diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index d7de2ea9a92..28c6f86769f 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -447,7 +447,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh if ($feature == 'project') $feature='projet'; if ($feature == 'task') $feature='projet_task'; - $check = array('adherent','banque','don','user','usergroup','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company) + $check = array('adherent','banque','don','user','usergroup','product','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company) $checksoc = array('societe'); // Test for societe object $checkother = array('contact','agenda'); // Test on entity and link to third party. Allowed if link is empty (Ex: contacts...). $checkproject = array('projet','project'); // Test for project object diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index f318d49f98d..4e2e0a61af7 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -56,7 +56,7 @@ $mesg=''; $error=0; $errors=array(); $action = (GETPOST('action','aZ09') ? GETPOST('action','aZ09') : 'view'); $cancel = GETPOST('cancel','alpha'); $backtopage = GETPOST('backtopage','alpha'); -$confirm = GETPOST('confirm'); +$confirm = GETPOST('confirm','alpha'); $socid = GETPOST('socid','int')?GETPOST('socid','int'):GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; @@ -1949,7 +1949,9 @@ else // Capital print ''.fieldLabel('Capital','capital').''; - print ' '.$langs->trans("Currency".$conf->currency).''; + print ' '.$langs->trans("Currency".$conf->currency).''; // Assign a Name print '';