Fix: sql error with combobox and uniformize code
This commit is contained in:
Regis Houssin
parent
26c597878f
commit
40276d42ff
@ -2,7 +2,7 @@
|
||||
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2003 Eric Seigne <erics@rycks.com>
|
||||
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2011 Regis Houssin <regis@dolibarr.fr>
|
||||
* Copyright (C) 2005-2012 Regis Houssin <regis@dolibarr.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -28,19 +28,19 @@ require("../main.inc.php");
|
||||
|
||||
$langs->load("companies");
|
||||
|
||||
$sortfield=isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder=isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page=$_GET["page"];
|
||||
$sortfield=GETPOST('sortfield', 'alpha');
|
||||
$sortorder=GETPOST('sortorder', 'alpha');
|
||||
$page=GETPOST('page', 'int');
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="p.name";
|
||||
if ($page < 0) { $page = 0 ; }
|
||||
if ($page < 0) { $page = 0; }
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$type=$_GET["type"];
|
||||
|
||||
// Security check
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
$socid = GETPOST('socid');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'societe',$socid,'');
|
||||
|
||||
@ -75,12 +75,12 @@ if ($type == "f")
|
||||
$sql = "SELECT s.rowid, s.nom, st.libelle as stcomm";
|
||||
$sql.= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,";
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
|
||||
if (! $user->rights->societe->client->voir && ! $socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
|
||||
$sql.= " ".MAIN_DB_PREFIX."socpeople as p";
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc";
|
||||
$sql.= " WHERE s.fk_stcomm = st.id";
|
||||
$sql.= " AND p.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql.= " AND p.entity IN (".getEntity('societe', 1).")";
|
||||
if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($type == "c") $sql.= " AND s.client IN (1, 3)";
|
||||
if ($type == "p") $sql.= " AND s.client IN (2, 3)";
|
||||
if ($type == "f") $sql.= " AND s.fournisseur = 1";
|
||||
@ -93,27 +93,27 @@ if (dol_strlen($stcomm))
|
||||
|
||||
if (dol_strlen($begin)) // filtre sur la premiere lettre du nom
|
||||
{
|
||||
$sql.= " AND upper(p.name) like '$begin%'";
|
||||
$sql.= " AND upper(p.name) LIKE '".$begin."%'";
|
||||
}
|
||||
|
||||
if (trim($_GET["search_nom"]))
|
||||
{
|
||||
$sql.= " AND p.name like '%".trim($_GET["search_nom"])."%'";
|
||||
$sql.= " AND p.name LIKE '%".trim($_GET["search_nom"])."%'";
|
||||
}
|
||||
|
||||
if (trim($_GET["search_prenom"]))
|
||||
{
|
||||
$sql.= " AND p.firstname like '%".trim($_GET["search_prenom"])."%'";
|
||||
$sql.= " AND p.firstname LIKE '%".trim($_GET["search_prenom"])."%'";
|
||||
}
|
||||
|
||||
if (trim($_GET["search_societe"]))
|
||||
{
|
||||
$sql.= " AND s.nom like '%".trim($_GET["search_societe"])."%'";
|
||||
$sql.= " AND s.nom LIKE '%".trim($_GET["search_societe"])."%'";
|
||||
}
|
||||
|
||||
if ($_GET["contactname"]) // acces a partir du module de recherche
|
||||
{
|
||||
$sql.= " AND ( p.name like '%".strtolower($_GET["contactname"])."%' OR lower(p.firstname) like '%".strtolower($_GET["contactname"])."%') ";
|
||||
$sql.= " AND (p.name LIKE '%".strtolower($_GET["contactname"])."%' OR lower(p.firstname) LIKE '%".strtolower($_GET["contactname"])."%') ";
|
||||
$sortfield = "p.name";
|
||||
$sortorder = "ASC";
|
||||
}
|
||||
@ -178,7 +178,8 @@ else
|
||||
dol_print_error($db);
|
||||
}
|
||||
|
||||
llxFooter();
|
||||
|
||||
$db->close();
|
||||
|
||||
llxFooter();
|
||||
?>
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2005 Patrick Rouillon <patrick@rouillon.net>
|
||||
* Copyright (C) 2005-2009 Destailleur Laurent <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2012 Regis Houssin <regis@dolibarr.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -33,12 +34,10 @@ $langs->load("orders");
|
||||
$langs->load("sendings");
|
||||
$langs->load("companies");
|
||||
|
||||
$id=GETPOST('id');
|
||||
$ligne=GETPOST('ligne');
|
||||
$lineid=GETPOST('lineid');
|
||||
$action=GETPOST('action');
|
||||
|
||||
$id = isset($id)?$id:'';
|
||||
$id=GETPOST('id', 'int');
|
||||
$ref= GETPOST('ref', 'alpha');
|
||||
$lineid=GETPOST('lineid', 'int');
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
@ -49,7 +48,7 @@ $result = restrictedArea($user, 'propale', $id, 'propal');
|
||||
* Ajout d'un nouveau contact
|
||||
*/
|
||||
|
||||
if ($_POST["action"] == 'addcontact' && $user->rights->propale->creer)
|
||||
if ($action == 'addcontact' && $user->rights->propale->creer)
|
||||
{
|
||||
|
||||
$result = 0;
|
||||
@ -63,7 +62,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->propale->creer)
|
||||
|
||||
if ($result >= 0)
|
||||
{
|
||||
Header("Location: contact.php?id=".$propal->id);
|
||||
Header("Location: ".$_SERVER['PHP_SELF']."?id=".$propal->id);
|
||||
exit;
|
||||
}
|
||||
else
|
||||
@ -103,10 +102,11 @@ if ($action == 'deleteline' && $user->rights->propale->creer)
|
||||
|
||||
if ($result >= 0)
|
||||
{
|
||||
Header("Location: contact.php?id=".$propal->id);
|
||||
Header("Location: ".$_SERVER['PHP_SELF']."?id=".$propal->id);
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
else
|
||||
{
|
||||
dol_print_error($db);
|
||||
}
|
||||
}
|
||||
@ -131,27 +131,23 @@ $userstatic=new User($db);
|
||||
/* *************************************************************************** */
|
||||
dol_htmloutput_mesg($mesg);
|
||||
|
||||
$id = $id;
|
||||
$ref= GETPOST('ref');
|
||||
if ($id > 0 || ! empty($ref))
|
||||
{
|
||||
$propal = New Propal($db);
|
||||
if ( $propal->fetch($id,$ref) > 0)
|
||||
if ($propal->fetch($id,$ref) > 0)
|
||||
{
|
||||
$soc = new Societe($db);
|
||||
$soc->fetch($propal->socid);
|
||||
|
||||
|
||||
$head = propal_prepare_head($propal);
|
||||
dol_fiche_head($head, 'contact', $langs->trans("Proposal"), 0, 'propal');
|
||||
|
||||
|
||||
/*
|
||||
* Propal synthese pour rappel
|
||||
*/
|
||||
* Propal synthese pour rappel
|
||||
*/
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
$linkback="<a href=\"".DOL_URL_ROOT.'/comm/propal.php'."?page=$page&socid=$socid&viewstatut=$viewstatut&sortfield=$sortfield&$sortorder\">".$langs->trans("BackToList")."</a>";
|
||||
$linkback='<a href="'.DOL_URL_ROOT.'/comm/propal.php?page='.$page.'&socid='.$socid.'&viewstatut='.$viewstatut.'&sortfield='.$sortfield.'&sortorder='.$sortorder.'">'.$langs->trans("BackToList").'</a>';
|
||||
|
||||
// Ref
|
||||
print '<tr><td width="25%">'.$langs->trans('Ref').'</td><td colspan="3">';
|
||||
@ -179,17 +175,15 @@ if ($id > 0 || ! empty($ref))
|
||||
|
||||
print '</div>';
|
||||
|
||||
|
||||
/*
|
||||
* Lignes de contacts
|
||||
*/
|
||||
print '<br><table class="noborder" width="100%">';
|
||||
|
||||
/*
|
||||
* Lignes de contacts
|
||||
*/
|
||||
echo '<br><table class="noborder" width="100%">';
|
||||
|
||||
/*
|
||||
* Ajouter une ligne de contact
|
||||
* Non affiche en mode modification de ligne
|
||||
*/
|
||||
* Ajouter une ligne de contact
|
||||
* Non affiche en mode modification de ligne
|
||||
*/
|
||||
if ($action != 'editline' && $user->rights->propale->creer)
|
||||
{
|
||||
print '<tr class="liste_titre">';
|
||||
@ -351,7 +345,7 @@ if ($id > 0 || ! empty($ref))
|
||||
if ($user->rights->propale->creer)
|
||||
{
|
||||
print ' ';
|
||||
print '<a href="contact.php?id='.$propal->id.'&action=deleteline&lineid='.$tab[$i]['rowid'].'">';
|
||||
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$propal->id.'&action=deleteline&lineid='.$tab[$i]['rowid'].'">';
|
||||
print img_delete();
|
||||
print '</a>';
|
||||
}
|
||||
@ -370,7 +364,8 @@ if ($id > 0 || ! empty($ref))
|
||||
}
|
||||
}
|
||||
|
||||
llxFooter();
|
||||
|
||||
$db->close();
|
||||
|
||||
llxFooter();
|
||||
?>
|
||||
@ -516,20 +516,19 @@ class FormCompany
|
||||
// On recherche les societes
|
||||
$sql = "SELECT s.rowid, s.nom FROM";
|
||||
$sql.= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if ($selected && $conf->use_javascript_ajax && $conf->global->COMPANY_USE_SEARCH_TO_SELECT) $sql.= " WHERE rowid = ".$selected;
|
||||
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
|
||||
if ($selected && $conf->use_javascript_ajax && $conf->global->COMPANY_USE_SEARCH_TO_SELECT) $sql.= " AND rowid = ".$selected;
|
||||
else
|
||||
{
|
||||
// For ajax search we limit here. For combo list, we limit later
|
||||
if ($conf->use_javascript_ajax && $conf->global->COMPANY_USE_SEARCH_TO_SELECT
|
||||
&& is_array($limitto) && count($limitto))
|
||||
{
|
||||
$sql.= " WHERE rowid IN (".join(',',$limitto).")";
|
||||
$sql.= " AND rowid IN (".join(',',$limitto).")";
|
||||
}
|
||||
}
|
||||
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
|
||||
$sql.= " ORDER BY nom ASC";
|
||||
|
||||
//print $sql;
|
||||
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user