Fix bug #26999 : Pb in editing a member linked to a user
This commit is contained in:
Laurent Destailleur
parent
e93964a718
commit
498a3b3546
@ -365,20 +365,21 @@ class Adherent extends CommonObject
|
||||
|
||||
|
||||
/**
|
||||
* \brief Fonction qui met a jour l'adherent (sauf mot de passe)
|
||||
* \brief Update a member in database (standard information and password)
|
||||
* \param user User making update
|
||||
* \param notrigger 1=desactive le trigger UPDATE (quand appele par creation)
|
||||
* \param nosyncuser Do not synchronize linked user
|
||||
* \return int <0 si KO, >0 si OK
|
||||
* \param notrigger 1=disable trigger UPDATE (when called by create)
|
||||
* \param nosyncuser 0=Synchronize linked user (standard info), 1=Do not synchronize linked user
|
||||
* \param nosyncuserpass 0=Synchronize linked user (password), 1=Do not synchronize linked user
|
||||
* \return int <0 si KO, >0 si OK
|
||||
*/
|
||||
function update($user,$notrigger=0,$nosyncuser=0)
|
||||
function update($user,$notrigger=0,$nosyncuser=0,$nosyncuserpass=0)
|
||||
{
|
||||
global $conf, $langs;
|
||||
|
||||
$nbrowsaffected=0;
|
||||
$error=0;
|
||||
|
||||
dol_syslog("Adherent::update notrigger=".$notrigger.", nosyncuser=".$nosyncuser.", email=".$this->email);
|
||||
dol_syslog("Adherent::update notrigger=".$notrigger.", nosyncuser=".$nosyncuser.", nosyncuserpass=".$nosyncuserpass.", email=".$this->email);
|
||||
|
||||
// Verification parametres
|
||||
if ($conf->global->ADHERENT_MAIL_REQUIRED && ! isValidEMail($this->email))
|
||||
@ -415,6 +416,8 @@ class Adherent extends CommonObject
|
||||
$sql.= ", fk_user_mod=".($user->id>0?$user->id:'null'); // Can be null because member can be create by a guest
|
||||
$sql.= " WHERE rowid = ".$this->id;
|
||||
|
||||
dol_syslog("Adherent::update UPDATE MEMBER");
|
||||
|
||||
dol_syslog("Adherent::update sql=".$sql);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql)
|
||||
@ -463,19 +466,20 @@ class Adherent extends CommonObject
|
||||
}
|
||||
}
|
||||
|
||||
// Mise a jour mot de passe
|
||||
// Update password
|
||||
if ($this->pass)
|
||||
{
|
||||
dol_syslog("Adherent::update UPDATE PASSWORD");
|
||||
if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted)
|
||||
{
|
||||
// Si mot de passe saisi et different de celui en base
|
||||
$result=$this->setPassword($user,$this->pass,0,$notrigger);
|
||||
|
||||
$result=$this->setPassword($user,$this->pass,0,$notrigger,$nosyncuserpass);
|
||||
if (! $nbrowsaffected) $nbrowsaffected++;
|
||||
}
|
||||
}
|
||||
|
||||
// Remove link to user
|
||||
dol_syslog("Adherent::update UPDATE LINK TO USER");
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL where fk_member = ".$this->id;
|
||||
dol_syslog("Adherent::update sql=".$sql, LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -495,6 +499,8 @@ class Adherent extends CommonObject
|
||||
{
|
||||
require_once(DOL_DOCUMENT_ROOT."/user.class.php");
|
||||
|
||||
dol_syslog("Adherent::update UPDATE LINKED USER");
|
||||
|
||||
// This member is linked with a user, so we also update users informations
|
||||
// if this is an update.
|
||||
$luser=new User($this->db);
|
||||
@ -517,7 +523,7 @@ class Adherent extends CommonObject
|
||||
|
||||
$luser->fk_member=$this->id;
|
||||
|
||||
$result=$luser->update($user,0,1);
|
||||
$result=$luser->update($user,0,1,1); // Use nosync to 1 to avoid cyclic updates
|
||||
if ($result < 0)
|
||||
{
|
||||
$this->error=$luser->error;
|
||||
@ -699,7 +705,7 @@ class Adherent extends CommonObject
|
||||
|
||||
|
||||
/**
|
||||
* \brief Change le mot de passe d'un utilisateur
|
||||
* \brief Change password of a user
|
||||
* \param user Object user de l'utilisateur qui fait la modification
|
||||
* \param password Nouveau mot de passe (e generer si non communique)
|
||||
* \param isencrypted 0 ou 1 si il faut crypter le mot de passe en base (0 par defaut)
|
||||
@ -744,7 +750,7 @@ class Adherent extends CommonObject
|
||||
$result = $this->db->query($sql);
|
||||
if ($result)
|
||||
{
|
||||
$nbaffectedrows=$this->db->affected_rows();
|
||||
$nbaffectedrows=$this->db->affected_rows($result);
|
||||
|
||||
if ($nbaffectedrows)
|
||||
{
|
||||
@ -847,13 +853,21 @@ class Adherent extends CommonObject
|
||||
|
||||
$this->db->begin();
|
||||
|
||||
// Update link to third party
|
||||
if ($thirdpartyid > 0)
|
||||
{
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET fk_soc = null where fk_soc = '".$thirdpartyid."'";
|
||||
dol_syslog("Adherent::setThirdPartyId sql=".$sql);
|
||||
$resql = $this->db->query($sql);
|
||||
}
|
||||
|
||||
// Update link to third party
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET fk_soc = ".($thirdpartyid>0 ? $thirdpartyid : 'null');
|
||||
$sql.= " WHERE rowid = ".$this->id;
|
||||
|
||||
dol_syslog("Adherent::setThirdPartyId sql=".$sql);
|
||||
$result = $this->db->query($sql);
|
||||
if ($result)
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql)
|
||||
{
|
||||
$this->db->commit();
|
||||
return 1;
|
||||
|
||||
@ -77,8 +77,7 @@ $canaddmember=$user->rights->adherent->creer;
|
||||
// Define variables to know what current user can do on properties of a member
|
||||
if ($rowid)
|
||||
{
|
||||
$caneditfieldmember=( (($user->id == $adh->user_id) && $user->rights->adherent->self->creer)
|
||||
|| (($user->id != $adh->user_id) && $user->rights->adherent->creer) );
|
||||
$caneditfieldmember=$user->rights->adherent->creer;
|
||||
}
|
||||
|
||||
|
||||
@ -87,19 +86,62 @@ if ($rowid)
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($_POST['action'] == 'setuserid')
|
||||
if ($_POST['action'] == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer))
|
||||
{
|
||||
$result=$adh->setUserId($_POST["userid"]);
|
||||
if ($result < 0) dol_print_error($adh->db,$adh->error);
|
||||
$_POST['action']='';
|
||||
$action='';
|
||||
$error=0;
|
||||
if (empty($user->rights->user->user->creer)) // If can edit only itself user, we can link to itself only
|
||||
{
|
||||
if ($_POST["userid"] != $user->id && $_POST["userid"] != $adh->user_id)
|
||||
{
|
||||
$error++;
|
||||
$mesg='<div class="error">'.$langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly").'</div>';
|
||||
}
|
||||
}
|
||||
|
||||
if (! $error)
|
||||
{
|
||||
if ($_POST["userid"] != $adh->user_id) // If link differs from currently in database
|
||||
{
|
||||
$result=$adh->setUserId($_POST["userid"]);
|
||||
if ($result < 0) dol_print_error($adh->db,$adh->error);
|
||||
$_POST['action']='';
|
||||
$action='';
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($_POST['action'] == 'setsocid')
|
||||
{
|
||||
$result=$adh->setThirdPartyId($_POST["socid"]);
|
||||
if ($result < 0) dol_print_error($adh->db,$adh->error);
|
||||
$_POST['action']='';
|
||||
$action='';
|
||||
$error=0;
|
||||
if (! $error)
|
||||
{
|
||||
if ($_POST["socid"] != $adh->fk_soc) // If link differs from currently in database
|
||||
{
|
||||
$sql ="SELECT rowid FROM ".MAIN_DB_PREFIX."adherent";
|
||||
$sql.=" WHERE fk_soc = '".$_POST["socid"]."'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql)
|
||||
{
|
||||
$obj = $db->fetch_object($resql);
|
||||
if ($obj && $obj->rowid > 0)
|
||||
{
|
||||
$othermember=new Adherent($db);
|
||||
$othermember->fetch($obj->rowid);
|
||||
$thirdparty=new Societe($db);
|
||||
$thirdparty->fetch($_POST["socid"]);
|
||||
$error++;
|
||||
$mesg='<div class="error">'.$langs->trans("ErrorMemberIsAlreadyLinkedToThisThirdParty",$othermember->fullname,$othermember->login,$thirdparty->nom).'</div>';
|
||||
}
|
||||
}
|
||||
|
||||
if (! $error)
|
||||
{
|
||||
$result=$adh->setThirdPartyId($_POST["socid"]);
|
||||
if ($result < 0) dol_print_error($adh->db,$adh->error);
|
||||
$_POST['action']='';
|
||||
$action='';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Create user from a member
|
||||
@ -148,113 +190,116 @@ if ($_REQUEST["action"] == 'confirm_sendinfo' && $_REQUEST["confirm"] == 'yes')
|
||||
{
|
||||
if ($adh->email)
|
||||
{
|
||||
$result=$adh->send_an_email("Voici le contenu de votre fiche\n\n%INFOS%\n\n","Contenu de votre fiche adherent");
|
||||
$result=$adh->send_an_email($langs->transnoentitiesnoconv("ThisIsContentOfYourCard")."\n\n%INFOS%\n\n",$langs->transnoentitiesnoconv("CardContent"));
|
||||
$mesg=$langs->trans("CardSent");
|
||||
}
|
||||
}
|
||||
|
||||
if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
|
||||
if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adherent->creer)
|
||||
{
|
||||
// Is it a new link to a user ?
|
||||
$nosyncuser=0;
|
||||
if ($adh->user_id != $_POST["userid"]) $nosyncuser=1;
|
||||
|
||||
// If change (allowed on all members) or (allowed on myself and i am edited memeber)
|
||||
if ($user->rights->adherent->creer || ($user->rights->adherent->self->creer && $adh->user_id == $user->id))
|
||||
$datenaiss='';
|
||||
if (isset($_POST["naissday"]) && $_POST["naissday"]
|
||||
&& isset($_POST["naissmonth"]) && $_POST["naissmonth"]
|
||||
&& isset($_POST["naissyear"]) && $_POST["naissyear"])
|
||||
{
|
||||
$datenaiss='';
|
||||
if (isset($_POST["naissday"]) && $_POST["naissday"]
|
||||
&& isset($_POST["naissmonth"]) && $_POST["naissmonth"]
|
||||
&& isset($_POST["naissyear"]) && $_POST["naissyear"])
|
||||
$datenaiss=dol_mktime(12, 0, 0, $_POST["naissmonth"], $_POST["naissday"], $_POST["naissyear"]);
|
||||
}
|
||||
//print $_POST["naissmonth"].", ".$_POST["naissday"].", ".$_POST["naissyear"]." ".$datenaiss." ".adodb_strftime('%Y-%m-%d %H:%M:%S',$datenaiss);
|
||||
|
||||
// Create new object
|
||||
if ($result > 0)
|
||||
{
|
||||
// Modifie valeures
|
||||
$adh->prenom = trim($_POST["prenom"]);
|
||||
$adh->nom = trim($_POST["nom"]);
|
||||
$adh->fullname = trim($adh->prenom.' '.$adh->nom);
|
||||
$adh->login = trim($_POST["login"]);
|
||||
$adh->pass = trim($_POST["pass"]);
|
||||
|
||||
$adh->societe = trim($_POST["societe"]);
|
||||
$adh->adresse = trim($_POST["adresse"]);
|
||||
$adh->cp = trim($_POST["cp"]);
|
||||
$adh->ville = trim($_POST["ville"]);
|
||||
$adh->pays_id = $_POST["pays"];
|
||||
|
||||
$adh->phone = trim($_POST["phone"]);
|
||||
$adh->phone_perso = trim($_POST["phone_perso"]);
|
||||
$adh->phone_mobile= trim($_POST["phone_mobile"]);
|
||||
$adh->email = trim($_POST["email"]);
|
||||
$adh->naiss = $datenaiss;
|
||||
|
||||
$adh->typeid = $_POST["typeid"];
|
||||
$adh->note = trim($_POST["comment"]);
|
||||
$adh->morphy = $_POST["morphy"];
|
||||
|
||||
$adh->amount = $_POST["amount"];
|
||||
|
||||
// Get status and public property
|
||||
$adh->statut = $_POST["statut"];
|
||||
$adh->public = $_POST["public"];
|
||||
|
||||
foreach($_POST as $key => $value)
|
||||
{
|
||||
$datenaiss=dol_mktime(12, 0, 0, $_POST["naissmonth"], $_POST["naissday"], $_POST["naissyear"]);
|
||||
}
|
||||
//print $_POST["naissmonth"].", ".$_POST["naissday"].", ".$_POST["naissyear"]." ".$datenaiss." ".adodb_strftime('%Y-%m-%d %H:%M:%S',$datenaiss);
|
||||
|
||||
// Charge objet actuel
|
||||
if ($result > 0)
|
||||
{
|
||||
// Modifie valeures
|
||||
$adh->prenom = trim($_POST["prenom"]);
|
||||
$adh->nom = trim($_POST["nom"]);
|
||||
$adh->fullname = trim($adh->prenom.' '.$adh->nom);
|
||||
$adh->login = trim($_POST["login"]);
|
||||
$adh->pass = trim($_POST["pass"]);
|
||||
|
||||
$adh->societe = trim($_POST["societe"]);
|
||||
$adh->adresse = trim($_POST["adresse"]);
|
||||
$adh->cp = trim($_POST["cp"]);
|
||||
$adh->ville = trim($_POST["ville"]);
|
||||
$adh->pays_id = $_POST["pays"];
|
||||
|
||||
$adh->phone = trim($_POST["phone"]);
|
||||
$adh->phone_perso = trim($_POST["phone_perso"]);
|
||||
$adh->phone_mobile= trim($_POST["phone_mobile"]);
|
||||
$adh->email = trim($_POST["email"]);
|
||||
$adh->naiss = $datenaiss;
|
||||
|
||||
$adh->typeid = $_POST["typeid"];
|
||||
$adh->note = trim($_POST["comment"]);
|
||||
$adh->morphy = $_POST["morphy"];
|
||||
|
||||
$adh->amount = $_POST["amount"];
|
||||
|
||||
// recuperation du statut et public
|
||||
$adh->statut = $_POST["statut"];
|
||||
$adh->public = $_POST["public"];
|
||||
|
||||
$adh->fk_soc = $_POST["socid"];
|
||||
$adh->user_id = $_POST["userid"];
|
||||
|
||||
foreach($_POST as $key => $value)
|
||||
if (ereg("^options_",$key))
|
||||
{
|
||||
if (ereg("^options_",$key))
|
||||
//escape values from POST, at least with addslashes, to avoid obvious SQL injections
|
||||
//(array_options is directly input in the DB in adherent.class.php::update())
|
||||
$adh->array_options[$key]=addslashes($_POST[$key]);
|
||||
}
|
||||
}
|
||||
|
||||
// Check if we need to also synchronize user information
|
||||
$nosyncuser=0;
|
||||
if ($adh->user_id) // If linked to a user
|
||||
{
|
||||
if ($user->id != $adh->user_id && empty($user->rights->user->user->creer)) $nosyncuser=1; // Disable synchronizing
|
||||
}
|
||||
|
||||
// Check if we need to also synchronize password information
|
||||
$nosyncuserpass=0;
|
||||
if ($adh->user_id) // If linked to a user
|
||||
{
|
||||
if ($user->id != $adh->user_id && empty($user->rights->user->user->password)) $nosyncuserpass=1; // Disable synchronizing
|
||||
}
|
||||
|
||||
$result=$adh->update($user,0,$nosyncuser,$nosyncuserpass);
|
||||
if ($result >= 0 && ! sizeof($adh->errors))
|
||||
{
|
||||
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
|
||||
{
|
||||
// If photo is provided
|
||||
if (! is_dir($conf->adherent->dir_output))
|
||||
{
|
||||
//escape values from POST, at least with addslashes, to avoid obvious SQL injections
|
||||
//(array_options is directly input in the DB in adherent.class.php::update())
|
||||
$adh->array_options[$key]=addslashes($_POST[$key]);
|
||||
create_exdir($conf->adherent->dir_output);
|
||||
}
|
||||
if (is_dir($conf->adherent->dir_output))
|
||||
{
|
||||
$newfile=$conf->adherent->dir_output . "/" . $adh->id . ".jpg";
|
||||
if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0)
|
||||
{
|
||||
$message .= '<div class="error">'.$langs->trans("ErrorFailedToSaveFile").'</div>';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$result=$adh->update($user,0,$nosyncuser);
|
||||
if ($result >= 0 && ! sizeof($adh->errors))
|
||||
$_GET["rowid"]=$adh->id;
|
||||
$_REQUEST["action"]='';
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($adh->error)
|
||||
{
|
||||
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
|
||||
{
|
||||
// If photo is provided
|
||||
if (! is_dir($conf->adherent->dir_output))
|
||||
{
|
||||
create_exdir($conf->adherent->dir_output);
|
||||
}
|
||||
if (is_dir($conf->adherent->dir_output))
|
||||
{
|
||||
$newfile=$conf->adherent->dir_output . "/" . $adh->id . ".jpg";
|
||||
if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0)
|
||||
{
|
||||
$message .= '<div class="error">'.$langs->trans("ErrorFailedToSaveFile").'</div>';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$_GET["rowid"]=$adh->id;
|
||||
$_REQUEST["action"]='';
|
||||
$errmsg=$adh->error;
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($adh->error)
|
||||
foreach($adh->errors as $error)
|
||||
{
|
||||
$errmsg=$adh->error;
|
||||
if ($errmsg) $errmsg.='<br>';
|
||||
$errmsg.=$error;
|
||||
}
|
||||
else
|
||||
{
|
||||
foreach($adh->errors as $error)
|
||||
{
|
||||
if ($errmsg) $errmsg.='<br>';
|
||||
$errmsg.=$error;
|
||||
}
|
||||
}
|
||||
$action='';
|
||||
}
|
||||
$action='';
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -661,7 +706,7 @@ if ($action == 'edit')
|
||||
|
||||
// Type
|
||||
print '<tr><td>'.$langs->trans("Type").'*</td><td>';
|
||||
if ($user->rights->adherent->creer) // If $user->rights->adherent->self->creer, we do not allow.
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
$html->select_array("typeid", $adht->liste_array(), $adh->typeid);
|
||||
}
|
||||
@ -1126,7 +1171,12 @@ if ($rowid && $action != 'edit')
|
||||
print '</td><td class="valeur">';
|
||||
if ($_GET['action'] == 'editlogin')
|
||||
{
|
||||
print $html->form_users($_SERVER['PHP_SELF'].'?rowid='.$adh->id,$adh->user_id,'userid');
|
||||
/*$include=array();
|
||||
if (empty($user->rights->user->user->creer)) // If can edit only itself user, we can link to itself only
|
||||
{
|
||||
$include=array($adh->user_id,$user->id);
|
||||
}*/
|
||||
print $html->form_users($_SERVER['PHP_SELF'].'?rowid='.$adh->id,$adh->user_id,'userid','');
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -1149,129 +1199,131 @@ if ($rowid && $action != 'edit')
|
||||
*/
|
||||
print '<div class="tabsAction">';
|
||||
|
||||
// Modify
|
||||
if ($user->rights->adherent->creer || ($user->rights->adherent->self->creer && $adh->user_id == $user->id))
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=edit\">".$langs->trans("Modify")."</a>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Modify")."</font>";
|
||||
}
|
||||
|
||||
// Valider
|
||||
if ($adh->statut == -1)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=valid\">".$langs->trans("Validate")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Validate")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Reactiver
|
||||
if ($adh->statut == 0)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=valid\">".$langs->trans("Reenable")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Reenable")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Envoi fiche par mail
|
||||
if ($adh->statut >= 1 && $adh->email)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=sendinfo\">".$langs->trans("SendCardByMail")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("SendCardByMail")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Resilier
|
||||
if ($adh->statut >= 1)
|
||||
{
|
||||
if ($user->rights->adherent->supprimer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=resign\">".$langs->trans("Resiliate")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Resiliate")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Create third party
|
||||
if ($conf->societe->enabled && ! $adh->fk_soc)
|
||||
{
|
||||
if ($user->rights->societe->creer)
|
||||
{
|
||||
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&action=create_thirdparty">'.$langs->trans("CreateDolibarrThirdParty").'</a>';
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrThirdParty")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Create user
|
||||
if (! $user->societe_id && ! $adh->user_id)
|
||||
{
|
||||
if ($user->rights->user->user->creer)
|
||||
{
|
||||
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrLogin")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Delete
|
||||
if ($user->rights->adherent->supprimer)
|
||||
if ($action != 'editlogin' && $action != 'editthirdparty')
|
||||
{
|
||||
print "<a class=\"butActionDelete\" href=\"fiche.php?rowid=$adh->id&action=delete\">".$langs->trans("Delete")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Delete")."</font>";
|
||||
}
|
||||
// Modify
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=edit\">".$langs->trans("Modify")."</a>";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Modify")."</font>";
|
||||
}
|
||||
|
||||
// Valider
|
||||
if ($adh->statut == -1)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=valid\">".$langs->trans("Validate")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Validate")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Reactiver
|
||||
if ($adh->statut == 0)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=valid\">".$langs->trans("Reenable")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Reenable")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Envoi fiche par mail
|
||||
if ($adh->statut >= 1 && $adh->email)
|
||||
{
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=sendinfo\">".$langs->trans("SendCardByMail")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("SendCardByMail")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Resilier
|
||||
if ($adh->statut >= 1)
|
||||
{
|
||||
if ($user->rights->adherent->supprimer)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$rowid&action=resign\">".$langs->trans("Resiliate")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Resiliate")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Create third party
|
||||
if ($conf->societe->enabled && ! $adh->fk_soc)
|
||||
{
|
||||
if ($user->rights->societe->creer)
|
||||
{
|
||||
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&action=create_thirdparty">'.$langs->trans("CreateDolibarrThirdParty").'</a>';
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrThirdParty")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Create user
|
||||
if (! $user->societe_id && ! $adh->user_id)
|
||||
{
|
||||
if ($user->rights->user->user->creer)
|
||||
{
|
||||
print '<a class="butAction" href="fiche.php?rowid='.$adh->id.'&action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrLogin")."</font>";
|
||||
}
|
||||
}
|
||||
|
||||
// Delete
|
||||
if ($user->rights->adherent->supprimer)
|
||||
{
|
||||
print "<a class=\"butActionDelete\" href=\"fiche.php?rowid=$adh->id&action=delete\">".$langs->trans("Delete")."</a>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print "<font class=\"butActionRefused\" href=\"#\" title=\"".dol_escape_htmltag($langs->trans("NotEnoughPermissions"))."\">".$langs->trans("Delete")."</font>";
|
||||
}
|
||||
|
||||
// Action SPIP
|
||||
if ($conf->global->ADHERENT_USE_SPIP)
|
||||
{
|
||||
$isinspip=$adh->is_in_spip();
|
||||
if ($isinspip == 1)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=del_spip\">Suppression dans Spip</a>\n";
|
||||
}
|
||||
if ($isinspip == 0)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=add_spip\">Ajout dans Spip</a>\n";
|
||||
}
|
||||
if ($isinspip == -1) {
|
||||
print '<br><font class="error">Failed to connect to SPIP: '.$adh->error.'</font>';
|
||||
}
|
||||
}
|
||||
|
||||
// Action SPIP
|
||||
if ($conf->global->ADHERENT_USE_SPIP)
|
||||
{
|
||||
$isinspip=$adh->is_in_spip();
|
||||
if ($isinspip == 1)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=del_spip\">Suppression dans Spip</a>\n";
|
||||
}
|
||||
if ($isinspip == 0)
|
||||
{
|
||||
print "<a class=\"butAction\" href=\"fiche.php?rowid=$adh->id&action=add_spip\">Ajout dans Spip</a>\n";
|
||||
}
|
||||
if ($isinspip == -1) {
|
||||
print '<br><font class="error">Failed to connect to SPIP: '.$adh->error.'</font>';
|
||||
}
|
||||
}
|
||||
|
||||
print '</div>';
|
||||
print "<br>\n";
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Bandeau des cotisations
|
||||
*
|
||||
*/
|
||||
|
||||
print '<table border=0 width="100%">';
|
||||
|
||||
@ -449,7 +449,7 @@ class Form
|
||||
* \brief Output html form to select a third party
|
||||
* \param selected Preselected type
|
||||
* \param htmlname Name of field in form
|
||||
* \param filter Criteres optionnels de filtre
|
||||
* \param filter Optionnal filters criteras
|
||||
* \param showempty Add an empty field
|
||||
*/
|
||||
function select_societes($selected='',$htmlname='socid',$filter='',$showempty=0)
|
||||
@ -457,7 +457,7 @@ class Form
|
||||
global $conf,$user;
|
||||
|
||||
// On recherche les societes
|
||||
$sql = "SELECT s.rowid, s.nom";
|
||||
$sql = "SELECT s.rowid, s.nom, s.code_client, s.code_fournisseur";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX ."societe as s";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE s.entity = ".$conf->entity;
|
||||
@ -666,39 +666,44 @@ class Form
|
||||
|
||||
|
||||
/**
|
||||
* \brief Retourne la liste deroulante des utilisateurs
|
||||
* \brief Return select list of users
|
||||
* \param selected Id user preselected
|
||||
* \param htmlname Field name in form
|
||||
* \param show_empty 0=liste sans valeur nulle, 1=ajoute valeur inconnue
|
||||
* \param exclude List of users id to exclude
|
||||
* \param disabled If select list must be disabled
|
||||
* \param include List of users id to include
|
||||
*/
|
||||
function select_users($selected='',$htmlname='userid',$show_empty=0,$exclude='',$disabled=0)
|
||||
function select_users($selected='',$htmlname='userid',$show_empty=0,$exclude='',$disabled=0,$include='')
|
||||
{
|
||||
global $conf;
|
||||
|
||||
// Permettre l'exclusion d'utilisateurs
|
||||
if (is_array($exclude)) $excludeUsers = implode("','",$exclude);
|
||||
// Permettre l'inclusion d'utilisateurs
|
||||
if (is_array($include)) $includeUsers = implode("','",$include);
|
||||
|
||||
// On recherche les utilisateurs
|
||||
$sql = "SELECT u.rowid, u.name, u.firstname, u.login FROM";
|
||||
$sql.= " ".MAIN_DB_PREFIX ."user as u";
|
||||
$sql.= " WHERE u.entity IN (0,".$conf->entity.")";
|
||||
if (is_array($exclude) && $excludeUsers) $sql.= " AND u.rowid NOT IN ('".$excludeUsers."')";
|
||||
if (is_array($include) && $includeUsers) $sql.= " AND u.rowid IN ('".$includeUsers."')";
|
||||
$sql.= " ORDER BY u.name ASC";
|
||||
|
||||
dol_syslog("Form::select_users sql=".$sql);
|
||||
if ($this->db->query($sql))
|
||||
$resql=$this->db->query($sql);
|
||||
if ($resql)
|
||||
{
|
||||
print '<select class="flat" name="'.$htmlname.'"'.($disabled?' disabled="true"':'').'>';
|
||||
if ($show_empty) print '<option value="-1"'.($id==-1?' selected="true"':'').'> </option>'."\n";
|
||||
$num = $this->db->num_rows();
|
||||
$num = $this->db->num_rows($resql);
|
||||
$i = 0;
|
||||
if ($num)
|
||||
{
|
||||
while ($i < $num)
|
||||
{
|
||||
$obj = $this->db->fetch_object();
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
|
||||
if ((is_object($selected) && $selected->id == $obj->rowid) || (! is_object($selected) && $selected == $obj->rowid))
|
||||
{
|
||||
@ -1789,12 +1794,14 @@ class Form
|
||||
|
||||
|
||||
/**
|
||||
* \brief Affiche formulaire de selection d'un utilisateur
|
||||
* \param page Page
|
||||
* \param selected Id of user preselected
|
||||
* \param htmlname Name of input html field
|
||||
* \brief Affiche formulaire de selection d'un utilisateur
|
||||
* \param page Page
|
||||
* \param selected Id of user preselected
|
||||
* \param htmlname Name of input html field
|
||||
* \param exclude List of users id to exclude
|
||||
* \param include List of users id to include
|
||||
*/
|
||||
function form_users($page, $selected='', $htmlname='userid')
|
||||
function form_users($page, $selected='', $htmlname='userid', $exclude='', $include='')
|
||||
{
|
||||
global $langs;
|
||||
|
||||
@ -1805,7 +1812,7 @@ class Form
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="nobordernopadding" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
print $this->select_users($selected,$htmlname,1,0,0);
|
||||
print $this->select_users($selected,$htmlname,1,$exclude,0,$include);
|
||||
print '</td>';
|
||||
print '<td align="left"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></td>';
|
||||
print '</tr></table></form>';
|
||||
|
||||
@ -26,19 +26,18 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file htdocs/includes/modules/modAdherent.class.php
|
||||
* \ingroup adherent
|
||||
* \brief Fichier de description et activation du module adherents
|
||||
* \file htdocs/includes/modules/modAdherent.class.php
|
||||
* \ingroup adherent
|
||||
* \brief Fichier de description et activation du module adherents
|
||||
* \version $Id$
|
||||
*/
|
||||
|
||||
include_once(DOL_DOCUMENT_ROOT ."/includes/modules/DolibarrModules.class.php");
|
||||
|
||||
/**
|
||||
\class modAdherent
|
||||
\brief Classe de description et activation du module Adherent
|
||||
*/
|
||||
|
||||
* \class modAdherent
|
||||
* \brief Classe de description et activation du module Adherent
|
||||
*/
|
||||
class modAdherent extends DolibarrModules
|
||||
{
|
||||
|
||||
|
||||
@ -16,6 +16,12 @@ ErrorMemberTypeNotDefined=Member type not defined
|
||||
ListOfPublicMembers=List of public members
|
||||
ListOfValidatedPublicMembers=List of validated public members
|
||||
ErrorThisMemberIsNotPublic=This member is not public
|
||||
ErrorMemberIsAlreadyLinkedToThisThirdParty=Another member (name: <b>%s</b>, login: <b>%s</b>) is already linked to a third party <b>%s</b>. Remove this link first because a third party can't be linked to only a member (and vice versa).
|
||||
ErrorUserPermissionAllowsToLinksToItselfOnly=For security reasons, you must be granted permissions to edit all users to be able to link a member to a user that is not yours.
|
||||
ThisIsContentOfYourCard=This is details of your card
|
||||
CardContent=Content of your member card
|
||||
SetLinkToUser=Link to a Dolibarr user
|
||||
SetLinkToThirdParty=Link to a Dolibarr third party
|
||||
MembersCards=Members print cards
|
||||
MembersList=List of members
|
||||
MembersListToValid=List of draft members (to be validated)
|
||||
|
||||
@ -16,6 +16,12 @@ ErrorMemberTypeNotDefined=Le type d'adhérent n'est pas choisi
|
||||
ListOfPublicMembers=Liste des adhérents publiques
|
||||
ListOfValidatedPublicMembers=Liste des adhérents publiques validés
|
||||
ErrorThisMemberIsNotPublic=Cet adhérent n'est pas publique
|
||||
ErrorMemberIsAlreadyLinkedToThisThirdParty=Un autre adhérent (nom: <b>%s</b>, login: <b>%s</b>) est déjà lié au tiers <b>%s</b>. Supprimer le lien existant d'abord car un tiers ne peut être lié qu'à un seul adhérent (et vice versa).
|
||||
ErrorUserPermissionAllowsToLinksToItselfOnly=Pour des raisons de sécurité, il faut posséder les droits de modification de tous les utilisateurs pour pouvoir lier un adhérent à un utilisateur autre que vous même.
|
||||
ThisIsContentOfYourCard=Voici les détails de votre fiche
|
||||
CardContent=Contenu de votre fiche adherent
|
||||
SetLinkToUser=Lier à un utilisateur Dolibarr
|
||||
SetLinkToThirdParty=Lier à un tiers Dolibarr
|
||||
MembersCards=Cartes des adhérents
|
||||
MembersList=Liste des adhérents
|
||||
MembersListToValid=Liste des adhérents brouillons (à valider)
|
||||
|
||||
@ -956,20 +956,21 @@ class User extends CommonObject
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Mise e jour en base d'un utilisateur (sauf info mot de passe)
|
||||
* \param user User qui fait la mise a jour
|
||||
* \param notrigger 1 ne declenche pas les triggers, 0 sinon
|
||||
* \param nosyncmember Do not synchronize linked member
|
||||
* \return int <0 si KO, >=0 si OK
|
||||
* \brief Mise e jour en base d'un utilisateur (sauf info mot de passe)
|
||||
* \param user User qui fait la mise a jour
|
||||
* \param notrigger 1 ne declenche pas les triggers, 0 sinon
|
||||
* \param nosyncmember 0=Synchronize linked member (standard info), 1=Do not synchronize linked member
|
||||
* \param nosyncmemberpass 0=Synchronize linked member (password), 1=Do not synchronize linked member
|
||||
* \return int <0 si KO, >=0 si OK
|
||||
*/
|
||||
function update($user,$notrigger=0,$nosyncmember=0)
|
||||
function update($user,$notrigger=0,$nosyncmember=0,$nosyncmemberpass=0)
|
||||
{
|
||||
global $conf, $langs;
|
||||
|
||||
$nbrowsaffected=0;
|
||||
$error=0;
|
||||
|
||||
dol_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember);
|
||||
dol_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember.", nosyncmemberpass=".$nosyncmemberpass);
|
||||
|
||||
// Clean parameters
|
||||
$this->nom = trim($this->nom);
|
||||
@ -1015,13 +1016,13 @@ class User extends CommonObject
|
||||
{
|
||||
$nbrowsaffected+=$this->db->affected_rows($resql);
|
||||
|
||||
// Mise a jour mot de passe
|
||||
// Update password
|
||||
if ($this->pass)
|
||||
{
|
||||
if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted)
|
||||
{
|
||||
// Si mot de passe saisi et different de celui en base
|
||||
$result=$this->setPassword($user,$this->pass,0,$notrigger);
|
||||
$result=$this->setPassword($user,$this->pass,0,$notrigger,$nosyncmemberpass);
|
||||
if (! $nbrowsaffected) $nbrowsaffected++;
|
||||
}
|
||||
}
|
||||
@ -1164,7 +1165,7 @@ class User extends CommonObject
|
||||
|
||||
$error=0;
|
||||
|
||||
dol_syslog("User::setPassword user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger, LOG_DEBUG);
|
||||
dol_syslog("User::setPassword user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger." nosyncmember=".$nosyncmember, LOG_DEBUG);
|
||||
|
||||
// Si nouveau mot de passe non communique, on genere par module
|
||||
if (! $password)
|
||||
@ -1776,9 +1777,9 @@ class User extends CommonObject
|
||||
|
||||
|
||||
/**
|
||||
\brief Fonction pour creer un mot de passe aleatoire en minuscule
|
||||
\param sel Donnee aleatoire
|
||||
\return string Mot de passe
|
||||
* \brief Fonction pour creer un mot de passe aleatoire en minuscule
|
||||
* \param sel Donnee aleatoire
|
||||
* \return string Mot de passe
|
||||
*/
|
||||
function creer_pass_aleatoire_1($sel = "")
|
||||
{
|
||||
@ -1789,11 +1790,11 @@ function creer_pass_aleatoire_1($sel = "")
|
||||
|
||||
|
||||
/**
|
||||
\brief Fonction pour creer un mot de passe aleatoire melangeant majuscule,
|
||||
minuscule, chiffre et alpha et caracteres speciaux
|
||||
\remarks La fonction a ete prise sur http://www.uzine.net/spip
|
||||
\param sel Donnee aleatoire
|
||||
\return string Mot de passe
|
||||
* \brief Fonction pour creer un mot de passe aleatoire melangeant majuscule,
|
||||
* minuscule, chiffre et alpha et caracteres speciaux
|
||||
* \remarks La fonction a ete prise sur http://www.uzine.net/spip
|
||||
* \param sel Donnee aleatoire
|
||||
* \return string Mot de passe
|
||||
*/
|
||||
function creer_pass_aleatoire_2($sel = "")
|
||||
{
|
||||
@ -1806,8 +1807,8 @@ function creer_pass_aleatoire_2($sel = "")
|
||||
{
|
||||
if (!$s)
|
||||
{
|
||||
if (!$s) $s = mt_rand();
|
||||
$s = substr(md5(uniqid($s).$sel), 0, 16);
|
||||
if (!$s) $s = mt_rand();
|
||||
$s = substr(md5(uniqid($s).$sel), 0, 16);
|
||||
}
|
||||
$r = unpack("Cr", pack("H2", $s.$s));
|
||||
$x = $r['r'] & 63;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user