diff --git a/htdocs/comm/prospect/fiche.php b/htdocs/comm/prospect/fiche.php index 14264358cfa..1159907bcde 100644 --- a/htdocs/comm/prospect/fiche.php +++ b/htdocs/comm/prospect/fiche.php @@ -36,6 +36,8 @@ $langs->load('companies'); $langs->load('projects'); $langs->load('propal'); +$action=GETPOST('action', 'alpha'); + // Security check $socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; @@ -48,19 +50,19 @@ $object = new Prospect($db); * Actions */ -if ($_GET["action"] == 'cstc') +if ($action == 'cstc') { $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm = ".$_GET["stcomm"]; - $sql .= " WHERE rowid = ".$_GET["socid"]; + $sql .= " WHERE rowid = ".$socid; $db->query($sql); } // set prospect level -if ($_POST["action"] == 'setprospectlevel' && $user->rights->societe->creer) +if ($action == 'setprospectlevel' && $user->rights->societe->creer) { - $object->fetch($_GET["socid"]); + $object->fetch($socid); $object->fk_prospectlevel=$_POST['prospect_level_id']; $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_prospectlevel='".$_POST['prospect_level_id']; - $sql.= "' WHERE rowid='".$_GET["socid"]."'"; + $sql.= " WHERE rowid = ".$socid; $result = $db->query($sql); if (! $result) dol_print_error($result); } @@ -111,7 +113,7 @@ if ($socid > 0) print ""; // Zip / Town - print ''.$langs->trans('Zip').' / '.$langs->trans("Town").''.$object->zip.(($object->zip && $object->town)?' / ':'').$societe->town.''; + print ''.$langs->trans('Zip').' / '.$langs->trans("Town").''.$object->zip.(($object->zip && $object->town)?' / ':'').$object->town.''; print ''; // Country @@ -136,18 +138,13 @@ if ($socid > 0) print ''; + if ($action != 'editlevel' && $user->rights->societe->creer) print ''; print '
'; print $langs->trans('ProspectLevelShort'); print ''; - if (($_GET['action'] != 'editlevel') && $user->rights->societe->creer) print 'id.'">'.img_edit($langs->trans('SetLevel'),1).'id.'">'.img_edit($langs->trans('SetLevel'),1).'
'; print ''; - if ($_GET['action'] == 'editlevel') - { + if ($action == 'editlevel') $formcompany->form_prospect_level($_SERVER['PHP_SELF'].'?socid='.$object->id,$object->fk_prospectlevel,'prospect_level_id',1); - } else - { print $object->getLibLevel(); - //$formcompany->form_prospect_level($_SERVER['PHP_SELF'].'?socid='.$objsoc->id,$objsoc->mode_reglement,'none'); - } print ""; print ''; diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 004750dc192..34068d1afe5 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -753,7 +753,7 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0) { $out.=''; + $out.=(! empty($objcon->id)?'&contactid='.$objcon->id:'').'&backtopage=1&percentage=-1">'; $out.=$langs->trans("AddAnAction").' '; $out.=img_picto($langs->trans("AddAnAction"),'filenew'); $out.=""; @@ -776,10 +776,13 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0) if (get_class($object) == 'Societe') $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid"; $sql.= " WHERE u.rowid = a.fk_user_author"; $sql.= " AND a.entity IN (".getEntity('actioncomm').")"; - if (get_class($object) == 'Adherent') $sql.= " AND a.fk_element = m.rowid AND a.elementtype = 'member'"; - if (get_class($object) == 'Adherent' && $object->id) $sql.= " AND a.fk_element = ".$object->id; + if (get_class($object) == 'Adherent') { + $sql.= " AND a.fk_element = m.rowid AND a.elementtype = 'member'"; + if (! empty($object->id)) + $sql.= " AND a.fk_element = ".$object->id; + } if (get_class($object) == 'Societe' && $object->id) $sql.= " AND a.fk_soc = ".$object->id; - if (is_object($objcon) && $objcon->id) $sql.= " AND a.fk_contact = ".$objcon->id; + if (! empty($objcon->id)) $sql.= " AND a.fk_contact = ".$objcon->id; $sql.= " AND c.id=a.fk_action"; $sql.= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep > '".$db->idate($now)."'))"; $sql.= " ORDER BY a.datep DESC, a.id DESC"; @@ -825,7 +828,7 @@ function show_actions_todo($conf,$langs,$db,$object,$objcon='',$noprint=0) $out.=''.$actionstatic->getNomUrl(1,40).''; // Contact pour cette action - if (! $objcon->id && $obj->fk_contact > 0) + if (empty($objcon->id) && $obj->fk_contact > 0) { $contactstatic->name=$obj->name; $contactstatic->firstname=$obj->firstname; @@ -1029,11 +1032,11 @@ function show_actions_done($conf,$langs,$db,$object,$objcon='',$noprint=0) $out.=''; $out.=''; $permok=$user->rights->agenda->myactions->create; - if (($object->id || $objcon->id) && $permok) + if ((! empty($object->id) || ! empty($objcon->id)) && $permok) { $out.=''; + $out.=(! empty($objcon->id)?'&contactid='.$objcon->id:'').'&backtopage=1&percentage=-1">'; $out.=$langs->trans("AddAnAction").' '; $out.=img_picto($langs->trans("AddAnAction"),'filenew'); $out.="";