Clean code

2019-07-04 16:02:04 +02:00 · 2019-07-04 16:02:04 +02:00 · 4e00cfb455
commit 4e00cfb455
parent d405a58999
2 changed files with 7 additions and 9 deletions
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@ -2568,7 +2568,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 			$accessallowed=1;
 		}
 		$original_file=$conf->fournisseur->facture->dir_output.'/'.$original_file;
-		$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE facnumber='".$db->escape($refname)."' AND entity=".$conf->entity;
+		$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture_fourn WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity;
 	}
 	// Wrapping pour les rapport de paiements
 	elseif ($modulepart == 'supplier_payment')
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@ -2536,11 +2536,11 @@ elseif (! empty($object->id))



-		if ($user->rights->fournisseur->commande->commander && $object->statut == 2 && $action == 'makeorder')
+		if ($user->rights->fournisseur->commande->commander && $object->statut == CommandeFournisseur::STATUS_ACCEPTED && $action == 'makeorder')
 		{
 			// Set status to ordered (action=commande)
 			print '<!-- form to record supplier order -->'."\n";
-			print '<form name="commande" id="makeorder" action="card.php?id='.$object->id.'&amp;action=commande" method="post">';
+			print '<form name="commande" id="makeorder" action="card.php?id='.$object->id.'&amp;action=commande" method="POST">';

 			print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 			print '<input type="hidden"	name="action" value="commande">';
@ -2574,9 +2574,7 @@ elseif (! empty($object->id))
 		{
 			print '<div class="fichecenter"><div class="fichehalfleft">';

-			/*
-    		 * Documents generes
-    		 */
+			// Generated documents
 			$comfournref = dol_sanitizeFileName($object->ref);
 			$file =	$conf->fournisseur->dir_output . '/commande/' . $comfournref .	'/'	. $comfournref . '.pdf';
 			$relativepath =	$comfournref.'/'.$comfournref.'.pdf';
@ -2594,10 +2592,10 @@ elseif (! empty($object->id))

 			print '</div><div class="fichehalfright"><div class="ficheaddleft">';

-			if ($user->rights->fournisseur->commande->receptionner	&& ($object->statut == 3 || $object->statut == 4))
+			if ($user->rights->fournisseur->commande->receptionner	&& ($object->statut == CommandeFournisseur::STATUS_ORDERSENT || $object->statut == CommandeFournisseur::STATUS_RECEIVED_PARTIALLY))
 			{
 				// Set status to received (action=livraison)
-				print '<!-- form to record supplier order received -->'."\n";
+				print '<!-- form to record purchase order received -->'."\n";
 				print '<form action="card.php?id='.$object->id.'" method="post">';
 				print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 				print '<input type="hidden"	name="action" value="livraison">';
@ -2610,7 +2608,7 @@ elseif (! empty($object->id))
 				print $form->selectDate($datepreselected, '', 1, 1, '', "commande", 1, 1);
 				print "</td></tr>\n";

-				print "<tr><td class=\"fieldrequired\">".$langs->trans("Delivery")."</td><td>\n";
+				print '<tr><td class="fieldrequired">'.$langs->trans("Delivery")."</td><td>\n";
 				$liv = array();
 				$liv[''] = '&nbsp;';
 				$liv['tot']	= $langs->trans("CompleteOrNoMoreReceptionExpected");