lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: strict mode journey

Browse Source
This commit is contained in:
Regis Houssin 2012-11-13 09:02:21 +01:00
parent fd82106a19
commit 4ec1d376bf
2 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
htdocs/comm/prospect/fiche.php
View File

@ -36,6 +36,8 @@ $langs->load('companies');
$langs->load('projects');
$langs->load('propal');
$action=GETPOST('action', 'alpha');
// Security check
$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
@ -48,19 +50,19 @@ $object = new Prospect($db);
* Actions
*/
if ($_GET["action"] == 'cstc')
if ($action == 'cstc')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm = ".$_GET["stcomm"];
$sql .= " WHERE rowid = ".$_GET["socid"];
$sql .= " WHERE rowid = ".$socid;
$db->query($sql);
}
// set prospect level
if ($_POST["action"] == 'setprospectlevel' && $user->rights->societe->creer)
if ($action == 'setprospectlevel' && $user->rights->societe->creer)
{
$object->fetch($_GET["socid"]);
$object->fetch($socid);
$object->fk_prospectlevel=$_POST['prospect_level_id'];
$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_prospectlevel='".$_POST['prospect_level_id'];
$sql.= "' WHERE rowid='".$_GET["socid"]."'";
$sql.= " WHERE rowid = ".$socid;
$result = $db->query($sql);
if (! $result) dol_print_error($result);
}
@ -111,7 +113,7 @@ if ($socid > 0)
print "</td></tr>";
// Zip / Town
print '<tr><td nowrap="nowrap">'.$langs->trans('Zip').' / '.$langs->trans("Town").'</td><td colspan="3">'.$object->zip.(($object->zip && $object->town)?' / ':'').$societe->town.'</td>';
print '<tr><td nowrap="nowrap">'.$langs->trans('Zip').' / '.$langs->trans("Town").'</td><td colspan="3">'.$object->zip.(($object->zip && $object->town)?' / ':'').$object->town.'</td>';
print '</tr>';
// Country
@ -136,18 +138,13 @@ if ($socid > 0)
print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
print $langs->trans('ProspectLevelShort');
print '<td>';
if (($_GET['action'] != 'editlevel') && $user->rights->societe->creer) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editlevel&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetLevel'),1).'</a></td>';
if ($action != 'editlevel' && $user->rights->societe->creer) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editlevel&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetLevel'),1).'</a></td>';
print '</tr></table>';
print '</td><td colspan="3">';
if ($_GET['action'] == 'editlevel')
{
if ($action == 'editlevel')
$formcompany->form_prospect_level($_SERVER['PHP_SELF'].'?socid='.$object->id,$object->fk_prospectlevel,'prospect_level_id',1);
}
else
{
print $object->getLibLevel();
//$formcompany->form_prospect_level($_SERVER['PHP_SELF'].'?socid='.$objsoc->id,$objsoc->mode_reglement,'none');
}
print "</td>";
print '</tr>';

17
htdocs/core/lib/company.lib.php
View File

@ -753,7 +753,7 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
{
$out.='<a href="'.DOL_URL_ROOT.'/comm/action/fiche.php?action=create';
if (get_class($object) == 'Societe') $out.='&amp;socid='.$object->id;
$out.='&amp;contactid='.$objcon->id.'&amp;backtopage=1&amp;percentage=-1">';
$out.=(! empty($objcon->id)?'&amp;contactid='.$objcon->id:'').'&amp;backtopage=1&amp;percentage=-1">';
$out.=$langs->trans("AddAnAction").' ';
$out.=img_picto($langs->trans("AddAnAction"),'filenew');
$out.="</a>";
@ -776,10 +776,13 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
if (get_class($object) == 'Societe') $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
$sql.= " WHERE u.rowid = a.fk_user_author";
$sql.= " AND a.entity IN (".getEntity('actioncomm').")";
if (get_class($object) == 'Adherent') $sql.= " AND a.fk_element = m.rowid AND a.elementtype = 'member'";
if (get_class($object) == 'Adherent' && $object->id) $sql.= " AND a.fk_element = ".$object->id;
if (get_class($object) == 'Adherent') {
$sql.= " AND a.fk_element = m.rowid AND a.elementtype = 'member'";
if (! empty($object->id))
$sql.= " AND a.fk_element = ".$object->id;
}
if (get_class($object) == 'Societe' && $object->id) $sql.= " AND a.fk_soc = ".$object->id;
if (is_object($objcon) && $objcon->id) $sql.= " AND a.fk_contact = ".$objcon->id;
if (! empty($objcon->id)) $sql.= " AND a.fk_contact = ".$objcon->id;
$sql.= " AND c.id=a.fk_action";
$sql.= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep > '".$db->idate($now)."'))";
$sql.= " ORDER BY a.datep DESC, a.id DESC";
@ -825,7 +828,7 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0)
$out.='<td colspan="2">'.$actionstatic->getNomUrl(1,40).'</td>';
// Contact pour cette action
if (! $objcon->id && $obj->fk_contact > 0)
if (empty($objcon->id) && $obj->fk_contact > 0)
{
$contactstatic->name=$obj->name;
$contactstatic->firstname=$obj->firstname;
@ -1029,11 +1032,11 @@ function show_actions_done($conf,$langs,$db,$object,$objcon='',$noprint=0)
$out.='</td>';
$out.='<td colspan="5" align="right">';
$permok=$user->rights->agenda->myactions->create;
if (($object->id || $objcon->id) && $permok)
if ((! empty($object->id) || ! empty($objcon->id)) && $permok)
{
$out.='<a href="'.DOL_URL_ROOT.'/comm/action/fiche.php?action=create';
if (get_class($object) == 'Societe') $out.='&amp;socid='.$object->id;
$out.='&amp;contactid='.$objcon->id.'&amp;backtopage=1&amp;percentage=-1">';
$out.=(! empty($objcon->id)?'&amp;contactid='.$objcon->id:'').'&amp;backtopage=1&amp;percentage=-1">';
$out.=$langs->trans("AddAnAction").' ';
$out.=img_picto($langs->trans("AddAnAction"),'filenew');
$out.="</a>";