lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur 2015-10-15 12:19:01 +02:00
commit 577776b950
9 changed files with 540 additions and 533 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/install/inc.php
View File

@ -86,7 +86,7 @@ if (! defined('DONOTLOADCONF') && file_exists($conffile))
if (empty($dolibarr_main_db_port) && ($dolibarr_main_db_type=='mysqli' || $dolibarr_main_db_type=='mysql')) $dolibarr_main_db_port='3306'; // For backward compatibility
// Clean parameters
$dolibarr_main_data_root =isset($dolibarr_main_data_root)?trim($dolibarr_main_data_root):'';
$dolibarr_main_data_root =isset($dolibarr_main_data_root)?trim($dolibarr_main_data_root):DOL_DOCUMENT_ROOT . '/../documents';
$dolibarr_main_url_root =isset($dolibarr_main_url_root)?trim($dolibarr_main_url_root):'';
$dolibarr_main_url_root_alt =isset($dolibarr_main_url_root_alt)?trim($dolibarr_main_url_root_alt):'';
$dolibarr_main_document_root =isset($dolibarr_main_document_root)?trim($dolibarr_main_document_root):'';
@ -133,7 +133,7 @@ if (! isset($dolibarr_main_db_prefix) || ! $dolibarr_main_db_prefix) $dolibarr_m
define('MAIN_DB_PREFIX',(isset($dolibarr_main_db_prefix)?$dolibarr_main_db_prefix:''));
define('DOL_CLASS_PATH', 'class/'); // Filsystem path to class dir
define('DOL_DATA_ROOT',(isset($dolibarr_main_data_root)?$dolibarr_main_data_root:''));
define('DOL_DATA_ROOT',(isset($dolibarr_main_data_root)?$dolibarr_main_data_root:DOL_DOCUMENT_ROOT . '/../documents'));
define('DOL_MAIN_URL_ROOT', (isset($dolibarr_main_url_root)?$dolibarr_main_url_root:'')); // URL relative root
$uri=preg_replace('/^http(s?):\/\//i','',constant('DOL_MAIN_URL_ROOT')); // $uri contains url without http*
$suburi = strstr($uri, '/'); // $suburi contains url without domain

88
htdocs/user/agenda_extsites.php
View File

@ -66,45 +66,43 @@ $result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
if (($object->id != $user->id) && (! $user->rights->user->user->lire))
accessforbidden();
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/*
* Actions
*/
if ($actionsave)
{
$db->begin();
$i=1; $errorsaved=0;
$error=0;
$tabparam=array();
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
// Save agendas
while ($i <= $MAXAGENDA)
{
$name=trim(GETPOST('AGENDA_EXT_NAME_'.$id.'_'.$i,'alpha'));
$src=trim(GETPOST('AGENDA_EXT_SRC_'.$id.'_'.$i,'alpha'));
$offsettz=trim(GETPOST('AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i,'alpha'));
$color=trim(GETPOST('AGENDA_EXT_COLOR_'.$id.'_'.$i,'alpha'));
if ($color=='-1') $color='';
$enabled=trim(GETPOST('AGENDA_EXT_ENABLED_'.$id.'_'.$i,'alpha'));
if (empty($reshook)) {
if ($actionsave) {
$db->begin();
if (! empty($src) && ! dol_is_url($src))
{
setEventMessage($langs->trans("ErrorParamMustBeAnUrl"),'errors');
$error++;
$errorsaved++;
break;
}
$i = 1;
$errorsaved = 0;
$error = 0;
$tabparam = array();
$tabparam['AGENDA_EXT_NAME_'.$id.'_'.$i]=$name;
$tabparam['AGENDA_EXT_SRC_'.$id.'_'.$i]=$src;
$tabparam['AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i]=$offsettz;
$tabparam['AGENDA_EXT_COLOR_'.$id.'_'.$i]=$color;
$tabparam['AGENDA_EXT_ENABLED_'.$id.'_'.$i]=$enabled;
// Save agendas
while ($i <= $MAXAGENDA) {
$name = trim(GETPOST('AGENDA_EXT_NAME_'.$id.'_'.$i, 'alpha'));
$src = trim(GETPOST('AGENDA_EXT_SRC_'.$id.'_'.$i, 'alpha'));
$offsettz = trim(GETPOST('AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i, 'alpha'));
$color = trim(GETPOST('AGENDA_EXT_COLOR_'.$id.'_'.$i, 'alpha'));
if ($color == '-1') {
$color = '';
}
$enabled = trim(GETPOST('AGENDA_EXT_ENABLED_'.$id.'_'.$i, 'alpha'));
$i++;
}
if (!empty($src) && !dol_is_url($src)) {
setEventMessage($langs->trans("ErrorParamMustBeAnUrl"), 'errors');
$error ++;
$errorsaved ++;
break;
}
if (! $error)
{
@ -112,16 +110,26 @@ if ($actionsave)
if (! $result > 0) $error++;
}
if (! $error)
{
$db->commit();
setEventMessage($langs->trans("SetupSaved"));
}
else
{
$db->rollback();
if (empty($errorsaved)) setEventMessage($langs->trans("Error"),'errors');
}
$i ++;
}
if (!$error) {
$result = dol_set_user_param($db, $conf, $fuser, $tabparam);
if (!$result > 0) {
$error ++;
}
}
if (!$error) {
$db->commit();
setEventMessage($langs->trans("SetupSaved"));
} else {
$db->rollback();
if (empty($errorsaved)) {
setEventMessage($langs->trans("Error"), 'errors');
}
}
}
}
/*

757
htdocs/user/card.php
View File

@ -101,175 +101,159 @@ $hookmanager->initHooks(array('usercard','globalcard'));
* Actions
*/
if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser)
{
if ($id <> $user->id)
{
$object->fetch($id);
$object->setstatus(0);
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
}
}
if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser)
{
$error = 0;
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($id <> $user->id)
{
$object->fetch($id);
if (empty($reshook)) {
if (!empty($conf->file->main_limit_users))
{
$nb = $object->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users)
{
$error++;
setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors');
}
}
if (! $error)
{
$object->setstatus(1);
if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser) {
if ($id <> $user->id) {
$object->fetch($id);
$object->setstatus(0);
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
}
}
}
if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser) {
$error = 0;
if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser)
{
if ($id <> $user->id)
{
$object = new User($db);
$object->id=$id;
$result = $object->delete();
if ($result < 0)
{
$langs->load("errors");
setEventMessage($langs->trans("ErrorUserCannotBeDelete"), 'errors');
}
else
{
header("Location: index.php");
exit;
if ($id <> $user->id) {
$object->fetch($id);
if (!empty($conf->file->main_limit_users)) {
$nb = $object->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users) {
$error ++;
setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors');
}
}
if (!$error) {
$object->setstatus(1);
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
}
}
}
if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser) {
if ($id <> $user->id) {
$object = new User($db);
$object->id = $id;
$result = $object->delete();
if ($result < 0) {
$langs->load("errors");
setEventMessage($langs->trans("ErrorUserCannotBeDelete"), 'errors');
} else {
header("Location: index.php");
exit;
}
}
}
}
// Action Add user
if ($action == 'add' && $canadduser)
{
$error = 0;
if ($action == 'add' && $canadduser) {
$error = 0;
if (! $_POST["lastname"])
{
$error++;
setEventMessage($langs->trans("NameNotDefined"), 'errors');
$action="create"; // Go back to create page
}
if (! $_POST["login"])
{
$error++;
setEventMessage($langs->trans("LoginNotDefined"), 'errors');
$action="create"; // Go back to create page
}
if (! empty($conf->file->main_limit_users)) // If option to limit users is set
{
$nb = $object->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users)
{
$error++;
setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors');
$action="create"; // Go back to create page
if (!$_POST["lastname"]) {
$error ++;
setEventMessage($langs->trans("NameNotDefined"), 'errors');
$action = "create"; // Go back to create page
}
}
if (!$error)
{
$object->lastname = GETPOST("lastname",'alpha');
$object->firstname = GETPOST("firstname",'alpha');
$object->login = GETPOST("login",'alpha');
$object->api_key = GETPOST("api_key",'alpha');
$object->gender = GETPOST("gender",'alpha');
$object->admin = GETPOST("admin",'alpha');
$object->office_phone = GETPOST("office_phone",'alpha');
$object->office_fax = GETPOST("office_fax",'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype");
$object->email = GETPOST("email",'alpha');
$object->job = GETPOST("job",'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->note = GETPOST("note");
$object->ldap_sid = GETPOST("ldap_sid");
$object->fk_user = GETPOST("fk_user")>0?GETPOST("fk_user"):0;
$object->thm = GETPOST("thm")!=''?GETPOST("thm"):'';
$object->tjm = GETPOST("tjm")!=''?GETPOST("tjm"):'';
$object->salary = GETPOST("salary")!=''?GETPOST("salary"):'';
$object->salaryextra = GETPOST("salaryextra")!=''?GETPOST("salaryextra"):'';
$object->weeklyhours = GETPOST("weeklyhours")!=''?GETPOST("weeklyhours"):'';
$object->color = GETPOST("color")!=''?GETPOST("color"):'';
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
if ($ret < 0) $error++;
// Set entity property
$entity=GETPOST('entity','int');
if (! empty($conf->multicompany->enabled))
{
if (! empty($_POST["superadmin"]))
{
$object->entity = 0;
}
else if ($conf->multicompany->transverse_mode)
{
$object->entity = 1; // all users are forced into master entity
}
else
{
$object->entity = ($entity == '' ? 1 : $entity);
}
}
else
{
$object->entity = ($entity == '' ? 1 : $entity);
/*if ($user->admin && $user->entity == 0 && GETPOST("admin",'alpha'))
{
}*/
if (!$_POST["login"]) {
$error ++;
setEventMessage($langs->trans("LoginNotDefined"), 'errors');
$action = "create"; // Go back to create page
}
$db->begin();
$id = $object->create($user);
if ($id > 0)
if (!empty($conf->file->main_limit_users)) // If option to limit users is set
{
if (isset($_POST['password']) && trim($_POST['password']))
{
$object->setPassword($user,trim($_POST['password']));
$nb = $object->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users) {
$error ++;
setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors');
$action = "create"; // Go back to create page
}
}
if (!$error) {
$object->lastname = GETPOST("lastname", 'alpha');
$object->firstname = GETPOST("firstname", 'alpha');
$object->login = GETPOST("login", 'alpha');
$object->api_key = GETPOST("api_key", 'alpha');
$object->gender = GETPOST("gender", 'alpha');
$object->admin = GETPOST("admin", 'alpha');
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype");
$object->email = GETPOST("email", 'alpha');
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->note = GETPOST("note");
$object->ldap_sid = GETPOST("ldap_sid");
$object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0;
$object->thm = GETPOST("thm") != '' ? GETPOST("thm") : '';
$object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : '';
$object->salary = GETPOST("salary") != '' ? GETPOST("salary") : '';
$object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : '';
$object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : '';
$object->color = GETPOST("color") != '' ? GETPOST("color") : '';
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels, $object);
if ($ret < 0) {
$error ++;
}
$db->commit();
// Set entity property
$entity = GETPOST('entity', 'int');
if (!empty($conf->multicompany->enabled)) {
if (!empty($_POST["superadmin"])) {
$object->entity = 0;
} else {
if ($conf->multicompany->transverse_mode) {
$object->entity = 1; // all users are forced into master entity
} else {
$object->entity = ($entity == '' ? 1 : $entity);
}
}
} else {
$object->entity = ($entity == '' ? 1 : $entity);
/*if ($user->admin && $user->entity == 0 && GETPOST("admin",'alpha'))
{
}*/
}
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
}
else
{
$langs->load("errors");
$db->rollback();
if (is_array($object->errors) && count($object->errors)) setEventMessage($object->errors,'errors');
else setEventMessage($object->error, 'errors');
$action="create"; // Go back to create page
}
$db->begin();
$id = $object->create($user);
if ($id > 0) {
if (isset($_POST['password']) && trim($_POST['password'])) {
$object->setPassword($user, trim($_POST['password']));
}
$db->commit();
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
} else {
$langs->load("errors");
$db->rollback();
if (is_array($object->errors) && count($object->errors)) {
setEventMessage($object->errors, 'errors');
} else {
setEventMessage($object->error, 'errors');
}
$action = "create"; // Go back to create page
}
}
}
}
// Action add usergroup
if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield)
@ -280,97 +264,74 @@ if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield)
$editgroup->fetch($group);
$editgroup->oldcopy=clone $editgroup;
$object->fetch($id);
if ($action == 'addgroup') $object->SetInGroup($group,($conf->multicompany->transverse_mode?GETPOST("entity"):$editgroup->entity));
if ($action == 'removegroup') $object->RemoveFromGroup($group,($conf->multicompany->transverse_mode?GETPOST("entity"):$editgroup->entity));
$object->fetch($id);
if ($action == 'addgroup') {
$object->SetInGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity));
}
if ($action == 'removegroup') {
$object->RemoveFromGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity));
}
if ($result > 0)
{
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
}
else
{
setEventMessage($object->error, 'errors');
if ($result > 0) {
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id);
exit;
} else {
setEventMessage($object->error, 'errors');
}
}
}
}
if ($action == 'update' && ! $_POST["cancel"])
{
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
if ($action == 'update' && !$_POST["cancel"]) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
if ($caneditfield) // Case we can edit all field
{
$error=0;
if (! $_POST["lastname"])
if ($caneditfield) // Case we can edit all field
{
setEventMessage($langs->trans("NameNotDefined"), 'errors');
$action="edit"; // Go back to create page
$error++;
}
if (! $_POST["login"])
{
setEventMessage($langs->trans("LoginNotDefined"), 'errors');
$action="edit"; // Go back to create page
$error++;
}
$error = 0;
if (! $error)
{
$object->fetch($id);
// Test if new login
if (GETPOST("login") && GETPOST("login") != $object->login)
{
dol_syslog("New login ".$object->login." is requested. We test it does not exists.");
$tmpuser=new User($db);
$result=$tmpuser->fetch(0, GETPOST("login"));
if ($result > 0)
{
setEventMessage($langs->trans("ErrorLoginAlreadyExists", GETPOST('login')), 'errors');
$action="edit"; // Go back to create page
$error++;
}
if (!$_POST["lastname"]) {
setEventMessage($langs->trans("NameNotDefined"), 'errors');
$action = "edit"; // Go back to create page
$error ++;
}
if (!$_POST["login"]) {
setEventMessage($langs->trans("LoginNotDefined"), 'errors');
$action = "edit"; // Go back to create page
$error ++;
}
}
if (! $error)
{
$db->begin();
if (!$error) {
$object->fetch($id);
$object->oldcopy = clone $object;
$object->lastname = GETPOST("lastname",'alpha');
$object->firstname = GETPOST("firstname",'alpha');
$object->login = GETPOST("login",'alpha');
$object->gender = GETPOST("gender",'alpha');
$object->pass = GETPOST("password");
$object->api_key = (GETPOST("api_key", 'alpha'))?GETPOST("api_key", 'alpha'):$object->api_key;
$object->admin = empty($user->admin)?0:GETPOST("admin"); // A user can only be set admin by an admin
$object->office_phone=GETPOST("office_phone",'alpha');
$object->office_fax = GETPOST("office_fax",'alpha');
$object->user_mobile= GETPOST("user_mobile");
$object->skype = GETPOST("skype");
$object->email = GETPOST("email",'alpha');
$object->job = GETPOST("job",'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->openid = GETPOST("openid");
$object->fk_user = GETPOST("fk_user")>0?GETPOST("fk_user"):0;
if (!$error) {
$db->begin();
$object->thm = GETPOST("thm")!=''?GETPOST("thm"):'';
$object->tjm = GETPOST("tjm")!=''?GETPOST("tjm"):'';
$object->salary = GETPOST("salary")!=''?GETPOST("salary"):'';
$object->salaryextra = GETPOST("salaryextra")!=''?GETPOST("salaryextra"):'';
$object->weeklyhours = GETPOST("weeklyhours")!=''?GETPOST("weeklyhours"):'';
$object->oldcopy = dol_clone($object);
$object->color = GETPOST("color")!=''?GETPOST("color"):'';
$object->lastname = GETPOST("lastname", 'alpha');
$object->firstname = GETPOST("firstname", 'alpha');
$object->login = GETPOST("login", 'alpha');
$object->gender = GETPOST("gender", 'alpha');
$object->pass = GETPOST("password");
$object->api_key = (GETPOST("api_key", 'alpha')) ? GETPOST("api_key", 'alpha') : $object->api_key;
$object->admin = empty($user->admin) ? 0 : GETPOST("admin"); // A user can only be set admin by an admin
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype");
$object->email = GETPOST("email", 'alpha');
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->openid = GETPOST("openid");
$object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0;
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
if ($ret < 0) $error++;
$object->thm = GETPOST("thm") != '' ? GETPOST("thm") : '';
$object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : '';
$object->salary = GETPOST("salary") != '' ? GETPOST("salary") : '';
$object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : '';
$object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : '';
if (! empty($conf->multicompany->enabled))
{
@ -392,121 +353,137 @@ if ($action == 'update' && ! $_POST["cancel"])
$object->entity = (! GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
}
if (GETPOST('deletephoto')) $object->photo='';
if (! empty($_FILES['photo']['name'])) $object->photo = dol_sanitizeFileName($_FILES['photo']['name']);
if (! $error)
{
$ret=$object->update($user);
if ($ret < 0)
{
$error++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS')
{
$langs->load("errors");
setEventMessage($langs->trans("ErrorLoginAlreadyExists",$object->login), 'errors');
}
else
{
setEventMessages($object->error, $object->errors, 'errors');
}
}
}
if (! $error && isset($_POST['contactid']))
{
$contactid=GETPOST('contactid');
if ($contactid > 0)
{
$contact=new Contact($db);
$contact->fetch($contactid);
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql.= " SET fk_socpeople=".$db->escape($contactid);
if ($contact->socid) $sql.=", fk_soc=".$db->escape($contact->socid);
$sql.= " WHERE rowid=".$object->id;
}
else
{
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql.= " SET fk_socpeople=NULL, fk_soc=NULL";
$sql.= " WHERE rowid=".$object->id;
}
dol_syslog("fiche::update", LOG_DEBUG);
$resql=$db->query($sql);
if (! $resql)
{
$error++;
setEventMessage($db->lasterror(), 'errors');
}
}
if (! $error && ! count($object->errors))
{
if (GETPOST('deletephoto') && $object->photo)
{
$fileimg=$conf->user->dir_output.'/'.get_exdir($object->id,2,0,1,$object,'user').'/logos/'.$object->photo;
$dirthumbs=$conf->user->dir_output.'/'.get_exdir($object->id,2,0,1,$object,'user').'/logos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels, $object);
if ($ret < 0) {
$error ++;
}
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
{
$dir= $conf->user->dir_output . '/' . get_exdir($object->id,2,0,1,$object,'user');
dol_mkdir($dir);
if (@is_dir($dir))
{
$newfile=$dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
$result=dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1,0,$_FILES['photo']['error']);
if (! $result > 0)
{
setEventMessage($langs->trans("ErrorFailedToSaveFile"), 'errors');
}
else
{
// Create small thumbs for company (Ratio is near 16/9)
// Used on logon for example
$imgThumbSmall = vignette($newfile, $maxwidthsmall, $maxheightsmall, '_small', $quality);
// Create mini thumbs for company (Ratio is near 16/9)
// Used on menu or for setup page for example
$imgThumbMini = vignette($newfile, $maxwidthmini, $maxheightmini, '_mini', $quality);
if (!empty($conf->multicompany->enabled)) {
if (!empty($_POST["superadmin"])) {
$object->entity = 0;
} else {
if ($conf->multicompany->transverse_mode) {
$object->entity = 1; // all users in master entity
} else {
$object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]);
}
}
else
} else {
$object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]);
}
if (GETPOST('deletephoto')) {
$object->photo = '';
}
if (!empty($_FILES['photo']['name'])) {
$object->photo = dol_sanitizeFileName($_FILES['photo']['name']);
}
if (!$error) {
$ret = $object->update($user);
if ($ret < 0) {
$error ++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessage($langs->trans("ErrorLoginAlreadyExists", $object->login), 'errors');
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
}
}
if (!$error && isset($_POST['contactid'])) {
$contactid = GETPOST('contactid');
if ($contactid > 0) {
$contact = new Contact($db);
$contact->fetch($contactid);
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=".$db->escape($contactid);
if ($contact->socid) {
$sql .= ", fk_soc=".$db->escape($contact->socid);
}
$sql .= " WHERE rowid=".$object->id;
} else {
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=NULL, fk_soc=NULL";
$sql .= " WHERE rowid=".$object->id;
}
dol_syslog("fiche::update", LOG_DEBUG);
$resql = $db->query($sql);
if (!$resql) {
$error ++;
setEventMessage($db->lasterror(), 'errors');
}
}
if (!$error && !count($object->errors)) {
if (GETPOST('deletephoto') && $object->photo) {
$fileimg = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/'.$object->photo;
$dirthumbs = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
}
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
$dir = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user');
dol_mkdir($dir);
if (@is_dir($dir)) {
$newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
$result = dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']);
if (!$result > 0) {
setEventMessage($langs->trans("ErrorFailedToSaveFile"), 'errors');
} else {
// Create small thumbs for company (Ratio is near 16/9)
// Used on logon for example
$imgThumbSmall = vignette($newfile, $maxwidthsmall, $maxheightsmall, '_small', $quality);
// Create mini thumbs for company (Ratio is near 16/9)
// Used on menu or for setup page for example
$imgThumbMini = vignette($newfile, $maxwidthmini, $maxheightmini, '_mini', $quality);
}
} else {
$error ++;
$langs->load("errors");
setEventMessages($langs->trans("ErrorFailedToCreateDir", $dir), $mesgs, 'errors');
}
}
}
if (!$error && !count($object->errors)) {
setEventMessage($langs->trans("UserModified"));
$db->commit();
$login = $_SESSION["dol_login"];
if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login
{
$error++;
$langs->load("errors");
setEventMessages($langs->transnoentitiesnoconv("ErrorFailedToCreateDir", $dir), $mesgs, 'errors');
}
} else {
$db->rollback();
}
}
if (! $error && ! count($object->errors))
} else {
if ($caneditpassword) // Case we can edit only password
{
setEventMessage($langs->trans("UserModified"));
$db->commit();
$object->fetch($id);
$login=$_SESSION["dol_login"];
if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login
{
$_SESSION["dol_login"]=$object->login; // Set new login to avoid disconnect at next page
$object->oldcopy = dol_clone($object);
$ret = $object->setPassword($user, $_POST["password"]);
if ($ret < 0) {
setEventMessage($object->error, 'errors');
}
}
else
{
$db->rollback();
}
}
}
else if ($caneditpassword) // Case we can edit only password
{
$object->fetch($id);
$object->oldcopy = clone $object;
@ -519,97 +496,83 @@ if ($action == 'update' && ! $_POST["cancel"])
}
// Change password with a new generated one
if ((($action == 'confirm_password' && $confirm == 'yes')
|| ($action == 'confirm_passwordsend' && $confirm == 'yes')) && $caneditpassword)
{
$object->fetch($id);
if ((($action == 'confirm_password' && $confirm == 'yes')
|| ($action == 'confirm_passwordsend' && $confirm == 'yes')) && $caneditpassword
) {
$object->fetch($id);
$newpassword=$object->setPassword($user,'');
if ($newpassword < 0)
{
// Echec
setEventMessage($langs->trans("ErrorFailedToSetNewPassword"), 'errors');
}
else
{
// Succes
if ($action == 'confirm_passwordsend' && $confirm == 'yes')
{
if ($object->send_password($user,$newpassword) > 0)
{
setEventMessage($langs->trans("PasswordChangedAndSentTo",$object->email));
}
else
{
setEventMessage($object->error, 'errors');
$newpassword = $object->setPassword($user, '');
if ($newpassword < 0) {
// Echec
setEventMessage($langs->trans("ErrorFailedToSetNewPassword"), 'errors');
} else {
// Succes
if ($action == 'confirm_passwordsend' && $confirm == 'yes') {
if ($object->send_password($user, $newpassword) > 0) {
setEventMessage($langs->trans("PasswordChangedAndSentTo", $object->email));
} else {
setEventMessage($object->error, 'errors');
}
} else {
setEventMessage($langs->trans("PasswordChangedTo", $newpassword), 'errors');
}
}
else
{
setEventMessage($langs->trans("PasswordChangedTo",$newpassword), 'errors');
}
}
}
// Action initialisation donnees depuis record LDAP
if ($action == 'adduserldap')
{
$selecteduser = $_POST['users'];
if ($action == 'adduserldap') {
$selecteduser = $_POST['users'];
$required_fields = array(
$conf->global->LDAP_KEY_USERS,
$conf->global->LDAP_FIELD_NAME,
$conf->global->LDAP_FIELD_FIRSTNAME,
$conf->global->LDAP_FIELD_LOGIN,
$conf->global->LDAP_FIELD_LOGIN_SAMBA,
$conf->global->LDAP_FIELD_PASSWORD,
$conf->global->LDAP_FIELD_PASSWORD_CRYPTED,
$conf->global->LDAP_FIELD_PHONE,
$conf->global->LDAP_FIELD_FAX,
$conf->global->LDAP_FIELD_MOBILE,
$conf->global->LDAP_FIELD_SKYPE,
$conf->global->LDAP_FIELD_MAIL,
$conf->global->LDAP_FIELD_TITLE,
$conf->global->LDAP_FIELD_DESCRIPTION,
$conf->global->LDAP_FIELD_SID);
$required_fields = array(
$conf->global->LDAP_KEY_USERS,
$conf->global->LDAP_FIELD_NAME,
$conf->global->LDAP_FIELD_FIRSTNAME,
$conf->global->LDAP_FIELD_LOGIN,
$conf->global->LDAP_FIELD_LOGIN_SAMBA,
$conf->global->LDAP_FIELD_PASSWORD,
$conf->global->LDAP_FIELD_PASSWORD_CRYPTED,
$conf->global->LDAP_FIELD_PHONE,
$conf->global->LDAP_FIELD_FAX,
$conf->global->LDAP_FIELD_MOBILE,
$conf->global->LDAP_FIELD_SKYPE,
$conf->global->LDAP_FIELD_MAIL,
$conf->global->LDAP_FIELD_TITLE,
$conf->global->LDAP_FIELD_DESCRIPTION,
$conf->global->LDAP_FIELD_SID
);
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result >= 0)
{
// Remove from required_fields all entries not configured in LDAP (empty) and duplicated
$required_fields=array_unique(array_values(array_filter($required_fields, "dol_validElement")));
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result >= 0) {
// Remove from required_fields all entries not configured in LDAP (empty) and duplicated
$required_fields = array_unique(array_values(array_filter($required_fields, "dol_validElement")));
$ldapusers = $ldap->getRecords($selecteduser, $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields);
//print_r($ldapusers);
$ldapusers = $ldap->getRecords($selecteduser, $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields);
//print_r($ldapusers);
if (is_array($ldapusers))
{
foreach ($ldapusers as $key => $attribute)
{
$ldap_lastname = $attribute[$conf->global->LDAP_FIELD_NAME];
$ldap_firstname = $attribute[$conf->global->LDAP_FIELD_FIRSTNAME];
$ldap_login = $attribute[$conf->global->LDAP_FIELD_LOGIN];
$ldap_loginsmb = $attribute[$conf->global->LDAP_FIELD_LOGIN_SAMBA];
$ldap_pass = $attribute[$conf->global->LDAP_FIELD_PASSWORD];
$ldap_pass_crypted = $attribute[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED];
$ldap_phone = $attribute[$conf->global->LDAP_FIELD_PHONE];
$ldap_fax = $attribute[$conf->global->LDAP_FIELD_FAX];
$ldap_mobile = $attribute[$conf->global->LDAP_FIELD_MOBILE];
$ldap_skype = $attribute[$conf->global->LDAP_FIELD_SKYPE];
$ldap_mail = $attribute[$conf->global->LDAP_FIELD_MAIL];
$ldap_sid = $attribute[$conf->global->LDAP_FIELD_SID];
if (is_array($ldapusers)) {
foreach ($ldapusers as $key => $attribute) {
$ldap_lastname = $attribute[$conf->global->LDAP_FIELD_NAME];
$ldap_firstname = $attribute[$conf->global->LDAP_FIELD_FIRSTNAME];
$ldap_login = $attribute[$conf->global->LDAP_FIELD_LOGIN];
$ldap_loginsmb = $attribute[$conf->global->LDAP_FIELD_LOGIN_SAMBA];
$ldap_pass = $attribute[$conf->global->LDAP_FIELD_PASSWORD];
$ldap_pass_crypted = $attribute[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED];
$ldap_phone = $attribute[$conf->global->LDAP_FIELD_PHONE];
$ldap_fax = $attribute[$conf->global->LDAP_FIELD_FAX];
$ldap_mobile = $attribute[$conf->global->LDAP_FIELD_MOBILE];
$ldap_skype = $attribute[$conf->global->LDAP_FIELD_SKYPE];
$ldap_mail = $attribute[$conf->global->LDAP_FIELD_MAIL];
$ldap_sid = $attribute[$conf->global->LDAP_FIELD_SID];
}
}
} else {
setEventMessage($ldap->error, 'errors');
}
}
else
{
setEventMessage($ldap->error, 'errors');
}
}
/*
* View
*/

30
htdocs/user/clicktodial.php
View File

@ -41,27 +41,35 @@ if ($user->id == $id) // A user can always read its own card
}
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/*
* Actions
*/
if ($action == 'update' && ! GETPOST('cancel'))
{
$edituser = new User($db);
$edituser->fetch($id);
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
$edituser->clicktodial_url = GETPOST("url");
$edituser->clicktodial_login = GETPOST("login");
$edituser->clicktodial_password = GETPOST("password");
$edituser->clicktodial_poste = GETPOST("poste");
if (empty($reshook)) {
if ($action == 'update' && !GETPOST('cancel')) {
$edituser = new User($db);
$edituser->fetch($id);
$result=$edituser->update_clicktodial();
if ($result < 0) setEventMessage($edituser->error,'errors');
$edituser->clicktodial_url = GETPOST("url");
$edituser->clicktodial_login = GETPOST("login");
$edituser->clicktodial_password = GETPOST("password");
$edituser->clicktodial_poste = GETPOST("poste");
$result = $edituser->update_clicktodial();
if ($result < 0) {
setEventMessage($edituser->error, 'errors');
}
}
}
/*
* View
*/

10
htdocs/user/document.php
View File

@ -93,12 +93,20 @@ if ($id > 0 || ! empty($ref))
$upload_dir = $conf->user->multidir_output[$entitytouseforuserdir] . "/" . $object->id ;
}
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/*
* Actions
*/
include_once DOL_DOCUMENT_ROOT . '/core/tpl/document_actions_pre_headers.tpl.php';
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if (empty($reshook)) {
include_once DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_pre_headers.tpl.php';
}
/*
* View

42
htdocs/user/ldap.php
View File

@ -45,37 +45,41 @@ $object = new User($db);
$object->fetch($id);
$object->getrights();
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/*
* Actions
*/
if ($_GET["action"] == 'dolibarr2ldap')
{
$db->begin();
$ldap=new Ldap();
$result=$ldap->connect_bind();
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
$olddn=$dn; // We can say that old dn = dn as we force synchro
if (empty($reshook)) {
if ($_GET["action"] == 'dolibarr2ldap') {
$db->begin();
$result=$ldap->update($dn,$info,$user,$olddn);
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result >= 0)
{
setEventMessage($langs->trans("UserSynchronized"));
$db->commit();
}
else
{
setEventMessage($ldap->error, 'errors');
$db->rollback();
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$olddn = $dn; // We can say that old dn = dn as we force synchro
$result = $ldap->update($dn, $info, $user, $olddn);
if ($result >= 0) {
setEventMessage($langs->trans("UserSynchronized"));
$db->commit();
} else {
setEventMessage($ldap->error, 'errors');
$db->rollback();
}
}
}
/*
* View
*/

30
htdocs/user/note.php
View File

@ -48,30 +48,32 @@ $feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
if ($user->id == $id) $feature2=''; // A user can always read its own card
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/******************************************************************************/
/* Actions */
/******************************************************************************/
if ($action == 'update' && $user->rights->user->user->creer && ! $_POST["cancel"])
{
$db->begin();
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
$res=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
if ($res < 0)
{
$mesg='<div class="error">'.$adh->error.'</div>';
$db->rollback();
}
else
{
$db->commit();
if (empty($reshook)) {
if ($action == 'update' && $user->rights->user->user->creer && !$_POST["cancel"]) {
$db->begin();
$res = $object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
if ($res < 0) {
$mesg = '<div class="error">'.$adh->error.'</div>';
$db->rollback();
} else {
$db->commit();
}
}
}
/******************************************************************************/
/* Affichage fiche */
/******************************************************************************/

43
htdocs/user/param_ihm.php
View File

@ -74,24 +74,32 @@ $searchformtitle=array($langs->trans("Companies"),$langs->trans("Contacts"),$lan
$form = new Form($db);
$formadmin=new FormAdmin($db);
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/*
* Actions
*/
if ($action == 'update' && ($caneditfield || ! empty($user->admin)))
{
if (! $_POST["cancel"])
{
$tabparam=array();
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($_POST["check_MAIN_LANG_DEFAULT"]=="on") $tabparam["MAIN_LANG_DEFAULT"]=$_POST["main_lang_default"];
else $tabparam["MAIN_LANG_DEFAULT"]='';
if (empty($reshook)) {
if ($action == 'update' && ($caneditfield || !empty($user->admin))) {
if (!$_POST["cancel"]) {
$tabparam = array();
if ($_POST["check_SIZE_LISTE_LIMIT"]=="on") $tabparam["MAIN_SIZE_LISTE_LIMIT"]=$_POST["main_size_liste_limit"];
else $tabparam["MAIN_SIZE_LISTE_LIMIT"]='';
if ($_POST["check_MAIN_LANG_DEFAULT"] == "on") {
$tabparam["MAIN_LANG_DEFAULT"] = $_POST["main_lang_default"];
} else {
$tabparam["MAIN_LANG_DEFAULT"] = '';
}
if ($_POST["check_MAIN_THEME"]=="on") $tabparam["MAIN_THEME"]=$_POST["main_theme"];
else $tabparam["MAIN_THEME"]='';
if ($_POST["check_SIZE_LISTE_LIMIT"] == "on") {
$tabparam["MAIN_SIZE_LISTE_LIMIT"] = $_POST["main_size_liste_limit"];
} else {
$tabparam["MAIN_SIZE_LISTE_LIMIT"] = '';
}
$val=(join(',',(colorStringToArray(GETPOST('THEME_ELDY_TOPMENU_BACK1'),array()))));
if ($val == '') $tabparam['THEME_ELDY_TOPMENU_BACK1']='';
@ -108,15 +116,18 @@ if ($action == 'update' && ($caneditfield || ! empty($user->admin)))
$tabparam["MAIN_SEARCHFORM_SOCIETE"]=$_POST["main_searchform_societe"];
$tabparam["MAIN_SEARCHFORM_PRODUITSERVICE"]=$_POST["main_searchform_produitservice"];
$result=dol_set_user_param($db, $conf, $object, $tabparam);
$tabparam["MAIN_SEARCHFORM_CONTACT"] = $_POST["main_searchform_contact"];
$tabparam["MAIN_SEARCHFORM_SOCIETE"] = $_POST["main_searchform_societe"];
$tabparam["MAIN_SEARCHFORM_PRODUITSERVICE"] = $_POST["main_searchform_produitservice"];
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$id);
exit;
$result = dol_set_user_param($db, $conf, $object, $tabparam);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$id);
exit;
}
}
}
/*
* View
*/

69
htdocs/user/perms.php
View File

@ -67,44 +67,51 @@ if ($user->id == $id && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user-
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
if ($user->id <> $id && ! $canreaduser) accessforbidden();
$object = new User($db);
$object->fetch($id);
$object->getrights();
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('usercard','globalcard'));
/**
* Actions
*/
if ($action == 'addrights' && $caneditperms)
{
$edituser = new User($db);
$edituser->fetch($id);
//$edituser->addrights($rights, $module, '', $entity); // TODO unused for the moment
$edituser->addrights($rights, $module);
$parameters=array('id'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
// Si on a touche a ses propres droits, on recharge
if ($id == $user->id)
{
$user->clearrights();
$user->getrights();
$menumanager->loadMenu();
if (empty($reshook)) {
if ($action == 'addrights' && $caneditperms) {
$edituser = new User($db);
$edituser->fetch($id);
//$edituser->addrights($rights, $module, '', $entity); // TODO unused for the moment
$edituser->addrights($rights, $module);
// Si on a touche a ses propres droits, on recharge
if ($id == $user->id) {
$user->clearrights();
$user->getrights();
$menumanager->loadMenu();
}
}
if ($action == 'delrights' && $caneditperms) {
$edituser = new User($db);
$edituser->fetch($id);
//$edituser->delrights($rights, $module, '', $entity); // TODO unused for the moment
$edituser->delrights($rights, $module);
// Si on a touche a ses propres droits, on recharge
if ($id == $user->id) {
$user->clearrights();
$user->getrights();
$menumanager->loadMenu();
}
}
}
if ($action == 'delrights' && $caneditperms)
{
$edituser = new User($db);
$edituser->fetch($id);
//$edituser->delrights($rights, $module, '', $entity); // TODO unused for the moment
$edituser->delrights($rights, $module);
// Si on a touche a ses propres droits, on recharge
if ($id == $user->id)
{
$user->clearrights();
$user->getrights();
$menumanager->loadMenu();
}
}
/**
* View
@ -114,10 +121,6 @@ llxHeader('',$langs->trans("Permissions"));
$form=new Form($db);
$object = new User($db);
$object->fetch($id);
$object->getrights();
$head = user_prepare_head($object);
$title = $langs->trans("User");