fix multiple warnings
This commit is contained in:
Frédéric FRANCE
parent
744fe688aa
commit
46c4f28478
@ -41,7 +41,7 @@ $langs->loadLangs(array("companies", "compta", "accountancy", "products"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->accounting->bind->write) {
|
||||
if (empty($user->rights->accounting->bind->write)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ if (empty($conf->accounting->enabled)) {
|
||||
if ($user->socid > 0) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->accounting->bind->write) {
|
||||
if (empty($user->rights->accounting->bind->write)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -40,7 +40,7 @@ if (empty($conf->accounting->enabled)) {
|
||||
if ($user->socid > 0) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->accounting->bind->write) {
|
||||
if (empty($user->rights->accounting->bind->write)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -70,7 +70,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$this->where .= " m.statut != -1";
|
||||
$this->where .= " AND p.fk_adherent = m.rowid AND m.entity IN (".getEntity('adherent').")";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
if ($this->memberid) {
|
||||
$this->where .= " AND m.rowid = ".((int) $this->memberid);
|
||||
}
|
||||
@ -91,7 +91,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
@ -111,7 +111,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%Y') as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
$sql .= $this->db->order('dm', 'DESC');
|
||||
@ -132,7 +132,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
@ -153,7 +153,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
@ -174,7 +174,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " GROUP BY year";
|
||||
$sql .= $this->db->order('year', 'DESC');
|
||||
|
||||
@ -36,7 +36,7 @@ $sortorder = GETPOST('sortorder', 'aZ09');
|
||||
if (empty($conf->adherent->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->adherent->export) {
|
||||
if (empty($user->rights->adherent->export)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -48,7 +48,7 @@ $note = GETPOST('note', 'alpha');
|
||||
$typeid = (int) GETPOST('typeid', 'int');
|
||||
$amount = price2num(GETPOST('amount', 'alpha'), 'MT');
|
||||
|
||||
if (!$user->rights->adherent->cotisation->lire) {
|
||||
if (empty($user->rights->adherent->cotisation->lire)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("companies", "members", "bills", "users"));
|
||||
|
||||
if (!$user->rights->adherent->lire) {
|
||||
if (empty($user->rights->adherent->lire)) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -1327,7 +1327,7 @@ class ActionComm extends CommonObject
|
||||
$sql = "SELECT count(a.id) as nb";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if (!$user->rights->agenda->allactions->read) {
|
||||
@ -1339,7 +1339,7 @@ class ActionComm extends CommonObject
|
||||
$sql .= " AND a.percent >= 0 AND a.percent < 100";
|
||||
}
|
||||
$sql .= " AND a.entity IN (".getEntity('agenda').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -660,7 +660,7 @@ $sql .= ' a.fk_soc, a.fk_contact, a.fk_project,';
|
||||
$sql .= ' a.fk_element, a.elementtype,';
|
||||
$sql .= ' ca.code as type_code, ca.libelle as type_label, ca.color as type_color, ca.type as type_type, ca.picto as type_picto';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
// We must filter on resource table
|
||||
@ -711,7 +711,7 @@ if ($resourceid > 0) {
|
||||
if ($pid) {
|
||||
$sql .= " AND a.fk_project=".((int) $pid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
|
||||
@ -414,7 +414,7 @@ $sql .= $hookmanager->resPrint;
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields as ef ON (a.id = ef.fk_object)";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
|
||||
@ -468,7 +468,7 @@ if ($resourceid > 0) {
|
||||
if ($pid) {
|
||||
$sql .= " AND a.fk_project=".((int) $pid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
|
||||
@ -506,7 +506,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,';
|
||||
$sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,';
|
||||
$sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
// We must filter on resource table
|
||||
@ -557,7 +557,7 @@ if ($resourceid > 0) {
|
||||
if ($pid) {
|
||||
$sql .= " AND a.fk_project=".((int) $pid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
|
||||
@ -533,7 +533,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,';
|
||||
$sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,';
|
||||
$sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
// We must filter on resource table
|
||||
@ -584,7 +584,7 @@ if ($resourceid > 0) {
|
||||
if ($pid) {
|
||||
$sql .= " AND a.fk_project = ".((int) $pid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
|
||||
@ -82,14 +82,14 @@ if ($type == "f") {
|
||||
$sql = "SELECT s.rowid, s.nom as name, st.libelle as stcomm";
|
||||
$sql .= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."socpeople as p";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc";
|
||||
$sql .= " WHERE s.fk_stcomm = st.id";
|
||||
$sql .= " AND p.entity IN (".getEntity('socpeople').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($type == "c") {
|
||||
|
||||
@ -129,13 +129,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.fk_statut = ".Propal::STATUS_DRAFT;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -226,13 +226,13 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity($supplierproposalstatic->element).")";
|
||||
$sql .= " AND p.fk_statut = ".SupplierProposal::STATUS_DRAFT;
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -322,13 +322,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")";
|
||||
$sql .= " AND c.fk_statut = ".Commande::STATUS_DRAFT;
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -419,13 +419,13 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE cf.entity IN (".getEntity($supplierorderstatic->element).")";
|
||||
$sql .= " AND cf.fk_statut = ".CommandeFournisseur::STATUS_DRAFT;
|
||||
$sql .= " AND cf.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -511,7 +511,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
$sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
|
||||
@ -520,7 +520,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -561,12 +561,12 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= ", s.datec, s.tms";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")";
|
||||
$sql .= " AND s.client IN (".Societe::CUSTOMER.", ".Societe::PROSPECT.", ".Societe::CUSTOMER_AND_PROSPECT.")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -657,12 +657,12 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= ", s.datec as dc, s.tms as dm";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")";
|
||||
$sql .= " AND s.fournisseur = ".Societe::SUPPLIER;
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -762,13 +762,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire && 0) { // T
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contrat as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."product as p";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.entity IN (".getEntity($staticcontrat->element).")";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.fk_product = p.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -837,13 +837,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -953,13 +953,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_SHIPMENTONPROCESS.")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -2779,17 +2779,17 @@ class Propal extends CommonObject
|
||||
$sql = "SELECT s.rowid, s.nom as name, s.client,";
|
||||
$sql .= " p.rowid as propalid, p.fk_statut, p.total_ht, p.ref, p.remise, ";
|
||||
$sql .= " p.datep as dp, p.fin_validite as datelimite";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity('propal').")";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.fk_statut = c.id";
|
||||
if (!$user->rights->societe->client->voir && !$socid) { //restriction
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { //restriction
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -3293,7 +3293,7 @@ class Propal extends CommonObject
|
||||
|
||||
$sql = "SELECT p.rowid, p.ref, p.datec as datec, p.fin_validite as datefin, p.total_ht";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = " AND";
|
||||
@ -3470,7 +3470,7 @@ class Propal extends CommonObject
|
||||
$sql = "SELECT count(p.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
|
||||
@ -93,7 +93,7 @@ class PropaleStats extends Stats
|
||||
}
|
||||
//$this->where.= " AND p.fk_soc = s.rowid AND p.entity = ".$conf->entity;
|
||||
$this->where .= ($this->where ? ' AND ' : '')."p.entity IN (".getEntity('propal').")";
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($this->socid) {
|
||||
@ -129,7 +129,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -154,7 +154,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -178,7 +178,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%m') as dm, SUM(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -203,7 +203,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%m') as dm, AVG(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -226,7 +226,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%Y') as year, COUNT(*) as nb, SUM(".$this->field.") as total, AVG(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -252,7 +252,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
|
||||
$sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
|
||||
@ -81,13 +81,13 @@ if (!empty($conf->propal->enabled)) {
|
||||
$sql .= ", s.rowid as socid, s.nom as name, s.client, s.canvas, s.code_client, s.email, s.entity, s.code_compta";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.fk_statut =".Propal::STATUS_DRAFT;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -156,7 +156,7 @@ $sql = "SELECT c.rowid, c.entity, c.ref, c.fk_statut, date_cloture as datec";
|
||||
$sql .= ", s.nom as socname, s.rowid as socid, s.canvas, s.client, s.email, s.code_compta";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.entity IN (".getEntity($propalstatic->element).")";
|
||||
@ -165,7 +165,7 @@ $sql .= " AND c.fk_soc = s.rowid";
|
||||
if ($socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY c.tms DESC";
|
||||
@ -232,13 +232,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) {
|
||||
$sql .= ", p.rowid as propalid, p.entity, p.total_ttc, p.total_ht, p.ref, p.fk_statut, p.datep as dp, p.fin_validite as dfv";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.entity IN (".getEntity($propalstatic->element).")";
|
||||
$sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -317,12 +317,12 @@ if (! empty($conf->propal->enabled))
|
||||
$sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid";
|
||||
$sql.=" FROM ".MAIN_DB_PREFIX."propal as c";
|
||||
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.rowid";
|
||||
$sql.= " AND c.entity = ".$conf->entity;
|
||||
$sql.= " AND c.fk_statut = 1";
|
||||
if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid);
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
$sql.= " ORDER BY c.rowid DESC";
|
||||
|
||||
$resql=$db->query($sql);
|
||||
@ -392,12 +392,12 @@ if (! empty($conf->propal->enabled))
|
||||
$sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom as name, s.rowid as socid";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.rowid";
|
||||
$sql.= " AND c.entity = ".$conf->entity;
|
||||
$sql.= " AND c.fk_statut = 2 ";
|
||||
if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid);
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
$sql.= " ORDER BY c.rowid DESC";
|
||||
|
||||
$resql=$db->query($sql);
|
||||
|
||||
@ -509,7 +509,7 @@ $sql .= ' p.note_public, p.note_private,';
|
||||
$sql .= ' p.fk_cond_reglement,p.fk_mode_reglement,p.fk_shipping_method,p.fk_input_reason,';
|
||||
$sql .= " pr.rowid as project_id, pr.ref as project_ref, pr.title as project_label,";
|
||||
$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity as user_entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender';
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
if (!empty($search_categ_cus) && $search_categ_cus != '-1') {
|
||||
@ -547,7 +547,7 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON p.fk_user_author = u.rowid';
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as pr ON pr.rowid = p.fk_projet";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_availability as ava on (ava.rowid = p.fk_availability)";
|
||||
// We'll need this table joined to the select in order to filter by sale
|
||||
if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) {
|
||||
if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
if ($search_user > 0) {
|
||||
@ -562,7 +562,7 @@ $sql .= $hookmanager->resPrint;
|
||||
|
||||
$sql .= ' WHERE p.fk_soc = s.rowid';
|
||||
$sql .= ' AND p.entity IN ('.getEntity('propal').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) { //restriction
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { //restriction
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
|
||||
@ -111,7 +111,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenamenb = $dir.'/proposalsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
@ -147,7 +147,7 @@ if (!$mesg) {
|
||||
$data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear, 0);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenameamount = $dir.'/proposalsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
@ -182,7 +182,7 @@ if (!$mesg) {
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
$fileurl_avg = '';
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -80,13 +80,13 @@ if (!empty($conf->propal->enabled)) {
|
||||
$sql = "SELECT count(*) as cc, st.libelle, st.picto, st.id";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st ";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fk_stcomm = st.id";
|
||||
$sql .= " AND s.client IN (2, 3)";
|
||||
$sql .= " AND s.entity IN (".getEntity($companystatic->element).")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY st.id";
|
||||
@ -122,13 +122,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) {
|
||||
$sql = "SELECT p.rowid, p.ref, p.price, s.nom as sname";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.fk_statut = 0";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.entity IN (".getEntity('propal').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -183,14 +183,14 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) {
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."c_propalst as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.fk_statut = c.id";
|
||||
$sql .= " AND p.fk_statut = 1";
|
||||
$sql .= " AND p.entity IN (".getEntity('propal').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -244,12 +244,12 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) {
|
||||
*/
|
||||
$sql = "SELECT s.nom as name, s.rowid as socid, s.client, s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fk_stcomm = 1";
|
||||
$sql .= " AND s.entity IN (".getEntity($companystatic->element).")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY s.tms ASC";
|
||||
|
||||
@ -2678,16 +2678,16 @@ class Commande extends CommonOrder
|
||||
|
||||
$sql = "SELECT s.rowid, s.nom as name, s.client,";
|
||||
$sql .= " c.rowid as cid, c.ref";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.entity IN (".getEntity('commande').")";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) { //restriction
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { //restriction
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -3505,7 +3505,7 @@ class Commande extends CommonOrder
|
||||
|
||||
$sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = " AND";
|
||||
@ -3915,7 +3915,7 @@ class Commande extends CommonOrder
|
||||
$sql = "SELECT count(co.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as co";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
|
||||
@ -93,7 +93,7 @@ class CommandeStats extends Stats
|
||||
//$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity;
|
||||
$this->where .= ($this->where ? ' AND ' : '').'c.entity IN ('.getEntity('commande').')';
|
||||
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($this->socid) {
|
||||
@ -128,7 +128,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_commande,'%m') as dm, COUNT(*) as nb";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -153,7 +153,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_commande,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -177,7 +177,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_commande,'%m') as dm, SUM(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -202,7 +202,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_commande,'%m') as dm, AVG(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -225,7 +225,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_commande,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -249,7 +249,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
|
||||
$sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
|
||||
@ -77,16 +77,16 @@ $thirdpartystatic = new Societe($db);
|
||||
|
||||
$sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea";
|
||||
$sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta ";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fk_stcomm = st.id AND c.fk_soc = s.rowid";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if (GETPOST("search_nom")) {
|
||||
|
||||
@ -94,7 +94,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -103,7 +103,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -162,7 +162,7 @@ $sql .= ", s.code_client";
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -171,7 +171,7 @@ $sql .= " AND c.entity IN (".getEntity('commande').")";
|
||||
if ($socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY c.tms DESC";
|
||||
@ -246,7 +246,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -255,7 +255,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY c.rowid DESC";
|
||||
@ -335,7 +335,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
$sql .= ", s.canvas";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -344,7 +344,7 @@ if (!empty($conf->commande->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY c.rowid DESC";
|
||||
|
||||
@ -465,7 +465,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = c.fk_projet";
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON c.fk_user_author = u.rowid';
|
||||
|
||||
// We'll need this table joined to the select in order to filter by sale
|
||||
if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) {
|
||||
if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
if ($search_user > 0) {
|
||||
@ -486,7 +486,7 @@ if ($search_product_category > 0) {
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($search_ref) {
|
||||
|
||||
@ -112,7 +112,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenamenb = $dir.'/ordersnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -158,7 +158,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear);
|
||||
//var_dump($data);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenameamount = $dir.'/ordersamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -202,7 +202,7 @@ if (!$mesg) {
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -94,16 +94,16 @@ if ($mode == 'search') {
|
||||
|
||||
$sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea";
|
||||
$sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta ";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fk_stcomm = st.id AND s.client in (1, 3)";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if (dol_strlen($stcomm)) {
|
||||
|
||||
@ -150,7 +150,7 @@ $langs->load("boxes");
|
||||
|
||||
$sql = "SELECT u.rowid as uid, u.lastname, u.firstname, d.rowid, d.dated as date, d.tms as dm, d.km, d.fk_statut";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."deplacement as d, ".MAIN_DB_PREFIX."user as u";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE u.rowid = d.fk_user";
|
||||
@ -158,7 +158,7 @@ $sql .= " AND d.entity = ".$conf->entity;
|
||||
if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) {
|
||||
$sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')';
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND d.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -96,7 +96,7 @@ $sql .= " u.lastname, u.firstname"; // Qui
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."deplacement as d";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON d.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE d.fk_user = u.rowid";
|
||||
@ -104,7 +104,7 @@ $sql .= " AND d.entity = ".$conf->entity;
|
||||
if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) {
|
||||
$sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')';
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (sc.fk_user = ".((int) $user->id)." OR d.fk_soc IS NULL) ";
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -163,7 +163,7 @@ if (!$mesg) {
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -4055,16 +4055,16 @@ class Facture extends CommonInvoice
|
||||
|
||||
$sql = "SELECT s.rowid, s.nom as name, s.client,";
|
||||
$sql .= " f.rowid as fid, f.ref as ref, f.datef as df";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as f";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('invoice').")";
|
||||
$sql .= " AND f.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) { //restriction
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { //restriction
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -4254,7 +4254,7 @@ class Facture extends CommonInvoice
|
||||
|
||||
$sql = "SELECT f.rowid, f.date_lim_reglement as datefin,f.fk_statut, f.total_ht";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = " AND";
|
||||
@ -4501,7 +4501,7 @@ class Facture extends CommonInvoice
|
||||
$sql = "SELECT count(f.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
|
||||
@ -85,7 +85,7 @@ class FactureStats extends Stats
|
||||
|
||||
$this->where = " f.fk_statut >= 0";
|
||||
$this->where .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$this->where .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($mode == 'customer') {
|
||||
@ -129,7 +129,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(f.datef,'%m') as dm, COUNT(*) as nb";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -155,7 +155,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(f.datef,'%Y') as dm, COUNT(*), SUM(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -180,7 +180,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(datef,'%m') as dm, SUM(f.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -206,7 +206,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -229,7 +229,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -253,7 +253,7 @@ class FactureStats extends Stats
|
||||
|
||||
$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
|
||||
$sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
@ -281,7 +281,7 @@ class FactureStats extends Stats
|
||||
$startYear = $endYear - $numberYears;
|
||||
$sql = "SELECT date_format(datef,'%Y') as dm, SUM(f.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= $this->join;
|
||||
|
||||
@ -291,12 +291,12 @@ $sql = preg_replace('/,\s*$/', '', $sql);
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as f";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture_rec_extrafields as ef ON ef.fk_object = f.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
$sql .= ' AND f.entity IN ('.getEntity('invoice').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($search_ref) {
|
||||
|
||||
@ -592,7 +592,7 @@ if ($search_product_category > 0) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = f.fk_projet";
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user AS u ON f.fk_user_author = u.rowid';
|
||||
// We'll need this table joined to the select in order to filter by sale
|
||||
if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) {
|
||||
if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
if ($search_user > 0) {
|
||||
@ -606,7 +606,7 @@ $sql .= $hookmanager->resPrint;
|
||||
|
||||
$sql .= ' WHERE f.fk_soc = s.rowid';
|
||||
$sql .= ' AND f.entity IN ('.getEntity('invoice').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($search_product_category > 0) {
|
||||
|
||||
@ -192,7 +192,7 @@ if (!$mesg) {
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -129,12 +129,12 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) {
|
||||
$sql .= ", sum(pf.amount) as am";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays, ".MAIN_DB_PREFIX."facture as f";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = f.fk_soc";
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -279,12 +279,12 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
|
||||
$sql .= ", SUM(pf.amount) as am";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = ff.fk_soc";
|
||||
$sql .= " AND ff.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -589,7 +589,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user
|
||||
$sql .= ", c.rowid, c.ref, c.facture, c.fk_statut as status, c.total_ht, c.total_tva, c.total_ttc,";
|
||||
$sql .= " cc.rowid as country_id, cc.code as country_code";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande as c";
|
||||
@ -597,7 +597,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture AS f ON el.fk_target = f.rowid AND el.targettype = 'facture'";
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -201,11 +201,11 @@ if (GETPOST("orphelins", "alpha")) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid > 0) {
|
||||
|
||||
@ -39,7 +39,7 @@ if ($user->socid > 0) {
|
||||
}
|
||||
|
||||
$dir = $conf->facture->dir_output.'/payments';
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$dir .= '/private/'.$user->id; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,";
|
||||
$sql .= " s.nom as name, s.email, s.rowid as socid, s.tva_intra";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd";
|
||||
@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) {
|
||||
$sql .= " AND pfd.traite = 0";
|
||||
$sql .= " AND pfd.ext_payment_id IS NULL";
|
||||
$sql .= " AND pfd.fk_facture_fourn = f.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -137,12 +137,12 @@ if ($type != 'bank-transfer') {
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = f.fk_soc";
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,";
|
||||
$sql .= " s.nom as name, s.email, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd";
|
||||
@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) {
|
||||
$sql .= " AND pfd.traite = 0";
|
||||
$sql .= " AND pfd.ext_payment_id IS NULL";
|
||||
$sql .= " AND pfd.fk_facture = f.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -383,7 +383,7 @@ class Contact extends CommonObject
|
||||
|
||||
$sql = "SELECT count(sp.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."socpeople as sp";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE sp.fk_soc = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
|
||||
@ -386,11 +386,11 @@ if (!empty($search_categ_thirdparty) && $search_categ_thirdparty != '-1') {
|
||||
if (!empty($search_categ_supplier) && $search_categ_supplier != '-1') {
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_fournisseur as cs2 ON s.rowid = cs2.fk_soc"; // We need this table joined to the select in order to filter by categ
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
}
|
||||
$sql .= ' WHERE p.entity IN ('.getEntity('socpeople').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) { //restriction
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { //restriction
|
||||
$sql .= " AND (sc.fk_user = ".((int) $user->id)." OR p.fk_soc IS NULL)";
|
||||
}
|
||||
if (!empty($userid)) { // propre au commercial
|
||||
|
||||
@ -2187,7 +2187,7 @@ class Contrat extends CommonObject
|
||||
$this->from = " FROM ".MAIN_DB_PREFIX."contrat as c";
|
||||
$this->from .= ", ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
$this->from .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$this->from .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
|
||||
@ -2218,7 +2218,7 @@ class Contrat extends CommonObject
|
||||
if ($user->socid) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -2286,7 +2286,7 @@ class Contrat extends CommonObject
|
||||
$sql = "SELECT count(c.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
|
||||
@ -92,7 +92,7 @@ $vals = array();
|
||||
$sql = "SELECT count(cd.rowid) as nb, cd.statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid";
|
||||
@ -101,7 +101,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")";
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND c.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY cd.statut";
|
||||
@ -129,7 +129,7 @@ if ($resql) {
|
||||
$sql = "SELECT count(cd.rowid) as nb, cd.statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid";
|
||||
@ -138,7 +138,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")";
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND c.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY cd.statut";
|
||||
@ -240,13 +240,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) {
|
||||
$sql = "SELECT c.rowid, c.ref,";
|
||||
$sql .= " s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = c.fk_soc";
|
||||
$sql .= " AND c.entity IN (".getEntity('contract', 0).")";
|
||||
$sql .= " AND c.statut = 0";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -311,7 +311,7 @@ $sql .= " sum(".$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NOT NULL AN
|
||||
$sql .= " sum(".$db->ifsql("cd.statut=5", 1, 0).') as nb_closed,';
|
||||
$sql .= " c.rowid as cid, c.ref, c.datec, c.tms, c.statut, s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s,";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."contrat as c";
|
||||
@ -319,7 +319,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contra
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.entity IN (".getEntity('contract', 0).")";
|
||||
$sql .= " AND c.statut > 0";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -386,7 +386,7 @@ $sql .= " s.nom as name,";
|
||||
$sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."contrat as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
@ -394,7 +394,7 @@ $sql .= ") LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
|
||||
$sql .= " WHERE c.entity IN (".getEntity('contract', 0).")";
|
||||
$sql .= " AND cd.fk_contrat = c.rowid";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -466,7 +466,7 @@ $sql .= " s.nom as name,";
|
||||
$sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."contrat as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
@ -476,7 +476,7 @@ $sql .= " AND c.statut = 1";
|
||||
$sql .= " AND cd.statut = 0";
|
||||
$sql .= " AND cd.fk_contrat = c.rowid";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -547,7 +547,7 @@ $sql .= " s.nom as name,";
|
||||
$sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."contrat as c";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
@ -558,7 +558,7 @@ $sql .= " AND cd.statut = 4";
|
||||
$sql .= " AND cd.date_fin_validite < '".$db->idate($now)."'";
|
||||
$sql .= " AND cd.fk_contrat = c.rowid";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -255,7 +255,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)";
|
||||
if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) {
|
||||
if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."contrat as c";
|
||||
@ -281,7 +281,7 @@ if ($search_product_category > 0) {
|
||||
if ($socid) {
|
||||
$sql .= " AND s.rowid = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($search_date_start) {
|
||||
|
||||
@ -218,7 +218,7 @@ $sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut, c.ref_customer, c.ref
|
||||
$sql .= " s.rowid as socid, s.nom as name, s.email, s.client, s.fournisseur,";
|
||||
$sql .= " cd.rowid, cd.description, cd.statut,";
|
||||
$sql .= " p.rowid as pid, p.ref as pref, p.label as label, p.fk_product_type as ptype, p.entity as pentity,";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " sc.fk_soc, sc.fk_user,";
|
||||
}
|
||||
$sql .= " cd.date_ouverture_prevue,";
|
||||
@ -244,7 +244,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N
|
||||
$sql .= $hookmanager->resPrint;
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s,";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
@ -261,7 +261,7 @@ if ($search_product_category > 0) {
|
||||
$sql .= " AND cp.fk_categorie = ".((int) $search_product_category);
|
||||
}
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($mode == "0") {
|
||||
|
||||
@ -92,14 +92,14 @@ class box_actions extends ModeleBoxes
|
||||
$sql .= ", s.code_client, s.code_compta, s.client";
|
||||
$sql .= ", s.logo, s.email, s.entity";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
}
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
|
||||
$sql .= " WHERE a.fk_action = ta.id";
|
||||
$sql .= " AND a.entity IN (".getEntity('actioncomm').")";
|
||||
$sql .= " AND a.percent >= 0 AND a.percent < 100";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")";
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -113,13 +113,13 @@ class box_activity extends ModeleBoxes
|
||||
if ($refresh) {
|
||||
$sql = "SELECT p.fk_statut, SUM(p.total_ttc) as Mnttot, COUNT(*) as nb";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ")";
|
||||
$sql .= " WHERE p.entity IN (".getEntity('propal').")";
|
||||
$sql .= " AND p.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
@ -203,13 +203,13 @@ class box_activity extends ModeleBoxes
|
||||
if ($refresh) {
|
||||
$sql = "SELECT c.fk_statut, sum(c.total_ttc) as Mnttot, count(*) as nb";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ")";
|
||||
$sql .= " WHERE c.entity IN (".getEntity('commande').")";
|
||||
$sql .= " AND c.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
@ -291,12 +291,12 @@ class box_activity extends ModeleBoxes
|
||||
if ($refresh) {
|
||||
$sql = "SELECT f.fk_statut, SUM(f.total_ttc) as Mnttot, COUNT(*) as nb";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ")";
|
||||
$sql .= " WHERE f.entity IN (".getEntity('invoice').')';
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -92,12 +92,12 @@ class box_clients extends ModeleBoxes
|
||||
$sql .= ", s.logo, s.email, s.entity";
|
||||
$sql .= ", s.datec, s.tms, s.status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.client IN (1, 3)";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -101,7 +101,7 @@ class box_commandes extends ModeleBoxes
|
||||
$sql .= ", c.total_ttc";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -109,7 +109,7 @@ class box_commandes extends ModeleBoxes
|
||||
if (!empty($conf->global->ORDER_BOX_LAST_ORDERS_VALIDATED_ONLY)) {
|
||||
$sql .= " AND c.fk_statut = 1";
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -103,11 +103,11 @@ class box_contacts extends ModeleBoxes
|
||||
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
|
||||
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE sp.entity IN (".getEntity('socpeople').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -86,12 +86,12 @@ class box_contracts extends ModeleBoxes
|
||||
$sql .= " c.rowid, c.ref, c.statut as fk_statut, c.date_contrat, c.datec, c.fin_validite, c.date_cloture";
|
||||
$sql .= ", c.ref_customer, c.ref_supplier";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -93,12 +93,12 @@ class box_customers_outstanding_bill_reached extends ModeleBoxes
|
||||
$sql .= ", s.outstanding_limit";
|
||||
$sql .= ", s.datec, s.tms, s.status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.client IN (1, 3)";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -100,13 +100,13 @@ class box_factures extends ModeleBoxes
|
||||
$sql .= ", s.logo, s.email, s.entity";
|
||||
$sql .= ", s.tva_intra, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4, s.idprof5, s.idprof6";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ")";
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -100,12 +100,12 @@ class box_factures_fourn extends ModeleBoxes
|
||||
$sql .= ', f.date_lim_reglement as datelimite, f.tms, f.type';
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
$sql .= " AND f.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -95,14 +95,14 @@ class box_factures_fourn_imp extends ModeleBoxes
|
||||
$sql .= ", f.tms";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ",".MAIN_DB_PREFIX."facture_fourn as f";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
$sql .= " AND f.entity = ".$conf->entity;
|
||||
$sql .= " AND f.paye = 0";
|
||||
$sql .= " AND fk_statut = 1";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -108,7 +108,7 @@ class box_factures_imp extends ModeleBoxes
|
||||
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
|
||||
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."facture as f";
|
||||
@ -117,7 +117,7 @@ class box_factures_imp extends ModeleBoxes
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
$sql .= " AND f.paye = 0";
|
||||
$sql .= " AND fk_statut = 1";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -89,13 +89,13 @@ class box_ficheinter extends ModeleBoxes
|
||||
$sql .= ", s.code_client, s.code_compta, s.client";
|
||||
$sql .= ", s.logo, s.email, s.entity";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir) {
|
||||
if (empty($user->rights->societe->client->voir)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."fichinter as f";
|
||||
$sql .= " WHERE f.fk_soc = s.rowid ";
|
||||
$sql .= " AND f.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -87,12 +87,12 @@ class box_fournisseurs extends ModeleBoxes
|
||||
$sql .= ", s.logo, s.email, s.entity";
|
||||
$sql .= ", s.datec, s.tms, s.status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fournisseur = 1";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -99,7 +99,7 @@ class box_graph_invoices_permonth extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -93,7 +93,7 @@ class box_graph_invoices_peryear extends ModeleBoxes
|
||||
$prefix = '';
|
||||
$socid = 0;
|
||||
if ($user->socid) $socid = $user->socid;
|
||||
if (!$user->rights->societe->client->voir || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
if (empty($user->rights->societe->client->voir) || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
|
||||
if ($user->rights->facture->lire) {
|
||||
$mesg = '';
|
||||
|
||||
@ -98,7 +98,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -99,7 +99,7 @@ class box_graph_orders_permonth extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -98,7 +98,7 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -101,7 +101,7 @@ class box_graph_propales_permonth extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
|
||||
@ -96,7 +96,7 @@ class box_last_modified_ticket extends ModeleBoxes
|
||||
|
||||
$sql .= " WHERE t.entity IN (".getEntity('ticket').')';
|
||||
// $sql.= " AND e.rowid = er.fk_event";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id);
|
||||
if ($user->socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $user->socid);
|
||||
}
|
||||
|
||||
@ -95,7 +95,7 @@ class box_last_ticket extends ModeleBoxes
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=t.fk_soc";
|
||||
$sql .= " WHERE t.entity IN (".getEntity('ticket').")";
|
||||
// $sql.= " AND e.rowid = er.fk_event";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
if ($user->socid) {
|
||||
$sql .= " AND t.fk_soc= ".((int) $user->socid);
|
||||
}
|
||||
|
||||
@ -90,12 +90,12 @@ class box_propales extends ModeleBoxes
|
||||
$sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.fk_soc = s.rowid";
|
||||
$sql .= " AND p.entity IN (".getEntity('propal').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -93,12 +93,12 @@ class box_prospect extends ModeleBoxes
|
||||
$sql .= ", s.fk_stcomm";
|
||||
$sql .= ", s.datec, s.tms, s.status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.client IN (2, 3)";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -95,7 +95,7 @@ class box_services_contracts extends ModeleBoxes
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc";
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= ")";
|
||||
|
||||
@ -86,7 +86,7 @@ class box_services_expired extends ModeleBoxes
|
||||
$sql .= " s.nom as name, s.rowid as socid, s.email, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,";
|
||||
$sql .= " MIN(cd.date_fin_validite) as date_line, COUNT(cd.rowid) as nb_services";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe s, ".MAIN_DB_PREFIX."contratdet as cd";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE cd.statut = 4 AND cd.date_fin_validite <= '".$this->db->idate($now)."'";
|
||||
@ -95,7 +95,7 @@ class box_services_expired extends ModeleBoxes
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND c.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY c.rowid, c.ref, c.statut, c.date_contrat, c.ref_customer, c.ref_supplier, s.nom, s.rowid";
|
||||
|
||||
@ -101,7 +101,7 @@ class box_shipments extends ModeleBoxes
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE e.entity IN (".getEntity('expedition').")";
|
||||
@ -111,7 +111,7 @@ class box_shipments extends ModeleBoxes
|
||||
if ($user->socid > 0) {
|
||||
$sql.= " AND s.rowid = ".((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
} else {
|
||||
$sql .= " ORDER BY e.date_delivery, e.ref DESC ";
|
||||
|
||||
@ -92,12 +92,12 @@ class box_supplier_orders extends ModeleBoxes
|
||||
$sql .= ", c.fk_statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.entity IN (".getEntity('supplier_order').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -92,13 +92,13 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes
|
||||
$sql .= ", c.fk_statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
$sql .= " AND c.entity IN (".getEntity('supplier_order').")";
|
||||
$sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($user->socid) {
|
||||
|
||||
@ -2048,19 +2048,19 @@ abstract class CommonObject
|
||||
if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) {
|
||||
$tmparray = explode('@', $this->ismultientitymanaged);
|
||||
$sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
||||
} elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
||||
}
|
||||
if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE te.".$fieldid." < '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists)
|
||||
if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)';
|
||||
}
|
||||
if (!empty($filter)) {
|
||||
@ -2072,7 +2072,7 @@ abstract class CommonObject
|
||||
if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) {
|
||||
$tmparray = explode('@', $this->ismultientitymanaged);
|
||||
$sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
||||
}
|
||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
|
||||
@ -2118,19 +2118,19 @@ abstract class CommonObject
|
||||
if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) {
|
||||
$tmparray = explode('@', $this->ismultientitymanaged);
|
||||
$sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
||||
} elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
||||
}
|
||||
if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE te.".$fieldid." > '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists)
|
||||
if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)';
|
||||
}
|
||||
if (!empty($filter)) {
|
||||
@ -2142,7 +2142,7 @@ abstract class CommonObject
|
||||
if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) {
|
||||
$tmparray = explode('@', $this->ismultientitymanaged);
|
||||
$sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) {
|
||||
} elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
||||
}
|
||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
|
||||
|
||||
@ -1347,7 +1347,7 @@ class Form
|
||||
if (!empty($conf->global->COMPANY_SHOW_ADDRESS_SELECTLIST)) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as dictp ON dictp.rowid = s.fk_pays";
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.entity IN (".getEntity('societe').")";
|
||||
@ -1357,7 +1357,7 @@ class Form
|
||||
if ($filter) {
|
||||
$sql .= " AND (".$filter.")";
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if (!empty($conf->global->COMPANY_HIDE_INACTIVE_IN_COMBOBOX)) {
|
||||
@ -7029,7 +7029,7 @@ class Form
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX.$tmparray[1]." as parenttable ON parenttable.rowid = t.".$tmparray[0];
|
||||
}
|
||||
if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') {
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
}
|
||||
@ -7057,7 +7057,7 @@ class Form
|
||||
}
|
||||
}
|
||||
if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') {
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
}
|
||||
|
||||
@ -162,12 +162,12 @@ function show_array_actions_to_do($max = 5)
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN ";
|
||||
$sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE a.entity IN (".getEntity('agenda').")";
|
||||
$sql .= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep2 > '".$db->idate($now)."'))";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -278,12 +278,12 @@ function show_array_last_actions_done($max = 5)
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN ";
|
||||
$sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action ";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE a.entity IN (".getEntity('agenda').")";
|
||||
$sql .= " AND (a.percent >= 100 OR (a.percent = -1 AND a.datep2 <= '".$db->idate($now)."'))";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -233,7 +233,7 @@ function getCustomerInvoicePieChart($socid = 0)
|
||||
$sql = "SELECT count(f.rowid), f.fk_statut";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."facture as f";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
@ -241,7 +241,7 @@ function getCustomerInvoicePieChart($socid = 0)
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND f.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY f.fk_statut";
|
||||
@ -353,7 +353,7 @@ function getPurchaseInvoicePieChart($socid = 0)
|
||||
$sql = "SELECT count(f.rowid), f.fk_statut";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
@ -361,7 +361,7 @@ function getPurchaseInvoicePieChart($socid = 0)
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND f.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY f.fk_statut";
|
||||
@ -609,16 +609,16 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0)
|
||||
$sql .= ", s.rowid as socid, s.email";
|
||||
$sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur";
|
||||
$sql .= ", cc.rowid as country_id, cc.code as country_code";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT;
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -633,7 +633,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0)
|
||||
$sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,";
|
||||
$sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,";
|
||||
$sql .= " cc.rowid, cc.code";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
|
||||
@ -757,12 +757,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0)
|
||||
$sql .= ", s.code_fournisseur, s.code_compta_fournisseur";
|
||||
$sql .= ", cc.rowid as country_id, cc.code as country_code";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT;
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -879,7 +879,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0)
|
||||
$sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
@ -887,7 +887,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0)
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY f.tms DESC";
|
||||
@ -984,7 +984,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0)
|
||||
$sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
@ -992,7 +992,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0)
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY f.tms DESC";
|
||||
@ -1103,12 +1103,12 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0)
|
||||
$sql .= ", sum(pf.amount) as am";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = ".Facture::STATUS_VALIDATED;
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').')';
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
@ -1289,14 +1289,14 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0)
|
||||
$sql .= ", sum(pf.amount) as am";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.rowid = ff.fk_soc";
|
||||
$sql .= " AND ff.entity = ".$conf->entity;
|
||||
$sql .= " AND ff.paye = 0";
|
||||
$sql .= " AND ff.fk_statut = ".FactureFournisseur::STATUS_VALIDATED;
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -199,7 +199,7 @@ function getCustomerOrderPieChart($socid = 0)
|
||||
$sql = "SELECT count(c.rowid) as nb, c.fk_statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -207,7 +207,7 @@ function getCustomerOrderPieChart($socid = 0)
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND c.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY c.fk_statut";
|
||||
|
||||
@ -178,7 +178,7 @@ function getCustomerProposalPieChart($socid = 0)
|
||||
$sql = "SELECT count(p.rowid) as nb, p.fk_statut as status";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")";
|
||||
@ -186,7 +186,7 @@ function getCustomerProposalPieChart($socid = 0)
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND p.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")";
|
||||
|
||||
@ -514,7 +514,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
|
||||
$deleteok = 0;
|
||||
}
|
||||
} elseif ($feature == 'adherent') {
|
||||
if (!$user->rights->adherent->supprimer) {
|
||||
if (empty($user->rights->adherent->supprimer)) {
|
||||
$deleteok = 0;
|
||||
}
|
||||
} elseif (!empty($feature2)) { // This is for permissions on 2 levels
|
||||
@ -662,7 +662,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta
|
||||
if ($user->socid <> $objectid) {
|
||||
return false;
|
||||
}
|
||||
} elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) {
|
||||
} elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) {
|
||||
// If internal user: Check permission for internal users that are restricted on their objects
|
||||
$sql = "SELECT COUNT(sc.fk_soc) as nb";
|
||||
$sql .= " FROM (".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
@ -685,7 +685,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||
$sql .= " WHERE dbt.".$dbt_select." IN (".$db->sanitize($objectid, 1).")";
|
||||
$sql .= " AND dbt.fk_soc = ".((int) $user->socid);
|
||||
} elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) {
|
||||
} elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) {
|
||||
// If internal user: Check permission for internal users that are restricted on their objects
|
||||
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||
@ -755,7 +755,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||
$sql .= " WHERE dbt.rowid IN (".$db->sanitize($objectid, 1).")";
|
||||
$sql .= " AND dbt.".$dbt_keyfield." = ".((int) $user->socid);
|
||||
} elseif (!empty($conf->societe->enabled) && !$user->rights->societe->client->voir) {
|
||||
} elseif (!empty($conf->societe->enabled) && empty($user->rights->societe->client->voir)) {
|
||||
// If internal user: Check permission for internal users that are restricted on their objects
|
||||
if ($feature != 'ticket') {
|
||||
if (empty($dbt_keyfield)) {
|
||||
|
||||
@ -196,7 +196,7 @@ class pdf_paiement
|
||||
$sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,";
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facture = f.rowid AND pf.fk_paiement = p.rowid";
|
||||
@ -205,7 +205,7 @@ class pdf_paiement
|
||||
}
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if (!empty($socid)) {
|
||||
@ -234,7 +234,7 @@ class pdf_paiement
|
||||
$sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,";
|
||||
}
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facturefourn = f.rowid AND pf.fk_paiementfourn = p.rowid";
|
||||
@ -243,7 +243,7 @@ class pdf_paiement
|
||||
}
|
||||
$sql .= " AND f.entity IN (".getEntity('invoice').")";
|
||||
$sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if (!empty($socid)) {
|
||||
|
||||
@ -68,7 +68,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv
|
||||
$accessallowed = 1;
|
||||
} elseif ($modulepart == 'member') {
|
||||
$result = restrictedArea($user, 'adherent', $id, '', '', 'fk_soc', 'rowid');
|
||||
if (!$user->rights->adherent->lire) {
|
||||
if (empty($user->rights->adherent->lire)) {
|
||||
accessforbidden();
|
||||
}
|
||||
$accessallowed = 1;
|
||||
|
||||
@ -119,7 +119,7 @@ if ($user->socid > 0) {
|
||||
|
||||
// For some module part, dir may be privates
|
||||
if (in_array($modulepart, array('facture_paiement', 'unpaid'))) {
|
||||
if (!$user->rights->societe->client->voir || $socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $socid) {
|
||||
$original_file = 'private/'.$user->id.'/'.$original_file; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
}
|
||||
|
||||
@ -70,7 +70,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
$filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png';
|
||||
@ -105,7 +105,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear);
|
||||
//var_dump($data);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid)
|
||||
{
|
||||
$filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
}
|
||||
@ -143,7 +143,7 @@ if (! $mesg)
|
||||
/*
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid)
|
||||
{
|
||||
$filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png';
|
||||
}
|
||||
|
||||
@ -282,13 +282,13 @@ if ($projectid > 0) {
|
||||
// Title
|
||||
$morehtmlref .= $project->title;
|
||||
// Thirdparty
|
||||
if ($project->thirdparty->id > 0) {
|
||||
if (isset($project->thirdparty->id) && $project->thirdparty->id > 0) {
|
||||
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$project->thirdparty->getNomUrl(1, 'project');
|
||||
}
|
||||
$morehtmlref .= '</div>';
|
||||
|
||||
// Define a complementary filter for search of next/prev ref.
|
||||
if (!$user->rights->project->all->lire) {
|
||||
if (empty($user->rights->project->all->lire)) {
|
||||
$objectsListId = $project->getProjectsAuthorizedForUser($user, 0, 0);
|
||||
$project->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
|
||||
}
|
||||
|
||||
@ -73,7 +73,7 @@ class ExpeditionStats extends Stats
|
||||
|
||||
//$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity;
|
||||
$this->where .= " AND c.entity = ".$conf->entity;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($this->socid) {
|
||||
@ -97,7 +97,7 @@ class ExpeditionStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
|
||||
@ -121,7 +121,7 @@ class ExpeditionStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE ".$this->where;
|
||||
@ -142,7 +142,7 @@ class ExpeditionStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE ".$this->where;
|
||||
|
||||
@ -66,7 +66,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping'";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc";
|
||||
$sql .= $clause." sc.fk_user = ".((int) $user->id);
|
||||
$clause = " AND ";
|
||||
@ -138,11 +138,11 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc";
|
||||
}
|
||||
$sql .= " WHERE e.entity IN (".getEntity('expedition').")";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " AND e.fk_statut = ".Expedition::STATUS_VALIDATED;
|
||||
@ -208,7 +208,7 @@ if ($resql) {
|
||||
$sql = "SELECT c.rowid, c.ref, c.ref_client as ref_customer, c.fk_statut as status, c.facture as billed, s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.fk_soc = s.rowid";
|
||||
@ -217,7 +217,7 @@ $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS
|
||||
if ($socid > 0) {
|
||||
$sql .= " AND c.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY c.rowid ASC";
|
||||
|
||||
@ -277,7 +277,7 @@ if ($search_user > 0) { // Get link to order to get the order id in eesource.fk
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as eesource ON eesource.fk_target = e.rowid AND eesource.targettype = 'shipping' AND eesource.sourcetype = 'commande'";
|
||||
}
|
||||
// We'll need this table joined to the select in order to filter by sale
|
||||
if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) {
|
||||
if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
if ($search_user > 0) {
|
||||
@ -291,7 +291,7 @@ if ($search_product_category > 0) {
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all
|
||||
$sql .= " AND e.fk_soc = sc.fk_soc";
|
||||
$sql .= " AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -75,7 +75,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
$filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png';
|
||||
@ -110,7 +110,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear);
|
||||
//var_dump($data);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid)
|
||||
{
|
||||
$filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
}
|
||||
@ -148,7 +148,7 @@ if (! $mesg)
|
||||
/*
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid)
|
||||
{
|
||||
$filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png';
|
||||
}
|
||||
|
||||
@ -146,7 +146,7 @@ if (!$mesg) {
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') {
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -761,7 +761,7 @@ if ($action == 'create') {
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter_rec as f";
|
||||
$sql .= " , ".MAIN_DB_PREFIX."societe as s ";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
@ -769,7 +769,7 @@ if ($action == 'create') {
|
||||
if ($socid) {
|
||||
$sql .= " AND s.rowid = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($search_ref) {
|
||||
|
||||
@ -204,7 +204,7 @@ class Fichinter extends CommonObject
|
||||
$sql = "SELECT count(fi.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter as fi";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON fi.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
|
||||
@ -72,7 +72,7 @@ class FichinterStats extends Stats
|
||||
$this->field_line = '0';
|
||||
//$this->where.= " AND c.fk_statut > 0"; // Not draft and not cancelled
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$this->where .= ($this->where ? ' AND ' : '')."c.entity IN (".getEntity('fichinter').')';
|
||||
@ -98,7 +98,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
|
||||
@ -122,7 +122,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, 0";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE ".$this->where;
|
||||
@ -145,7 +145,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%m') as dm, 0";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
|
||||
@ -169,7 +169,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%m') as dm, 0";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
|
||||
@ -191,7 +191,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, 0 as total, 0 as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$this->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$this->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE ".$this->where;
|
||||
@ -214,7 +214,7 @@ class FichinterStats extends Stats
|
||||
|
||||
$sql = "SELECT product.ref, COUNT(product.ref) as nb, 0 as total, 0 as avg";
|
||||
$sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " AND c.rowid = tl.fk_fichinter AND tl.fk_product = product.rowid";
|
||||
$sql .= " AND c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'";
|
||||
|
||||
@ -74,7 +74,7 @@ print '<div class="fichecenter"><div class="fichethirdleft">';
|
||||
$sql = "SELECT count(f.rowid), f.fk_statut";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."fichinter as f";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
|
||||
@ -82,7 +82,7 @@ $sql .= " AND f.fk_soc = s.rowid";
|
||||
if ($user->socid) {
|
||||
$sql .= ' AND f.fk_soc = '.((int) $user->socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " GROUP BY f.fk_statut";
|
||||
@ -192,7 +192,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
$sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
|
||||
@ -201,7 +201,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
@ -242,7 +242,7 @@ $sql = "SELECT f.rowid, f.ref, f.fk_statut, f.date_valid as datec, f.tms as date
|
||||
$sql .= " s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f,";
|
||||
$sql .= " ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
|
||||
@ -251,7 +251,7 @@ $sql .= " AND f.fk_soc = s.rowid";
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY f.tms DESC";
|
||||
@ -315,7 +315,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
$sql = "SELECT f.rowid, f.ref, f.fk_statut, s.nom as name, s.rowid as socid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f";
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE f.entity IN (".getEntity('intervention').")";
|
||||
@ -324,7 +324,7 @@ if (!empty($conf->ficheinter->enabled)) {
|
||||
if ($socid) {
|
||||
$sql .= " AND f.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
$sql .= " ORDER BY f.rowid DESC";
|
||||
|
||||
@ -257,7 +257,7 @@ $parameters = array();
|
||||
$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook
|
||||
$sql .= $hookmanager->resPrint;
|
||||
|
||||
if (!$user->rights->societe->client->voir && empty($socid)) {
|
||||
if (empty($user->rights->societe->client->voir) && empty($socid)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
|
||||
@ -285,7 +285,7 @@ if ($search_desc) {
|
||||
if ($search_status != '' && $search_status >= 0) {
|
||||
$sql .= ' AND f.fk_statut = '.urlencode($search_status);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && empty($socid)) {
|
||||
if (empty($user->rights->societe->client->voir) && empty($socid)) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
if ($socid) {
|
||||
|
||||
@ -79,7 +79,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenamenb = $dir.'/interventionsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
@ -114,7 +114,7 @@ if (!$mesg) {
|
||||
$data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filenameamount = $dir.'/interventionsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
@ -148,7 +148,7 @@ if (!$mesg) {
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) || $user->socid) {
|
||||
$filename_avg = $dir.'/interventionsaverage-'.$user->id.'-'.$year.'.png';
|
||||
$fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsaverage-'.$user->id.'-'.$year.'.png';
|
||||
} else {
|
||||
|
||||
@ -113,7 +113,7 @@ class Fournisseur extends Societe
|
||||
|
||||
$sql = "SELECT count(s.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
@ -178,12 +178,12 @@ class Fournisseur extends Societe
|
||||
|
||||
$sql = "SELECT s.rowid, s.nom as name";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " WHERE s.fournisseur = 1";
|
||||
$sql .= " AND s.entity IN (".getEntity('societe').")";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
|
||||
}
|
||||
|
||||
|
||||
@ -2965,7 +2965,7 @@ class CommandeFournisseur extends CommonOrder
|
||||
$sql = "SELECT count(co.rowid) as nb";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as co";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = "AND";
|
||||
@ -3003,7 +3003,7 @@ class CommandeFournisseur extends CommonOrder
|
||||
|
||||
$sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.fk_statut, c.date_livraison as delivery_date";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) {
|
||||
if (empty($user->rights->societe->client->voir) && !$user->socid) {
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc";
|
||||
$sql .= " WHERE sc.fk_user = ".((int) $user->id);
|
||||
$clause = " AND";
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user