diff --git a/htdocs/comm/prospect/prospects.php b/htdocs/comm/prospect/prospects.php index 34f22b36878..76c16bce848 100644 --- a/htdocs/comm/prospect/prospects.php +++ b/htdocs/comm/prospect/prospects.php @@ -45,6 +45,11 @@ if ($user->societe_id > 0) $socidp = $user->societe_id; } +$socname=$_GET["socname"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; +$page=$_GET["page"]; + $page = $user->page_param["page"]; if ($page == -1) { $page = 0 ; } @@ -74,7 +79,7 @@ if ($user->societe_id) $sql .= " AND s.idp = " .$user->societe_id; } -if ($_GET["socname"]) +if ($socname) { $sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'"; $sortfield = "lower(s.nom)"; @@ -105,7 +110,7 @@ if ($result) { $num = $db->num_rows(); - if ($num == 1) + if ($num == 1 && $socname) { $obj = $db->fetch_object(0); Header("Location: fiche.php?socid=$obj->idp"); @@ -137,17 +142,8 @@ if ($result) } print ""; - $i = 0; - if ($sortorder == "DESC") - { - $sortorder="ASC"; - } - else - { - $sortorder="DESC"; - } print ''; print ''; print "\n"; } @@ -205,9 +200,6 @@ if ($result) } } - - - print "\n"; $i++; } diff --git a/htdocs/societe.php b/htdocs/societe.php index ba04a3e0cbc..1adebc2c117 100644 --- a/htdocs/societe.php +++ b/htdocs/societe.php @@ -36,6 +36,7 @@ if ($user->societe_id > 0) llxHeader(); +$socname=$_GET["socname"]; $sortorder=$_GET["sortorder"]; $sortfield=$_GET["sortfield"]; $page=$_GET["page"]; @@ -63,19 +64,31 @@ $langs->load("suppliers"); * * */ -if ($mode == 'search') { - if ($mode-search == 'soc') { - $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s "; - $sql .= " WHERE lower(s.nom) like '%".strtolower($socname)."%'"; - } - - if ( $db->query($sql) ) { - if ( $db->num_rows() == 1) { - $obj = $db->fetch_object(0); - $socid = $obj->idp; +if ($_GET["mode"] == 'search') +{ + if ($_GET["mode-search"] == 'soc') + { + $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s "; + $sql .= " WHERE lower(s.nom) like '%".strtolower($_GET["socname"])."%'"; } - $db->free(); - } + + if ( $db->query($sql) ) + { + if ( $db->num_rows() == 1) + { + $obj = $db->fetch_object(0); + $socid = $obj->idp; + } + $db->free(); + } + /* + * Sécurité accés client + */ + if ($user->societe_id > 0) + { + $action = ''; + $socid = $user->societe_id; + } } /* @@ -84,10 +97,13 @@ if ($mode == 'search') { * */ + $title=$langs->trans("CompanyList"); + $sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm, s.client, s.fournisseur"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st WHERE s.fk_stcomm = st.id"; -if ($user->societe_id > 0) { +if ($user->societe_id > 0) +{ $sql .= " AND s.idp = " . $user->societe_id; } @@ -100,7 +116,9 @@ if (strlen($begin)) { $sql .= " AND upper(s.nom) like '$begin%'"; } -if ($socname) { +if ($socname) +{ + $title_filtre .= " contenant '$socname'"; $sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'"; } @@ -114,22 +132,20 @@ if ($result) $params = "&socname=$socname"; - print_barre_liste($langs->trans("CompanyList"), $page, $PHP_SELF,$params,$sortfield,$sortorder,'',$num); + print_barre_liste($title, $page, $PHP_SELF,$params,$sortfield,$sortorder,'',$num); - if ($sortorder == "DESC") + if ($title_filtre) { - $sortorder="ASC"; - } - else - { - $sortorder="DESC"; + print "Filtre : $title_filtre"; + print ' Supprimer le filtre'; } + print '
"; @@ -181,7 +177,6 @@ if ($result) if ($user->societe_id == 0) { - print "idp&action=create\">".strftime("%d/%b/%y",$obj->datec)."
'; print ''; - print ''; print "\n";
'; + print ''; print_liste_field_titre($langs->trans("Company"),$PHP_SELF,"s.nom", $params); - print ""; + print ''; print_liste_field_titre($langs->trans("Town"),$PHP_SELF,"s.ville",$params); print ''.$langs->trans("Cards").'