lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIx #5660

Browse Source
This commit is contained in:
Laurent Destailleur 2021-03-18 14:34:44 +01:00
parent 8d19c57731
commit 46972ec669
36 changed files with 334 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
htdocs/accountancy/bookkeeping/balance.php
View File

@ -135,6 +135,18 @@ if (!empty($search_accountancy_code_end)) {
$param .= '&search_accountancy_code_end='.$search_accountancy_code_end;
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/

18
htdocs/accountancy/bookkeeping/card.php
View File

@ -44,13 +44,6 @@ $id = GETPOST('id', 'int'); // id of record
$mode = GETPOST('mode', 'aZ09'); // '' or '_tmp'
$piece_num = GETPOST("piece_num", 'int'); // id of transaction (several lines share the same transaction id)
// Security check
if ($user->socid > 0) {
accessforbidden();
}
$mesg = '';
$accountingaccount = new AccountingAccount($db);
$accountingjournal = new AccountingJournal($db);
@ -83,6 +76,17 @@ if (!empty($update)) {
$object = new BookKeeping($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions

10
htdocs/accountancy/bookkeeping/list.php
View File

@ -171,6 +171,16 @@ if (empty($listofformat[$formatexportset])) {
$error = 0;
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions

10
htdocs/accountancy/bookkeeping/listbyaccount.php
View File

@ -163,6 +163,16 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action

11
htdocs/accountancy/bookkeeping/listbysubaccount.php
View File

@ -163,10 +163,21 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
}

10
htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
View File

@ -94,6 +94,16 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action

11
htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
View File

@ -94,10 +94,21 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if ($action == 'lettering') {
$result = $lettering->updateLettering($toselect);

26
htdocs/accountancy/closure/index.php
View File

@ -35,17 +35,6 @@ $socid = GETPOST('socid', 'int');
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
$object = new BookKeeping($db);
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
@ -67,10 +56,23 @@ $search_date_start = dol_mktime(0, 0, 0, $month_start, 1, $year_start);
$search_date_end = dol_get_last_day($year_end, $month_end);
$year_current = $year_start;
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'validate_movements_confirm' && $user->rights->accounting->fiscalyear->write) {
if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting->fiscalyear->write)) {
$result = $object->fetchAll();
if ($result < 0) {

7
htdocs/accountancy/customer/card.php
View File

@ -38,9 +38,16 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

8
htdocs/accountancy/customer/lines.php
View File

@ -80,13 +80,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -112,7 +116,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_tvaintra = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {

7
htdocs/accountancy/customer/list.php
View File

@ -88,10 +88,13 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
@ -148,7 +151,7 @@ if (empty($reshook)) {
}
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';

6
htdocs/accountancy/expensereport/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

23
htdocs/accountancy/expensereport/index.php
View File

@ -32,17 +32,6 @@ require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy"));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
if (GETPOST("year", 'int')) {
$year_start = GETPOST("year", 'int');
@ -65,13 +54,23 @@ $year_current = $year_start;
// Validate History
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det as erd";

8
htdocs/accountancy/expensereport/lines.php
View File

@ -74,13 +74,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -102,7 +106,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_year = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {

21
htdocs/accountancy/expensereport/list.php
View File

@ -83,19 +83,22 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
$accounting = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
@ -130,7 +133,7 @@ $permissiontodelete = $user->rights->expensereport->delete;
$uploaddir = $conf->expensereport->dir_output;
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
if (!empty($mesCasesCochees)) {

11
htdocs/accountancy/index.php
View File

@ -31,13 +31,20 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "accountancy", "loans", "banks", "admin", "dict"));
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
/*

8
htdocs/accountancy/journal/bankjournal.php
View File

@ -83,7 +83,13 @@ $now = dol_now();
$action = GETPOST('action', 'aZ09');
// Security check
if ($user->socid > 0 && empty($id_journal)) {
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}

8
htdocs/accountancy/journal/expensereportsjournal.php
View File

@ -58,13 +58,21 @@ if ($in_bookkeeping == '') {
$now = dol_now();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
$accountingaccount = new AccountingAccount($db);
// Get informations of journal

12
htdocs/accountancy/journal/purchasesjournal.php
View File

@ -57,17 +57,25 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
/*
* Actions
*/
$reshook = $hookmanager->executeHooks('doActions', $parameters, $user, $action); // Note that $action and $object may have been modified by some hooks
$accountingaccount = new AccountingAccount($db);

11
htdocs/accountancy/journal/sellsjournal.php
View File

@ -59,13 +59,20 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
/*
* Actions

6
htdocs/accountancy/supplier/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*

13
htdocs/accountancy/supplier/index.php
View File

@ -69,12 +69,23 @@ $action = GETPOST('action', 'aZ09');
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det as fd";

9
htdocs/accountancy/supplier/lines.php
View File

@ -80,16 +80,19 @@ if (!$sortorder) {
}
}
$formaccounting = new FormAccounting($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
/*
* Actions

19
htdocs/accountancy/supplier/list.php
View File

@ -88,14 +88,6 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('accountancysupplierlist'));
@ -107,6 +99,17 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUN
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions

23
htdocs/compta/resultat/clientfourn.php
View File

@ -49,18 +49,6 @@ $date_endday = GETPOST('date_endday', 'int');
$date_endyear = GETPOST('date_endyear', 'int');
$showaccountdetail = GETPOST('showaccountdetail', 'aZ09') ?GETPOST('showaccountdetail', 'aZ09') : 'no';
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
@ -151,6 +139,17 @@ if (GETPOST("modecompta", 'alpha')) {
$AccCat = new AccountancyCategory($db);
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
/*

17
htdocs/compta/resultat/index.php
View File

@ -108,6 +108,14 @@ $year_end = $tmpe['year'];
$nbofyear = ($year_end - $year_start) + 1;
//var_dump("year_start=".$year_start." year_end=".$year_end." nbofyear=".$nbofyear." date_start=".dol_print_date($date_start, 'dayhour')." date_end=".dol_print_date($date_end, 'dayhour'));
// Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES' or 'BOOKKEEPING')
$modecompta = $conf->global->ACCOUNTING_MODE;
if (!empty($conf->accounting->enabled)) {
$modecompta = 'BOOKKEEPING';
}
if (GETPOST("modecompta", 'alpha')) {
$modecompta = GETPOST("modecompta", 'alpha');
}
// Security check
$socid = GETPOST('socid', 'int');
@ -121,15 +129,6 @@ if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
// Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES' or 'BOOKKEEPING')
$modecompta = $conf->global->ACCOUNTING_MODE;
if (!empty($conf->accounting->enabled)) {
$modecompta = 'BOOKKEEPING';
}
if (GETPOST("modecompta", 'alpha')) {
$modecompta = GETPOST("modecompta", 'alpha');
}
/*
* View

20
htdocs/compta/resultat/result.php
View File

@ -144,16 +144,20 @@ if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta", 'alpha');
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->comptarapport->lire) {
accessforbidden();
}
$AccCat = new AccountancyCategory($db);
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
/*
* View

10
htdocs/compta/stats/byratecountry.php
View File

@ -44,16 +44,16 @@ $modecompta = (GETPOST('modecompta', 'alpha') ? GETPOST('modecompta', 'alpha') :
$year = GETPOST("year", 'int');
$month = GETPOST("month", 'int');
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"));
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q", "int");

14
htdocs/compta/stats/cabyprodserv.php
View File

@ -52,8 +52,8 @@ if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta");
}
$sortorder = isset($_GET["sortorder"]) ? $_GET["sortorder"] : $_POST["sortorder"];
$sortfield = isset($_GET["sortfield"]) ? $_GET["sortfield"] : $_POST["sortfield"];
$sortorder = GETPOST("sortorder", 'aZ09');
$sortfield = GETPOST("sortfield", 'aZ09');
if (!$sortorder) {
$sortorder = "asc";
}
@ -89,16 +89,16 @@ $date_endyear = GETPOST("date_endyear");
$date_endmonth = GETPOST("date_endmonth");
$date_endday = GETPOST("date_endday");
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"));
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q", "int");

30
htdocs/compta/stats/cabyuser.php
View File

@ -51,8 +51,8 @@ if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta");
}
$sortorder = isset($_GET["sortorder"]) ? $_GET["sortorder"] : $_POST["sortorder"];
$sortfield = isset($_GET["sortfield"]) ? $_GET["sortfield"] : $_POST["sortfield"];
$sortorder = GETPOST("sortorder", 'aZ09');
$sortfield = GETPOST("sortfield", 'aZ09');
if (!$sortorder) {
$sortorder = "asc";
}
@ -61,25 +61,25 @@ if (!$sortfield) {
}
// Date range
$year = GETPOST("year");
$month = GETPOST("month");
$date_startyear = GETPOST("date_startyear");
$date_startmonth = GETPOST("date_startmonth");
$date_startday = GETPOST("date_startday");
$date_endyear = GETPOST("date_endyear");
$date_endmonth = GETPOST("date_endmonth");
$date_endday = GETPOST("date_endday");
$year = GETPOST("year", 'int');
$month = GETPOST("month", 'int');
$date_startyear = GETPOST("date_startyear", 'int');
$date_startmonth = GETPOST("date_startmonth", 'int');
$date_startday = GETPOST("date_startday", 'int');
$date_endyear = GETPOST("date_endyear", 'int');
$date_endmonth = GETPOST("date_endmonth", 'int');
$date_endday = GETPOST("date_endday", 'int');
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, $_REQUEST["date_startmonth"], $_REQUEST["date_startday"], $_REQUEST["date_startyear"]);
$date_end = dol_mktime(23, 59, 59, $_REQUEST["date_endmonth"], $_REQUEST["date_endday"], $_REQUEST["date_endyear"]);
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q") ?GETPOST("q") : 0;

26
htdocs/compta/stats/casoc.php
View File

@ -44,8 +44,8 @@ if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta");
}
$sortorder = isset($_GET["sortorder"]) ? $_GET["sortorder"] : $_POST["sortorder"];
$sortfield = isset($_GET["sortfield"]) ? $_GET["sortfield"] : $_POST["sortfield"];
$sortorder = GETPOST("sortorder", 'aZ09');
$sortfield = GETPOST("sortfield", 'aZ09');
if (!$sortorder) {
$sortorder = "asc";
}
@ -83,23 +83,23 @@ $search_societe = GETPOST("search_societe", 'alpha');
$search_zip = GETPOST("search_zip", 'alpha');
$search_town = GETPOST("search_town", 'alpha');
$search_country = GETPOST("search_country", 'alpha');
$date_startyear = GETPOST("date_startyear", 'alpha');
$date_startmonth = GETPOST("date_startmonth", 'alpha');
$date_startday = GETPOST("date_startday", 'alpha');
$date_endyear = GETPOST("date_endyear", 'alpha');
$date_endmonth = GETPOST("date_endmonth", 'alpha');
$date_endday = GETPOST("date_endday", 'alpha');
$date_startyear = GETPOST("date_startyear", 'int');
$date_startmonth = GETPOST("date_startmonth", 'int');
$date_startday = GETPOST("date_startday", 'int');
$date_endyear = GETPOST("date_endyear", 'int');
$date_endmonth = GETPOST("date_endmonth", 'int');
$date_endday = GETPOST("date_endday", 'int');
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"));
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q", "int") ?GETPOST("q", "int") : 0;

4
htdocs/compta/stats/index.php
View File

@ -51,8 +51,8 @@ if (empty($year)) {
$month_current = dol_print_date(dol_now(), "%m");
$year_start = $year - ($nbofyear - 1);
}
$date_start = dol_mktime(0, 0, 0, $date_startmonth, $date_startday, $date_startyear);
$date_end = dol_mktime(23, 59, 59, $date_endmonth, $date_endday, $date_endyear);
$date_start = dol_mktime(0, 0, 0, $date_startmonth, $date_startday, $date_startyear, 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, $date_endmonth, $date_endday, $date_endyear, 'tzuserrel');
// We define date_start and date_end
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end

6
htdocs/compta/stats/supplier_turnover.php
View File

@ -47,8 +47,8 @@ if (empty($year)) {
$month_current = strftime("%m", dol_now());
$year_start = $year - ($nbofyear - 1);
}
$date_start = dol_mktime(0, 0, 0, $date_startmonth, $date_startday, $date_startyear);
$date_end = dol_mktime(23, 59, 59, $date_endmonth, $date_endday, $date_endyear);
$date_start = dol_mktime(0, 0, 0, $date_startmonth, $date_startday, $date_startyear, 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, $date_endmonth, $date_endday, $date_endyear, 'tzuserrel');
// We define date_start and date_end
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
@ -120,8 +120,6 @@ if (!empty($conf->accounting->enabled)) {
}
/*
* View
*/

40
htdocs/compta/stats/supplier_turnover_by_prodserv.php
View File

@ -30,27 +30,14 @@ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
// Load translation files required by the page
$langs->loadLangs(array("products", "categories", "errors", 'accountancy'));
// Security pack (data & check)
$socid = GETPOST('socid', 'int');
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
// Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES')
$modecompta = $conf->global->ACCOUNTING_MODE;
if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta");
}
$sortorder = isset($_GET["sortorder"]) ? $_GET["sortorder"] : $_POST["sortorder"];
$sortfield = isset($_GET["sortfield"]) ? $_GET["sortfield"] : $_POST["sortfield"];
$sortorder = GETPOST("sortorder", 'aZ09');
$sortfield = GETPOST("sortfield", 'aZ09');
if (!$sortorder) {
$sortorder = "asc";
}
@ -84,16 +71,16 @@ $date_endyear = GETPOST("date_endyear");
$date_endmonth = GETPOST("date_endmonth");
$date_endday = GETPOST("date_endday");
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"));
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q", "int");
@ -204,6 +191,19 @@ foreach ($allparams as $key => $value) {
$paramslink .= '&'.$key.'='.$value;
}
// Security pack (data & check)
$socid = GETPOST('socid', 'int');
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
/*
* View

36
htdocs/compta/stats/supplier_turnover_by_thirdparty.php
View File

@ -38,8 +38,8 @@ if (GETPOST("modecompta")) {
$modecompta = GETPOST("modecompta");
}
$sortorder = isset($_GET["sortorder"]) ? $_GET["sortorder"] : $_POST["sortorder"];
$sortfield = isset($_GET["sortfield"]) ? $_GET["sortfield"] : $_POST["sortfield"];
$sortorder = GETPOST("sortorder", 'aZ09');
$sortfield = GETPOST("sortfield", 'aZ09');
if (!$sortorder) {
$sortorder = "asc";
}
@ -59,17 +59,6 @@ if (GETPOST('subcat', 'alpha') === 'yes') {
// Hook
$hookmanager->initHooks(array('supplierturnoverbythirdpartylist'));
// Security check
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
// Date range
$year = GETPOST("year", 'int');
$month = GETPOST("month", 'int');
@ -84,16 +73,16 @@ $date_endyear = GETPOST("date_endyear", 'alpha');
$date_endmonth = GETPOST("date_endmonth", 'alpha');
$date_endday = GETPOST("date_endday", 'alpha');
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_current = dol_print_date(dol_now(), '%Y');
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year_current;
} else {
$year_current = $year;
$month_current = strftime("%m", dol_now());
$month_current = dol_print_date(dol_now(), '%m');
$year_start = $year;
}
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"));
$date_start = dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"), 'tzuserrel');
$date_end = dol_mktime(23, 59, 59, GETPOST("date_endmonth"), GETPOST("date_endday"), GETPOST("date_endyear"), 'tzuserrel');
// Quarter
if (empty($date_start) || empty($date_end)) { // We define date_start and date_end
$q = GETPOST("q", "int") ?GETPOST("q", "int") : 0;
@ -175,6 +164,17 @@ foreach ($allparams as $key => $value) {
$paramslink .= '&'.$key.'='.$value;
}
// Security check
if ($user->socid > 0) {
$socid = $user->socid;
}
if (!empty($conf->comptabilite->enabled)) {
$result = restrictedArea($user, 'compta', '', '', 'resultat');
}
if (!empty($conf->accounting->enabled)) {
$result = restrictedArea($user, 'accounting', '', '', 'comptarapport');
}
/*
* View

2
htdocs/langs/en_US/users.lang
View File

@ -72,7 +72,7 @@ ExportDataset_user_1=Users and their properties
DomainUser=Domain user %s
Reactivate=Reactivate
CreateInternalUserDesc=This form allows you to create an internal user in your company/organization. To create an external user (customer, vendor etc. ..), use the button 'Create Dolibarr User' from that third-party's contact card.
InternalExternalDesc=An <b>internal</b> user is a user that is part of your company/organization.<br>An <b>external</b> user is a customer, vendor or other (Creating an external user for a third-party can be done from the contact record of the third-party).<br><br>In both cases, permissions defines rights on Dolibarr, also external user can have a different menu manager than internal user (See Home - Setup - Display)
InternalExternalDesc=An <b>internal</b> user is a user that is part of your company/organization.<br>An <b>external</b> user is a customer, vendor or other that must view only data related to himself (Creating an external user for a third-party can be done from the contact record of the third-party).<br><br>In both cases, permissions defines rights on Dolibarr, also external user can have a different menu manager than internal user (See Home - Setup - Display)
PermissionInheritedFromAGroup=Permission granted because inherited from one of a user's group.
Inherited=Inherited
UserWillBe=Created user will be