPOST("maskvalue");
$maskconst=GETPOST('maskconst','alpha');
$maskvalue=GETPOST('maskvalue','alpha');
if ($maskconst) $res = dolibarr_set_const($db,$maskconst,$maskvalue,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;
@ -66,7 +66,7 @@ if ($action == 'updateMask')
if ($action == 'set_FICHINTER_FREE_TEXT')
{
$freetext= GETPOST("FICHINTER_FREE_TEXT");
$freetext= GETPOST('FICHINTER_FREE_TEXT','alpha');
$res = dolibarr_set_const($db, "FICHINTER_FREE_TEXT",$freetext,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;
@ -83,7 +83,7 @@ if ($action == 'set_FICHINTER_FREE_TEXT')
if ($action == 'set_FICHINTER_DRAFT_WATERMARK')
{
$draft= GETPOST("FICHINTER_DRAFT_WATERMARK");
$draft= GETPOST('FICHINTER_DRAFT_WATERMARK','alpha');
$res = dolibarr_set_const($db, "FICHINTER_DRAFT_WATERMARK",trim($draft),'chaine',0,'',$conf->entity);
@ -101,7 +101,7 @@ if ($action == 'set_FICHINTER_DRAFT_WATERMARK')
if ($action == 'specimen')
{
$modele=$_GET["module"];
$modele= GETPOST('module','alpha');
$inter = new Fichinter($db);
$inter->initAsSpecimen();
@ -146,8 +146,8 @@ if ($action == 'specimen')
if ($action == 'set')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$type='ficheinter';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)";
@ -177,8 +177,8 @@ if ($action == 'del')
if ($action == 'setdoc')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$db->begin();

22
htdocs/admin/livraison.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2011 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -36,8 +36,8 @@ $langs->load("deliveries");
if (!$user->admin) accessforbidden();
$action = GETPOST("action");
$value = GETPOST("value");
$action = GETPOST('action','alpha');
$value = GETPOST('value','alpha');
/*
* Actions
@ -45,8 +45,8 @@ $value = GETPOST("value");
if ($action == 'updateMask')
{
$maskconstdelivery=GETPOST("maskconstdelivery");
$maskdelivery=GETPOST("maskdelivery");
$maskconstdelivery=GETPOST('maskconstdelivery','alpha');
$maskdelivery=GETPOST('maskdelivery','alpha');
if ($maskconstdelivery) $res = dolibarr_set_const($db,$maskconstdelivery,$maskdelivery,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;
@ -63,7 +63,7 @@ if ($action == 'updateMask')
if ($action == 'specimen')
{
$modele=GETPOST("module");
$modele=GETPOST('module','alpha');
$sending = new Livraison($db);
$sending->initAsSpecimen();
@ -99,8 +99,8 @@ if ($action == 'specimen')
if ($action == 'set')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$type='delivery';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity, libelle, description)";
@ -127,8 +127,8 @@ if ($action == 'del')
if ($action == 'setdoc')
{
$label = GETPOST("label");
$scandir = GETPOST("scandir");
$label = GETPOST('label','alpha');
$scandir = GETPOST('scandir','alpha');
$db->begin();
if (dolibarr_set_const($db, "LIVRAISON_ADDON_PDF",$value,'chaine',0,'',$conf->entity))
@ -162,7 +162,7 @@ if ($action == 'setdoc')
if ($action == 'set_DELIVERY_FREE_TEXT')
{
$free=GETPOST("DELIVERY_FREE_TEXT");
$free=GETPOST('DELIVERY_FREE_TEXT','alpha');
$res=dolibarr_set_const($db, "DELIVERY_FREE_TEXT",$free,'chaine',0,'',$conf->entity);
if (! $res > 0) $error++;

24
htdocs/categories/class/categorie.class.php
View File

@ -523,22 +523,28 @@ class Categorie
/**
* Return list of contents of a category
*
* @param string $field Field name for select in table. Full field name will be fk_field.
* @param string $classname PHP Class of object to store entity
* @param string $table Table name for select in table. Full table name will be PREFIX_categorie_table.
* @param string $field Field name for select in table. Full field name will be fk_field.
* @param string $classname PHP Class of object to store entity
* @param string $category_table Table name for select in table. Full table name will be PREFIX_categorie_table.
* @param string $object_table Table name for select in table. Full table name will be PREFIX_table.
* @return void
*/
function get_type($field,$classname,$table='')
function get_type($field,$classname,$category_table='',$object_table='')
{
$objs = array();
// Clean parameters
if (empty($table)) $table=$field;
if (empty($category_table)) $category_table=$field;
if (empty($object_table)) $object_table=$field;
$sql = "SELECT fk_".$field." FROM ".MAIN_DB_PREFIX."categorie_".$table;
$sql.= " WHERE fk_categorie = ".$this->id;
$sql = "SELECT c.fk_".$field;
$sql.= " FROM ".MAIN_DB_PREFIX."categorie_".$category_table." as c";
$sql.= ", ".MAIN_DB_PREFIX.$object_table." as o";
$sql.= " WHERE c.fk_categorie = ".$this->id;
$sql.= " AND c.fk_".$field." = o.rowid";
$sql.= " AND o.entity IN (".getEntity($field, 1).")";
dol_syslog("Categorie::get_type sql=".$sql);
dol_syslog(get_class($this)."::get_type sql=".$sql);
$resql = $this->db->query($sql);
if ($resql)
{
@ -553,7 +559,7 @@ class Categorie
else
{
$this->error=$this->db->error().' sql='.$sql;
dol_syslog("Categorie::get_type ".$this->error, LOG_ERR);
dol_syslog(get_class($this)."::get_type ".$this->error, LOG_ERR);
return -1;
}
}

4
htdocs/categories/viewcat.php
View File

@ -322,7 +322,7 @@ if ($object->type == 3)
{
require_once(DOL_DOCUMENT_ROOT."/adherents/class/adherent.class.php");
$prods = $object->get_type("member","Adherent");
$prods = $object->get_type("member","Adherent","","adherent");
if ($prods < 0)
{
dol_print_error($db,$object->error);
@ -358,7 +358,7 @@ if ($object->type == 3)
}
}
$db->close();
llxFooter();
$db->close();
?>

9
htdocs/societe/info.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2010 Juanjo Menent <jmenent@2byte.es>
/* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2010 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -32,9 +33,9 @@ $langs->load("other");
if ($conf->notification->enabled) $langs->load("mails");
// Security check
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe','','');
$result = restrictedArea($user, 'societe', $socid, '&societe');
/*

2
htdocs/societe/soc.php
View File

@ -66,7 +66,7 @@ if (! empty($canvas))
}
// Security check
$result = restrictedArea($user, 'societe', $socid, '&societe', '', '', '', $objcanvas);
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', $objcanvas);
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');