From 498a3b35460ddc84522e1c3b9d6f14896948b9fa Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Jul 2009 00:08:49 +0000 Subject: [PATCH] Fix bug #26999 : Pb in editing a member linked to a user --- htdocs/adherents/adherent.class.php | 42 +- htdocs/adherents/fiche.php | 480 ++++++++++-------- htdocs/html.form.class.php | 33 +- htdocs/includes/modules/modAdherent.class.php | 13 +- htdocs/langs/en_US/members.lang | 6 + htdocs/langs/fr_FR/members.lang | 6 + htdocs/user.class.php | 41 +- 7 files changed, 353 insertions(+), 268 deletions(-) diff --git a/htdocs/adherents/adherent.class.php b/htdocs/adherents/adherent.class.php index 68829482589..19e3554d155 100644 --- a/htdocs/adherents/adherent.class.php +++ b/htdocs/adherents/adherent.class.php @@ -365,20 +365,21 @@ class Adherent extends CommonObject /** - * \brief Fonction qui met a jour l'adherent (sauf mot de passe) + * \brief Update a member in database (standard information and password) * \param user User making update - * \param notrigger 1=desactive le trigger UPDATE (quand appele par creation) - * \param nosyncuser Do not synchronize linked user - * \return int <0 si KO, >0 si OK + * \param notrigger 1=disable trigger UPDATE (when called by create) + * \param nosyncuser 0=Synchronize linked user (standard info), 1=Do not synchronize linked user + * \param nosyncuserpass 0=Synchronize linked user (password), 1=Do not synchronize linked user + * \return int <0 si KO, >0 si OK */ - function update($user,$notrigger=0,$nosyncuser=0) + function update($user,$notrigger=0,$nosyncuser=0,$nosyncuserpass=0) { global $conf, $langs; $nbrowsaffected=0; $error=0; - dol_syslog("Adherent::update notrigger=".$notrigger.", nosyncuser=".$nosyncuser.", email=".$this->email); + dol_syslog("Adherent::update notrigger=".$notrigger.", nosyncuser=".$nosyncuser.", nosyncuserpass=".$nosyncuserpass.", email=".$this->email); // Verification parametres if ($conf->global->ADHERENT_MAIL_REQUIRED && ! isValidEMail($this->email)) @@ -415,6 +416,8 @@ class Adherent extends CommonObject $sql.= ", fk_user_mod=".($user->id>0?$user->id:'null'); // Can be null because member can be create by a guest $sql.= " WHERE rowid = ".$this->id; + dol_syslog("Adherent::update UPDATE MEMBER"); + dol_syslog("Adherent::update sql=".$sql); $resql = $this->db->query($sql); if ($resql) @@ -463,19 +466,20 @@ class Adherent extends CommonObject } } - // Mise a jour mot de passe + // Update password if ($this->pass) { + dol_syslog("Adherent::update UPDATE PASSWORD"); if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) { // Si mot de passe saisi et different de celui en base - $result=$this->setPassword($user,$this->pass,0,$notrigger); - + $result=$this->setPassword($user,$this->pass,0,$notrigger,$nosyncuserpass); if (! $nbrowsaffected) $nbrowsaffected++; } } // Remove link to user + dol_syslog("Adherent::update UPDATE LINK TO USER"); $sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL where fk_member = ".$this->id; dol_syslog("Adherent::update sql=".$sql, LOG_DEBUG); $resql = $this->db->query($sql); @@ -495,6 +499,8 @@ class Adherent extends CommonObject { require_once(DOL_DOCUMENT_ROOT."/user.class.php"); + dol_syslog("Adherent::update UPDATE LINKED USER"); + // This member is linked with a user, so we also update users informations // if this is an update. $luser=new User($this->db); @@ -517,7 +523,7 @@ class Adherent extends CommonObject $luser->fk_member=$this->id; - $result=$luser->update($user,0,1); + $result=$luser->update($user,0,1,1); // Use nosync to 1 to avoid cyclic updates if ($result < 0) { $this->error=$luser->error; @@ -699,7 +705,7 @@ class Adherent extends CommonObject /** - * \brief Change le mot de passe d'un utilisateur + * \brief Change password of a user * \param user Object user de l'utilisateur qui fait la modification * \param password Nouveau mot de passe (e generer si non communique) * \param isencrypted 0 ou 1 si il faut crypter le mot de passe en base (0 par defaut) @@ -744,7 +750,7 @@ class Adherent extends CommonObject $result = $this->db->query($sql); if ($result) { - $nbaffectedrows=$this->db->affected_rows(); + $nbaffectedrows=$this->db->affected_rows($result); if ($nbaffectedrows) { @@ -847,13 +853,21 @@ class Adherent extends CommonObject $this->db->begin(); + // Update link to third party + if ($thirdpartyid > 0) + { + $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET fk_soc = null where fk_soc = '".$thirdpartyid."'"; + dol_syslog("Adherent::setThirdPartyId sql=".$sql); + $resql = $this->db->query($sql); + } + // Update link to third party $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET fk_soc = ".($thirdpartyid>0 ? $thirdpartyid : 'null'); $sql.= " WHERE rowid = ".$this->id; dol_syslog("Adherent::setThirdPartyId sql=".$sql); - $result = $this->db->query($sql); - if ($result) + $resql = $this->db->query($sql); + if ($resql) { $this->db->commit(); return 1; diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php index 153e8f2e17d..0041f254719 100644 --- a/htdocs/adherents/fiche.php +++ b/htdocs/adherents/fiche.php @@ -77,8 +77,7 @@ $canaddmember=$user->rights->adherent->creer; // Define variables to know what current user can do on properties of a member if ($rowid) { - $caneditfieldmember=( (($user->id == $adh->user_id) && $user->rights->adherent->self->creer) - || (($user->id != $adh->user_id) && $user->rights->adherent->creer) ); + $caneditfieldmember=$user->rights->adherent->creer; } @@ -87,19 +86,62 @@ if ($rowid) * Actions */ -if ($_POST['action'] == 'setuserid') +if ($_POST['action'] == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) { - $result=$adh->setUserId($_POST["userid"]); - if ($result < 0) dol_print_error($adh->db,$adh->error); - $_POST['action']=''; - $action=''; + $error=0; + if (empty($user->rights->user->user->creer)) // If can edit only itself user, we can link to itself only + { + if ($_POST["userid"] != $user->id && $_POST["userid"] != $adh->user_id) + { + $error++; + $mesg='
'.$langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly").'
'; + } + } + + if (! $error) + { + if ($_POST["userid"] != $adh->user_id) // If link differs from currently in database + { + $result=$adh->setUserId($_POST["userid"]); + if ($result < 0) dol_print_error($adh->db,$adh->error); + $_POST['action']=''; + $action=''; + } + } } if ($_POST['action'] == 'setsocid') { - $result=$adh->setThirdPartyId($_POST["socid"]); - if ($result < 0) dol_print_error($adh->db,$adh->error); - $_POST['action']=''; - $action=''; + $error=0; + if (! $error) + { + if ($_POST["socid"] != $adh->fk_soc) // If link differs from currently in database + { + $sql ="SELECT rowid FROM ".MAIN_DB_PREFIX."adherent"; + $sql.=" WHERE fk_soc = '".$_POST["socid"]."'"; + $resql = $db->query($sql); + if ($resql) + { + $obj = $db->fetch_object($resql); + if ($obj && $obj->rowid > 0) + { + $othermember=new Adherent($db); + $othermember->fetch($obj->rowid); + $thirdparty=new Societe($db); + $thirdparty->fetch($_POST["socid"]); + $error++; + $mesg='
'.$langs->trans("ErrorMemberIsAlreadyLinkedToThisThirdParty",$othermember->fullname,$othermember->login,$thirdparty->nom).'
'; + } + } + + if (! $error) + { + $result=$adh->setThirdPartyId($_POST["socid"]); + if ($result < 0) dol_print_error($adh->db,$adh->error); + $_POST['action']=''; + $action=''; + } + } + } } // Create user from a member @@ -148,113 +190,116 @@ if ($_REQUEST["action"] == 'confirm_sendinfo' && $_REQUEST["confirm"] == 'yes') { if ($adh->email) { - $result=$adh->send_an_email("Voici le contenu de votre fiche\n\n%INFOS%\n\n","Contenu de votre fiche adherent"); + $result=$adh->send_an_email($langs->transnoentitiesnoconv("ThisIsContentOfYourCard")."\n\n%INFOS%\n\n",$langs->transnoentitiesnoconv("CardContent")); $mesg=$langs->trans("CardSent"); } } -if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"]) +if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adherent->creer) { - // Is it a new link to a user ? - $nosyncuser=0; - if ($adh->user_id != $_POST["userid"]) $nosyncuser=1; - - // If change (allowed on all members) or (allowed on myself and i am edited memeber) - if ($user->rights->adherent->creer || ($user->rights->adherent->self->creer && $adh->user_id == $user->id)) + $datenaiss=''; + if (isset($_POST["naissday"]) && $_POST["naissday"] + && isset($_POST["naissmonth"]) && $_POST["naissmonth"] + && isset($_POST["naissyear"]) && $_POST["naissyear"]) { - $datenaiss=''; - if (isset($_POST["naissday"]) && $_POST["naissday"] - && isset($_POST["naissmonth"]) && $_POST["naissmonth"] - && isset($_POST["naissyear"]) && $_POST["naissyear"]) + $datenaiss=dol_mktime(12, 0, 0, $_POST["naissmonth"], $_POST["naissday"], $_POST["naissyear"]); + } + //print $_POST["naissmonth"].", ".$_POST["naissday"].", ".$_POST["naissyear"]." ".$datenaiss." ".adodb_strftime('%Y-%m-%d %H:%M:%S',$datenaiss); + + // Create new object + if ($result > 0) + { + // Modifie valeures + $adh->prenom = trim($_POST["prenom"]); + $adh->nom = trim($_POST["nom"]); + $adh->fullname = trim($adh->prenom.' '.$adh->nom); + $adh->login = trim($_POST["login"]); + $adh->pass = trim($_POST["pass"]); + + $adh->societe = trim($_POST["societe"]); + $adh->adresse = trim($_POST["adresse"]); + $adh->cp = trim($_POST["cp"]); + $adh->ville = trim($_POST["ville"]); + $adh->pays_id = $_POST["pays"]; + + $adh->phone = trim($_POST["phone"]); + $adh->phone_perso = trim($_POST["phone_perso"]); + $adh->phone_mobile= trim($_POST["phone_mobile"]); + $adh->email = trim($_POST["email"]); + $adh->naiss = $datenaiss; + + $adh->typeid = $_POST["typeid"]; + $adh->note = trim($_POST["comment"]); + $adh->morphy = $_POST["morphy"]; + + $adh->amount = $_POST["amount"]; + + // Get status and public property + $adh->statut = $_POST["statut"]; + $adh->public = $_POST["public"]; + + foreach($_POST as $key => $value) { - $datenaiss=dol_mktime(12, 0, 0, $_POST["naissmonth"], $_POST["naissday"], $_POST["naissyear"]); - } - //print $_POST["naissmonth"].", ".$_POST["naissday"].", ".$_POST["naissyear"]." ".$datenaiss." ".adodb_strftime('%Y-%m-%d %H:%M:%S',$datenaiss); - - // Charge objet actuel - if ($result > 0) - { - // Modifie valeures - $adh->prenom = trim($_POST["prenom"]); - $adh->nom = trim($_POST["nom"]); - $adh->fullname = trim($adh->prenom.' '.$adh->nom); - $adh->login = trim($_POST["login"]); - $adh->pass = trim($_POST["pass"]); - - $adh->societe = trim($_POST["societe"]); - $adh->adresse = trim($_POST["adresse"]); - $adh->cp = trim($_POST["cp"]); - $adh->ville = trim($_POST["ville"]); - $adh->pays_id = $_POST["pays"]; - - $adh->phone = trim($_POST["phone"]); - $adh->phone_perso = trim($_POST["phone_perso"]); - $adh->phone_mobile= trim($_POST["phone_mobile"]); - $adh->email = trim($_POST["email"]); - $adh->naiss = $datenaiss; - - $adh->typeid = $_POST["typeid"]; - $adh->note = trim($_POST["comment"]); - $adh->morphy = $_POST["morphy"]; - - $adh->amount = $_POST["amount"]; - - // recuperation du statut et public - $adh->statut = $_POST["statut"]; - $adh->public = $_POST["public"]; - - $adh->fk_soc = $_POST["socid"]; - $adh->user_id = $_POST["userid"]; - - foreach($_POST as $key => $value) + if (ereg("^options_",$key)) { - if (ereg("^options_",$key)) + //escape values from POST, at least with addslashes, to avoid obvious SQL injections + //(array_options is directly input in the DB in adherent.class.php::update()) + $adh->array_options[$key]=addslashes($_POST[$key]); + } + } + + // Check if we need to also synchronize user information + $nosyncuser=0; + if ($adh->user_id) // If linked to a user + { + if ($user->id != $adh->user_id && empty($user->rights->user->user->creer)) $nosyncuser=1; // Disable synchronizing + } + + // Check if we need to also synchronize password information + $nosyncuserpass=0; + if ($adh->user_id) // If linked to a user + { + if ($user->id != $adh->user_id && empty($user->rights->user->user->password)) $nosyncuserpass=1; // Disable synchronizing + } + + $result=$adh->update($user,0,$nosyncuser,$nosyncuserpass); + if ($result >= 0 && ! sizeof($adh->errors)) + { + if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) + { + // If photo is provided + if (! is_dir($conf->adherent->dir_output)) { - //escape values from POST, at least with addslashes, to avoid obvious SQL injections - //(array_options is directly input in the DB in adherent.class.php::update()) - $adh->array_options[$key]=addslashes($_POST[$key]); + create_exdir($conf->adherent->dir_output); + } + if (is_dir($conf->adherent->dir_output)) + { + $newfile=$conf->adherent->dir_output . "/" . $adh->id . ".jpg"; + if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0) + { + $message .= '
'.$langs->trans("ErrorFailedToSaveFile").'
'; + } } } - $result=$adh->update($user,0,$nosyncuser); - if ($result >= 0 && ! sizeof($adh->errors)) + $_GET["rowid"]=$adh->id; + $_REQUEST["action"]=''; + } + else + { + if ($adh->error) { - if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) - { - // If photo is provided - if (! is_dir($conf->adherent->dir_output)) - { - create_exdir($conf->adherent->dir_output); - } - if (is_dir($conf->adherent->dir_output)) - { - $newfile=$conf->adherent->dir_output . "/" . $adh->id . ".jpg"; - if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0) - { - $message .= '
'.$langs->trans("ErrorFailedToSaveFile").'
'; - } - } - } - - $_GET["rowid"]=$adh->id; - $_REQUEST["action"]=''; + $errmsg=$adh->error; } else { - if ($adh->error) + foreach($adh->errors as $error) { - $errmsg=$adh->error; + if ($errmsg) $errmsg.='
'; + $errmsg.=$error; } - else - { - foreach($adh->errors as $error) - { - if ($errmsg) $errmsg.='
'; - $errmsg.=$error; - } - } - $action=''; } + $action=''; } } } @@ -661,7 +706,7 @@ if ($action == 'edit') // Type print ''.$langs->trans("Type").'*'; - if ($user->rights->adherent->creer) // If $user->rights->adherent->self->creer, we do not allow. + if ($user->rights->adherent->creer) { $html->select_array("typeid", $adht->liste_array(), $adh->typeid); } @@ -1126,7 +1171,12 @@ if ($rowid && $action != 'edit') print ''; if ($_GET['action'] == 'editlogin') { - print $html->form_users($_SERVER['PHP_SELF'].'?rowid='.$adh->id,$adh->user_id,'userid'); + /*$include=array(); + if (empty($user->rights->user->user->creer)) // If can edit only itself user, we can link to itself only + { + $include=array($adh->user_id,$user->id); + }*/ + print $html->form_users($_SERVER['PHP_SELF'].'?rowid='.$adh->id,$adh->user_id,'userid',''); } else { @@ -1149,129 +1199,131 @@ if ($rowid && $action != 'edit') */ print '
'; - // Modify - if ($user->rights->adherent->creer || ($user->rights->adherent->self->creer && $adh->user_id == $user->id)) - { - print "".$langs->trans("Modify").""; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("Modify").""; - } - - // Valider - if ($adh->statut == -1) - { - if ($user->rights->adherent->creer) - { - print "".$langs->trans("Validate")."\n"; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("Validate").""; - } - } - - // Reactiver - if ($adh->statut == 0) - { - if ($user->rights->adherent->creer) - { - print "".$langs->trans("Reenable")."\n"; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("Reenable").""; - } - } - - // Envoi fiche par mail - if ($adh->statut >= 1 && $adh->email) - { - if ($user->rights->adherent->creer) - { - print "id&action=sendinfo\">".$langs->trans("SendCardByMail")."\n"; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("SendCardByMail").""; - } - } - - // Resilier - if ($adh->statut >= 1) - { - if ($user->rights->adherent->supprimer) - { - print "".$langs->trans("Resiliate")."\n"; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("Resiliate").""; - } - } - - // Create third party - if ($conf->societe->enabled && ! $adh->fk_soc) - { - if ($user->rights->societe->creer) - { - print ''.$langs->trans("CreateDolibarrThirdParty").''; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrThirdParty").""; - } - } - - // Create user - if (! $user->societe_id && ! $adh->user_id) - { - if ($user->rights->user->user->creer) - { - print ''.$langs->trans("CreateDolibarrLogin").''; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrLogin").""; - } - } - - // Delete - if ($user->rights->adherent->supprimer) + if ($action != 'editlogin' && $action != 'editthirdparty') { - print "id&action=delete\">".$langs->trans("Delete")."\n"; - } - else - { - print "trans("NotEnoughPermissions"))."\">".$langs->trans("Delete").""; - } + // Modify + if ($user->rights->adherent->creer) + { + print "".$langs->trans("Modify").""; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("Modify").""; + } + + // Valider + if ($adh->statut == -1) + { + if ($user->rights->adherent->creer) + { + print "".$langs->trans("Validate")."\n"; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("Validate").""; + } + } + + // Reactiver + if ($adh->statut == 0) + { + if ($user->rights->adherent->creer) + { + print "".$langs->trans("Reenable")."\n"; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("Reenable").""; + } + } + + // Envoi fiche par mail + if ($adh->statut >= 1 && $adh->email) + { + if ($user->rights->adherent->creer) + { + print "id&action=sendinfo\">".$langs->trans("SendCardByMail")."\n"; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("SendCardByMail").""; + } + } + + // Resilier + if ($adh->statut >= 1) + { + if ($user->rights->adherent->supprimer) + { + print "".$langs->trans("Resiliate")."\n"; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("Resiliate").""; + } + } + + // Create third party + if ($conf->societe->enabled && ! $adh->fk_soc) + { + if ($user->rights->societe->creer) + { + print ''.$langs->trans("CreateDolibarrThirdParty").''; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrThirdParty").""; + } + } + + // Create user + if (! $user->societe_id && ! $adh->user_id) + { + if ($user->rights->user->user->creer) + { + print ''.$langs->trans("CreateDolibarrLogin").''; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("CreateDolibarrLogin").""; + } + } + + // Delete + if ($user->rights->adherent->supprimer) + { + print "id&action=delete\">".$langs->trans("Delete")."\n"; + } + else + { + print "trans("NotEnoughPermissions"))."\">".$langs->trans("Delete").""; + } + + // Action SPIP + if ($conf->global->ADHERENT_USE_SPIP) + { + $isinspip=$adh->is_in_spip(); + if ($isinspip == 1) + { + print "id&action=del_spip\">Suppression dans Spip\n"; + } + if ($isinspip == 0) + { + print "id&action=add_spip\">Ajout dans Spip\n"; + } + if ($isinspip == -1) { + print '
Failed to connect to SPIP: '.$adh->error.''; + } + } - // Action SPIP - if ($conf->global->ADHERENT_USE_SPIP) - { - $isinspip=$adh->is_in_spip(); - if ($isinspip == 1) - { - print "id&action=del_spip\">Suppression dans Spip\n"; - } - if ($isinspip == 0) - { - print "id&action=add_spip\">Ajout dans Spip\n"; - } - if ($isinspip == -1) { - print '
Failed to connect to SPIP: '.$adh->error.''; - } } print '
'; print "
\n"; - /* * Bandeau des cotisations - * */ print ''; diff --git a/htdocs/html.form.class.php b/htdocs/html.form.class.php index bc566f6660e..057f2d02ab4 100644 --- a/htdocs/html.form.class.php +++ b/htdocs/html.form.class.php @@ -449,7 +449,7 @@ class Form * \brief Output html form to select a third party * \param selected Preselected type * \param htmlname Name of field in form - * \param filter Criteres optionnels de filtre + * \param filter Optionnal filters criteras * \param showempty Add an empty field */ function select_societes($selected='',$htmlname='socid',$filter='',$showempty=0) @@ -457,7 +457,7 @@ class Form global $conf,$user; // On recherche les societes - $sql = "SELECT s.rowid, s.nom"; + $sql = "SELECT s.rowid, s.nom, s.code_client, s.code_fournisseur"; $sql.= " FROM ".MAIN_DB_PREFIX ."societe as s"; if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.entity = ".$conf->entity; @@ -666,39 +666,44 @@ class Form /** - * \brief Retourne la liste deroulante des utilisateurs + * \brief Return select list of users * \param selected Id user preselected * \param htmlname Field name in form * \param show_empty 0=liste sans valeur nulle, 1=ajoute valeur inconnue * \param exclude List of users id to exclude * \param disabled If select list must be disabled + * \param include List of users id to include */ - function select_users($selected='',$htmlname='userid',$show_empty=0,$exclude='',$disabled=0) + function select_users($selected='',$htmlname='userid',$show_empty=0,$exclude='',$disabled=0,$include='') { global $conf; // Permettre l'exclusion d'utilisateurs if (is_array($exclude)) $excludeUsers = implode("','",$exclude); + // Permettre l'inclusion d'utilisateurs + if (is_array($include)) $includeUsers = implode("','",$include); // On recherche les utilisateurs $sql = "SELECT u.rowid, u.name, u.firstname, u.login FROM"; $sql.= " ".MAIN_DB_PREFIX ."user as u"; $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; if (is_array($exclude) && $excludeUsers) $sql.= " AND u.rowid NOT IN ('".$excludeUsers."')"; + if (is_array($include) && $includeUsers) $sql.= " AND u.rowid IN ('".$includeUsers."')"; $sql.= " ORDER BY u.name ASC"; dol_syslog("Form::select_users sql=".$sql); - if ($this->db->query($sql)) + $resql=$this->db->query($sql); + if ($resql) { print ''; print '
'; print ''; print ''; print '
'; - print $this->select_users($selected,$htmlname,1,0,0); + print $this->select_users($selected,$htmlname,1,$exclude,0,$include); print '
'; diff --git a/htdocs/includes/modules/modAdherent.class.php b/htdocs/includes/modules/modAdherent.class.php index 66d2c3e69e4..5ddbdc00473 100644 --- a/htdocs/includes/modules/modAdherent.class.php +++ b/htdocs/includes/modules/modAdherent.class.php @@ -26,19 +26,18 @@ */ /** - * \file htdocs/includes/modules/modAdherent.class.php - * \ingroup adherent - * \brief Fichier de description et activation du module adherents + * \file htdocs/includes/modules/modAdherent.class.php + * \ingroup adherent + * \brief Fichier de description et activation du module adherents * \version $Id$ */ include_once(DOL_DOCUMENT_ROOT ."/includes/modules/DolibarrModules.class.php"); /** - \class modAdherent - \brief Classe de description et activation du module Adherent -*/ - + * \class modAdherent + * \brief Classe de description et activation du module Adherent + */ class modAdherent extends DolibarrModules { diff --git a/htdocs/langs/en_US/members.lang b/htdocs/langs/en_US/members.lang index 559be6906d8..4811f7567f3 100644 --- a/htdocs/langs/en_US/members.lang +++ b/htdocs/langs/en_US/members.lang @@ -16,6 +16,12 @@ ErrorMemberTypeNotDefined=Member type not defined ListOfPublicMembers=List of public members ListOfValidatedPublicMembers=List of validated public members ErrorThisMemberIsNotPublic=This member is not public +ErrorMemberIsAlreadyLinkedToThisThirdParty=Another member (name: %s, login: %s) is already linked to a third party %s. Remove this link first because a third party can't be linked to only a member (and vice versa). +ErrorUserPermissionAllowsToLinksToItselfOnly=For security reasons, you must be granted permissions to edit all users to be able to link a member to a user that is not yours. +ThisIsContentOfYourCard=This is details of your card +CardContent=Content of your member card +SetLinkToUser=Link to a Dolibarr user +SetLinkToThirdParty=Link to a Dolibarr third party MembersCards=Members print cards MembersList=List of members MembersListToValid=List of draft members (to be validated) diff --git a/htdocs/langs/fr_FR/members.lang b/htdocs/langs/fr_FR/members.lang index a9dd507dfbc..b603dbe61a9 100644 --- a/htdocs/langs/fr_FR/members.lang +++ b/htdocs/langs/fr_FR/members.lang @@ -16,6 +16,12 @@ ErrorMemberTypeNotDefined=Le type d'adhérent n'est pas choisi ListOfPublicMembers=Liste des adhérents publiques ListOfValidatedPublicMembers=Liste des adhérents publiques validés ErrorThisMemberIsNotPublic=Cet adhérent n'est pas publique +ErrorMemberIsAlreadyLinkedToThisThirdParty=Un autre adhérent (nom: %s, login: %s) est déjà lié au tiers %s. Supprimer le lien existant d'abord car un tiers ne peut être lié qu'à un seul adhérent (et vice versa). +ErrorUserPermissionAllowsToLinksToItselfOnly=Pour des raisons de sécurité, il faut posséder les droits de modification de tous les utilisateurs pour pouvoir lier un adhérent à un utilisateur autre que vous même. +ThisIsContentOfYourCard=Voici les détails de votre fiche +CardContent=Contenu de votre fiche adherent +SetLinkToUser=Lier à un utilisateur Dolibarr +SetLinkToThirdParty=Lier à un tiers Dolibarr MembersCards=Cartes des adhérents MembersList=Liste des adhérents MembersListToValid=Liste des adhérents brouillons (à valider) diff --git a/htdocs/user.class.php b/htdocs/user.class.php index 47d7e1f1d66..f3867329d0c 100644 --- a/htdocs/user.class.php +++ b/htdocs/user.class.php @@ -956,20 +956,21 @@ class User extends CommonObject } /** - * \brief Mise e jour en base d'un utilisateur (sauf info mot de passe) - * \param user User qui fait la mise a jour - * \param notrigger 1 ne declenche pas les triggers, 0 sinon - * \param nosyncmember Do not synchronize linked member - * \return int <0 si KO, >=0 si OK + * \brief Mise e jour en base d'un utilisateur (sauf info mot de passe) + * \param user User qui fait la mise a jour + * \param notrigger 1 ne declenche pas les triggers, 0 sinon + * \param nosyncmember 0=Synchronize linked member (standard info), 1=Do not synchronize linked member + * \param nosyncmemberpass 0=Synchronize linked member (password), 1=Do not synchronize linked member + * \return int <0 si KO, >=0 si OK */ - function update($user,$notrigger=0,$nosyncmember=0) + function update($user,$notrigger=0,$nosyncmember=0,$nosyncmemberpass=0) { global $conf, $langs; $nbrowsaffected=0; $error=0; - dol_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember); + dol_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember.", nosyncmemberpass=".$nosyncmemberpass); // Clean parameters $this->nom = trim($this->nom); @@ -1015,13 +1016,13 @@ class User extends CommonObject { $nbrowsaffected+=$this->db->affected_rows($resql); - // Mise a jour mot de passe + // Update password if ($this->pass) { if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) { // Si mot de passe saisi et different de celui en base - $result=$this->setPassword($user,$this->pass,0,$notrigger); + $result=$this->setPassword($user,$this->pass,0,$notrigger,$nosyncmemberpass); if (! $nbrowsaffected) $nbrowsaffected++; } } @@ -1164,7 +1165,7 @@ class User extends CommonObject $error=0; - dol_syslog("User::setPassword user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger, LOG_DEBUG); + dol_syslog("User::setPassword user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger." nosyncmember=".$nosyncmember, LOG_DEBUG); // Si nouveau mot de passe non communique, on genere par module if (! $password) @@ -1776,9 +1777,9 @@ class User extends CommonObject /** - \brief Fonction pour creer un mot de passe aleatoire en minuscule - \param sel Donnee aleatoire - \return string Mot de passe + * \brief Fonction pour creer un mot de passe aleatoire en minuscule + * \param sel Donnee aleatoire + * \return string Mot de passe */ function creer_pass_aleatoire_1($sel = "") { @@ -1789,11 +1790,11 @@ function creer_pass_aleatoire_1($sel = "") /** - \brief Fonction pour creer un mot de passe aleatoire melangeant majuscule, - minuscule, chiffre et alpha et caracteres speciaux - \remarks La fonction a ete prise sur http://www.uzine.net/spip - \param sel Donnee aleatoire - \return string Mot de passe + * \brief Fonction pour creer un mot de passe aleatoire melangeant majuscule, + * minuscule, chiffre et alpha et caracteres speciaux + * \remarks La fonction a ete prise sur http://www.uzine.net/spip + * \param sel Donnee aleatoire + * \return string Mot de passe */ function creer_pass_aleatoire_2($sel = "") { @@ -1806,8 +1807,8 @@ function creer_pass_aleatoire_2($sel = "") { if (!$s) { - if (!$s) $s = mt_rand(); - $s = substr(md5(uniqid($s).$sel), 0, 16); + if (!$s) $s = mt_rand(); + $s = substr(md5(uniqid($s).$sel), 0, 16); } $r = unpack("Cr", pack("H2", $s.$s)); $x = $r['r'] & 63;