From 3fd626705f1ee1419e35a1518e9985d55ddd56c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Wed, 16 Sep 2015 09:37:49 +0200 Subject: [PATCH 1/2] NEW Added doActions hooks to user cards Close #3394 --- htdocs/user/agenda_extsites.php | 98 ++-- htdocs/user/card.php | 862 +++++++++++++++----------------- htdocs/user/clicktodial.php | 30 +- htdocs/user/document.php | 10 +- htdocs/user/ldap.php | 42 +- htdocs/user/note.php | 30 +- htdocs/user/param_ihm.php | 51 +- htdocs/user/perms.php | 69 +-- 8 files changed, 590 insertions(+), 602 deletions(-) diff --git a/htdocs/user/agenda_extsites.php b/htdocs/user/agenda_extsites.php index cd38d7a2965..9325e00ed02 100644 --- a/htdocs/user/agenda_extsites.php +++ b/htdocs/user/agenda_extsites.php @@ -66,62 +66,70 @@ $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); if (($fuser->id != $user->id) && (! $user->rights->user->user->lire)) accessforbidden(); - +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /* * Actions */ -if ($actionsave) -{ - $db->begin(); - $i=1; $errorsaved=0; - $error=0; - $tabparam=array(); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - // Save agendas - while ($i <= $MAXAGENDA) - { - $name=trim(GETPOST('AGENDA_EXT_NAME_'.$id.'_'.$i,'alpha')); - $src=trim(GETPOST('AGENDA_EXT_SRC_'.$id.'_'.$i,'alpha')); - $offsettz=trim(GETPOST('AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i,'alpha')); - $color=trim(GETPOST('AGENDA_EXT_COLOR_'.$id.'_'.$i,'alpha')); - if ($color=='-1') $color=''; - $enabled=trim(GETPOST('AGENDA_EXT_ENABLED_'.$id.'_'.$i,'alpha')); +if (empty($reshook)) { + if ($actionsave) { + $db->begin(); - if (! empty($src) && ! dol_is_url($src)) - { - setEventMessage($langs->trans("ErrorParamMustBeAnUrl"),'errors'); - $error++; - $errorsaved++; - break; + $i = 1; + $errorsaved = 0; + $error = 0; + $tabparam = array(); + + // Save agendas + while ($i <= $MAXAGENDA) { + $name = trim(GETPOST('AGENDA_EXT_NAME_'.$id.'_'.$i, 'alpha')); + $src = trim(GETPOST('AGENDA_EXT_SRC_'.$id.'_'.$i, 'alpha')); + $offsettz = trim(GETPOST('AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i, 'alpha')); + $color = trim(GETPOST('AGENDA_EXT_COLOR_'.$id.'_'.$i, 'alpha')); + if ($color == '-1') { + $color = ''; + } + $enabled = trim(GETPOST('AGENDA_EXT_ENABLED_'.$id.'_'.$i, 'alpha')); + + if (!empty($src) && !dol_is_url($src)) { + setEventMessage($langs->trans("ErrorParamMustBeAnUrl"), 'errors'); + $error ++; + $errorsaved ++; + break; + } + + $tabparam['AGENDA_EXT_NAME_'.$id.'_'.$i] = $name; + $tabparam['AGENDA_EXT_SRC_'.$id.'_'.$i] = $src; + $tabparam['AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i] = $offsettz; + $tabparam['AGENDA_EXT_COLOR_'.$id.'_'.$i] = $color; + $tabparam['AGENDA_EXT_ENABLED_'.$id.'_'.$i] = $enabled; + + $i ++; } - $tabparam['AGENDA_EXT_NAME_'.$id.'_'.$i]=$name; - $tabparam['AGENDA_EXT_SRC_'.$id.'_'.$i]=$src; - $tabparam['AGENDA_EXT_OFFSETTZ_'.$id.'_'.$i]=$offsettz; - $tabparam['AGENDA_EXT_COLOR_'.$id.'_'.$i]=$color; - $tabparam['AGENDA_EXT_ENABLED_'.$id.'_'.$i]=$enabled; + if (!$error) { + $result = dol_set_user_param($db, $conf, $fuser, $tabparam); + if (!$result > 0) { + $error ++; + } + } - $i++; + if (!$error) { + $db->commit(); + setEventMessage($langs->trans("SetupSaved")); + } else { + $db->rollback(); + if (empty($errorsaved)) { + setEventMessage($langs->trans("Error"), 'errors'); + } + } } - - if (! $error) - { - $result=dol_set_user_param($db, $conf, $fuser, $tabparam); - if (! $result > 0) $error++; - } - - if (! $error) - { - $db->commit(); - setEventMessage($langs->trans("SetupSaved")); - } - else - { - $db->rollback(); - if (empty($errorsaved)) setEventMessage($langs->trans("Error"),'errors'); - } } /* diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 554fdc4b190..73f2136ccb1 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -101,515 +101,457 @@ $hookmanager->initHooks(array('usercard','globalcard')); * Actions */ -if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser) -{ - if ($id <> $user->id) - { - $object->fetch($id); - $object->setstatus(0); - header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); - exit; - } -} -if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser) -{ - $error = 0; +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - if ($id <> $user->id) - { - $object->fetch($id); +if (empty($reshook)) { - if (!empty($conf->file->main_limit_users)) - { - $nb = $object->getNbOfUsers("active"); - if ($nb >= $conf->file->main_limit_users) - { - $error++; - setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors'); - } - } - - if (! $error) - { - $object->setstatus(1); + if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser) { + if ($id <> $user->id) { + $object->fetch($id); + $object->setstatus(0); header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); exit; } } -} + if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser) { + $error = 0; -if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser) -{ - if ($id <> $user->id) - { - $object = new User($db); - $object->id=$id; - $result = $object->delete(); - if ($result < 0) - { - $langs->load("errors"); - setEventMessage($langs->trans("ErrorUserCannotBeDelete"), 'errors'); - } - else - { - header("Location: index.php"); - exit; - } - } -} - -// Action Add user -if ($action == 'add' && $canadduser) -{ - $error = 0; - - if (! $_POST["lastname"]) - { - $error++; - setEventMessage($langs->trans("NameNotDefined"), 'errors'); - $action="create"; // Go back to create page - } - if (! $_POST["login"]) - { - $error++; - setEventMessage($langs->trans("LoginNotDefined"), 'errors'); - $action="create"; // Go back to create page - } - - if (! empty($conf->file->main_limit_users)) // If option to limit users is set - { - $nb = $object->getNbOfUsers("active"); - if ($nb >= $conf->file->main_limit_users) - { - $error++; - setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors'); - $action="create"; // Go back to create page - } - } - - if (!$error) - { - $object->lastname = GETPOST("lastname",'alpha'); - $object->firstname = GETPOST("firstname",'alpha'); - $object->login = GETPOST("login",'alpha'); - $object->api_key = GETPOST("api_key",'alpha'); - $object->gender = GETPOST("gender",'alpha'); - $object->admin = GETPOST("admin",'alpha'); - $object->office_phone = GETPOST("office_phone",'alpha'); - $object->office_fax = GETPOST("office_fax",'alpha'); - $object->user_mobile = GETPOST("user_mobile"); - $object->skype = GETPOST("skype"); - $object->email = GETPOST("email",'alpha'); - $object->job = GETPOST("job",'alpha'); - $object->signature = GETPOST("signature"); - $object->accountancy_code = GETPOST("accountancy_code"); - $object->note = GETPOST("note"); - $object->ldap_sid = GETPOST("ldap_sid"); - $object->fk_user = GETPOST("fk_user")>0?GETPOST("fk_user"):0; - - $object->thm = GETPOST("thm")!=''?GETPOST("thm"):''; - $object->tjm = GETPOST("tjm")!=''?GETPOST("tjm"):''; - $object->salary = GETPOST("salary")!=''?GETPOST("salary"):''; - $object->salaryextra = GETPOST("salaryextra")!=''?GETPOST("salaryextra"):''; - $object->weeklyhours = GETPOST("weeklyhours")!=''?GETPOST("weeklyhours"):''; - - $object->color = GETPOST("color")!=''?GETPOST("color"):''; - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost($extralabels,$object); - if ($ret < 0) $error++; - - // Set entity property - $entity=GETPOST('entity','int'); - if (! empty($conf->multicompany->enabled)) - { - if (! empty($_POST["superadmin"])) - { - $object->entity = 0; - } - else if ($conf->multicompany->transverse_mode) - { - $object->entity = 1; // all users are forced into master entity - } - else - { - $object->entity = ($entity == '' ? 1 : $entity); - } - } - else - { - $object->entity = ($entity == '' ? 1 : $entity); - /*if ($user->admin && $user->entity == 0 && GETPOST("admin",'alpha')) - { - }*/ - } - - $db->begin(); - - $id = $object->create($user); - if ($id > 0) - { - if (isset($_POST['password']) && trim($_POST['password'])) - { - $object->setPassword($user,trim($_POST['password'])); - } - - $db->commit(); - - header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); - exit; - } - else - { - $langs->load("errors"); - $db->rollback(); - if (is_array($object->errors) && count($object->errors)) setEventMessage($object->errors,'errors'); - else setEventMessage($object->error, 'errors'); - $action="create"; // Go back to create page - } - - } -} - -// Action add usergroup -if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield) -{ - if ($group) - { - $editgroup = new UserGroup($db); - $editgroup->fetch($group); - $editgroup->oldcopy=dol_clone($editgroup); - - $object->fetch($id); - if ($action == 'addgroup') $object->SetInGroup($group,($conf->multicompany->transverse_mode?GETPOST("entity"):$editgroup->entity)); - if ($action == 'removegroup') $object->RemoveFromGroup($group,($conf->multicompany->transverse_mode?GETPOST("entity"):$editgroup->entity)); - - if ($result > 0) - { - header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); - exit; - } - else - { - setEventMessage($object->error, 'errors'); - } - } -} - -if ($action == 'update' && ! $_POST["cancel"]) -{ - require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - - if ($caneditfield) // Case we can edit all field - { - $error=0; - - if (! $_POST["lastname"]) - { - setEventMessage($langs->trans("NameNotDefined"), 'errors'); - $action="edit"; // Go back to create page - $error++; - } - if (! $_POST["login"]) - { - setEventMessage($langs->trans("LoginNotDefined"), 'errors'); - $action="edit"; // Go back to create page - $error++; - } - - if (! $error) - { + if ($id <> $user->id) { $object->fetch($id); - // Test if new login - if (GETPOST("login") && GETPOST("login") != $object->login) - { - dol_syslog("New login ".$object->login." is requested. We test it does not exists."); - $tmpuser=new User($db); - $result=$tmpuser->fetch(0, GETPOST("login")); - if ($result > 0) - { - setEventMessage($langs->trans("ErrorLoginAlreadyExists", GETPOST('login')), 'errors'); - $action="edit"; // Go back to create page - $error++; - } + if (!empty($conf->file->main_limit_users)) { + $nb = $object->getNbOfUsers("active"); + if ($nb >= $conf->file->main_limit_users) { + $error ++; + setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors'); + } } - } - if (! $error) - { - $db->begin(); + if (!$error) { + $object->setstatus(1); + header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); + exit; + } + } + } - $object->oldcopy=dol_clone($object); + if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser) { + if ($id <> $user->id) { + $object = new User($db); + $object->id = $id; + $result = $object->delete(); + if ($result < 0) { + $langs->load("errors"); + setEventMessage($langs->trans("ErrorUserCannotBeDelete"), 'errors'); + } else { + header("Location: index.php"); + exit; + } + } + } - $object->lastname = GETPOST("lastname",'alpha'); - $object->firstname = GETPOST("firstname",'alpha'); - $object->login = GETPOST("login",'alpha'); - $object->gender = GETPOST("gender",'alpha'); - $object->pass = GETPOST("password"); - $object->api_key = (GETPOST("api_key", 'alpha'))?GETPOST("api_key", 'alpha'):$object->api_key; - $object->admin = empty($user->admin)?0:GETPOST("admin"); // A user can only be set admin by an admin - $object->office_phone=GETPOST("office_phone",'alpha'); - $object->office_fax = GETPOST("office_fax",'alpha'); - $object->user_mobile= GETPOST("user_mobile"); - $object->skype = GETPOST("skype"); - $object->email = GETPOST("email",'alpha'); - $object->job = GETPOST("job",'alpha'); - $object->signature = GETPOST("signature"); - $object->accountancy_code = GETPOST("accountancy_code"); - $object->openid = GETPOST("openid"); - $object->fk_user = GETPOST("fk_user")>0?GETPOST("fk_user"):0; +// Action Add user + if ($action == 'add' && $canadduser) { + $error = 0; - $object->thm = GETPOST("thm")!=''?GETPOST("thm"):''; - $object->tjm = GETPOST("tjm")!=''?GETPOST("tjm"):''; - $object->salary = GETPOST("salary")!=''?GETPOST("salary"):''; - $object->salaryextra = GETPOST("salaryextra")!=''?GETPOST("salaryextra"):''; - $object->weeklyhours = GETPOST("weeklyhours")!=''?GETPOST("weeklyhours"):''; + if (!$_POST["lastname"]) { + $error ++; + setEventMessage($langs->trans("NameNotDefined"), 'errors'); + $action = "create"; // Go back to create page + } + if (!$_POST["login"]) { + $error ++; + setEventMessage($langs->trans("LoginNotDefined"), 'errors'); + $action = "create"; // Go back to create page + } - $object->color = GETPOST("color")!=''?GETPOST("color"):''; + if (!empty($conf->file->main_limit_users)) // If option to limit users is set + { + $nb = $object->getNbOfUsers("active"); + if ($nb >= $conf->file->main_limit_users) { + $error ++; + setEventMessage($langs->trans("YourQuotaOfUsersIsReached"), 'errors'); + $action = "create"; // Go back to create page + } + } + + if (!$error) { + $object->lastname = GETPOST("lastname", 'alpha'); + $object->firstname = GETPOST("firstname", 'alpha'); + $object->login = GETPOST("login", 'alpha'); + $object->api_key = GETPOST("api_key", 'alpha'); + $object->gender = GETPOST("gender", 'alpha'); + $object->admin = GETPOST("admin", 'alpha'); + $object->office_phone = GETPOST("office_phone", 'alpha'); + $object->office_fax = GETPOST("office_fax", 'alpha'); + $object->user_mobile = GETPOST("user_mobile"); + $object->skype = GETPOST("skype"); + $object->email = GETPOST("email", 'alpha'); + $object->job = GETPOST("job", 'alpha'); + $object->signature = GETPOST("signature"); + $object->accountancy_code = GETPOST("accountancy_code"); + $object->note = GETPOST("note"); + $object->ldap_sid = GETPOST("ldap_sid"); + $object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0; + + $object->thm = GETPOST("thm") != '' ? GETPOST("thm") : ''; + $object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : ''; + $object->salary = GETPOST("salary") != '' ? GETPOST("salary") : ''; + $object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : ''; + $object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : ''; + + $object->color = GETPOST("color") != '' ? GETPOST("color") : ''; // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost($extralabels,$object); - if ($ret < 0) $error++; - - if (! empty($conf->multicompany->enabled)) - { - if (! empty($_POST["superadmin"])) - { - $object->entity = 0; - } - else if ($conf->multicompany->transverse_mode) - { - $object->entity = 1; // all users in master entity - } - else - { - $object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); - } - } - else - { - $object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); + $ret = $extrafields->setOptionalsFromPost($extralabels, $object); + if ($ret < 0) { + $error ++; } - if (GETPOST('deletephoto')) $object->photo=''; - if (! empty($_FILES['photo']['name'])) $object->photo = dol_sanitizeFileName($_FILES['photo']['name']); - - if (! $error) - { - $ret=$object->update($user); - if ($ret < 0) - { - $error++; - if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') - { - $langs->load("errors"); - setEventMessage($langs->trans("ErrorLoginAlreadyExists",$object->login), 'errors'); - } - else - { - setEventMessages($object->error, $object->errors, 'errors'); - } - } - } - - if (! $error && isset($_POST['contactid'])) - { - $contactid=GETPOST('contactid'); - - if ($contactid > 0) - { - $contact=new Contact($db); - $contact->fetch($contactid); - - $sql = "UPDATE ".MAIN_DB_PREFIX."user"; - $sql.= " SET fk_socpeople=".$db->escape($contactid); - if ($contact->socid) $sql.=", fk_soc=".$db->escape($contact->socid); - $sql.= " WHERE rowid=".$object->id; - } - else - { - $sql = "UPDATE ".MAIN_DB_PREFIX."user"; - $sql.= " SET fk_socpeople=NULL, fk_soc=NULL"; - $sql.= " WHERE rowid=".$object->id; - } - dol_syslog("fiche::update", LOG_DEBUG); - $resql=$db->query($sql); - if (! $resql) - { - $error++; - setEventMessage($db->lasterror(), 'errors'); - } - } - - if (! $error && ! count($object->errors)) - { - if (GETPOST('deletephoto') && $object->photo) - { - $fileimg=$conf->user->dir_output.'/'.get_exdir($object->id,2,0,1,$object,'user').'/logos/'.$object->photo; - $dirthumbs=$conf->user->dir_output.'/'.get_exdir($object->id,2,0,1,$object,'user').'/logos/thumbs'; - dol_delete_file($fileimg); - dol_delete_dir_recursive($dirthumbs); - } - - if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) - { - $dir= $conf->user->dir_output . '/' . get_exdir($object->id,2,0,1,$object,'user'); - - dol_mkdir($dir); - - if (@is_dir($dir)) - { - $newfile=$dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']); - $result=dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1,0,$_FILES['photo']['error']); - - if (! $result > 0) - { - setEventMessage($langs->trans("ErrorFailedToSaveFile"), 'errors'); - } - else - { - // Create small thumbs for company (Ratio is near 16/9) - // Used on logon for example - $imgThumbSmall = vignette($newfile, $maxwidthsmall, $maxheightsmall, '_small', $quality); - - // Create mini thumbs for company (Ratio is near 16/9) - // Used on menu or for setup page for example - $imgThumbMini = vignette($newfile, $maxwidthmini, $maxheightmini, '_mini', $quality); - } - } - else - { - $error++; - $langs->load("errors"); - setEventMessages($langs->trans("ErrorFailedToCreateDir", $dir), $mesgs, 'errors'); + // Set entity property + $entity = GETPOST('entity', 'int'); + if (!empty($conf->multicompany->enabled)) { + if (!empty($_POST["superadmin"])) { + $object->entity = 0; + } else { + if ($conf->multicompany->transverse_mode) { + $object->entity = 1; // all users are forced into master entity + } else { + $object->entity = ($entity == '' ? 1 : $entity); } } + } else { + $object->entity = ($entity == '' ? 1 : $entity); + /*if ($user->admin && $user->entity == 0 && GETPOST("admin",'alpha')) + { + }*/ } - if (! $error && ! count($object->errors)) - { - setEventMessage($langs->trans("UserModified")); + $db->begin(); + + $id = $object->create($user); + if ($id > 0) { + if (isset($_POST['password']) && trim($_POST['password'])) { + $object->setPassword($user, trim($_POST['password'])); + } + $db->commit(); - $login=$_SESSION["dol_login"]; - if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login - { - $_SESSION["dol_login"]=$object->login; // Set new login to avoid disconnect at next page + header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); + exit; + } else { + $langs->load("errors"); + $db->rollback(); + if (is_array($object->errors) && count($object->errors)) { + setEventMessage($object->errors, 'errors'); + } else { + setEventMessage($object->error, 'errors'); + } + $action = "create"; // Go back to create page + } + + } + } + +// Action add usergroup + if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield) { + if ($group) { + $editgroup = new UserGroup($db); + $editgroup->fetch($group); + $editgroup->oldcopy = dol_clone($editgroup); + + $object->fetch($id); + if ($action == 'addgroup') { + $object->SetInGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity)); + } + if ($action == 'removegroup') { + $object->RemoveFromGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity)); + } + + if ($result > 0) { + header("Location: ".$_SERVER['PHP_SELF'].'?id='.$id); + exit; + } else { + setEventMessage($object->error, 'errors'); + } + } + } + + if ($action == 'update' && !$_POST["cancel"]) { + require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; + + if ($caneditfield) // Case we can edit all field + { + $error = 0; + + if (!$_POST["lastname"]) { + setEventMessage($langs->trans("NameNotDefined"), 'errors'); + $action = "edit"; // Go back to create page + $error ++; + } + if (!$_POST["login"]) { + setEventMessage($langs->trans("LoginNotDefined"), 'errors'); + $action = "edit"; // Go back to create page + $error ++; + } + + if (!$error) { + $object->fetch($id); + + // Test if new login + if (GETPOST("login") && GETPOST("login") != $object->login) { + dol_syslog("New login ".$object->login." is requested. We test it does not exists."); + $tmpuser = new User($db); + $result = $tmpuser->fetch(0, GETPOST("login")); + if ($result > 0) { + setEventMessage($langs->trans("ErrorLoginAlreadyExists", GETPOST('login')), 'errors'); + $action = "edit"; // Go back to create page + $error ++; + } } } - else + + if (!$error) { + $db->begin(); + + $object->oldcopy = dol_clone($object); + + $object->lastname = GETPOST("lastname", 'alpha'); + $object->firstname = GETPOST("firstname", 'alpha'); + $object->login = GETPOST("login", 'alpha'); + $object->gender = GETPOST("gender", 'alpha'); + $object->pass = GETPOST("password"); + $object->api_key = (GETPOST("api_key", 'alpha')) ? GETPOST("api_key", 'alpha') : $object->api_key; + $object->admin = empty($user->admin) ? 0 : GETPOST("admin"); // A user can only be set admin by an admin + $object->office_phone = GETPOST("office_phone", 'alpha'); + $object->office_fax = GETPOST("office_fax", 'alpha'); + $object->user_mobile = GETPOST("user_mobile"); + $object->skype = GETPOST("skype"); + $object->email = GETPOST("email", 'alpha'); + $object->job = GETPOST("job", 'alpha'); + $object->signature = GETPOST("signature"); + $object->accountancy_code = GETPOST("accountancy_code"); + $object->openid = GETPOST("openid"); + $object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0; + + $object->thm = GETPOST("thm") != '' ? GETPOST("thm") : ''; + $object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : ''; + $object->salary = GETPOST("salary") != '' ? GETPOST("salary") : ''; + $object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : ''; + $object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : ''; + + $object->color = GETPOST("color") != '' ? GETPOST("color") : ''; + + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost($extralabels, $object); + if ($ret < 0) { + $error ++; + } + + if (!empty($conf->multicompany->enabled)) { + if (!empty($_POST["superadmin"])) { + $object->entity = 0; + } else { + if ($conf->multicompany->transverse_mode) { + $object->entity = 1; // all users in master entity + } else { + $object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); + } + } + } else { + $object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); + } + + if (GETPOST('deletephoto')) { + $object->photo = ''; + } + if (!empty($_FILES['photo']['name'])) { + $object->photo = dol_sanitizeFileName($_FILES['photo']['name']); + } + + if (!$error) { + $ret = $object->update($user); + if ($ret < 0) { + $error ++; + if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') { + $langs->load("errors"); + setEventMessage($langs->trans("ErrorLoginAlreadyExists", $object->login), 'errors'); + } else { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + } + + if (!$error && isset($_POST['contactid'])) { + $contactid = GETPOST('contactid'); + + if ($contactid > 0) { + $contact = new Contact($db); + $contact->fetch($contactid); + + $sql = "UPDATE ".MAIN_DB_PREFIX."user"; + $sql .= " SET fk_socpeople=".$db->escape($contactid); + if ($contact->socid) { + $sql .= ", fk_soc=".$db->escape($contact->socid); + } + $sql .= " WHERE rowid=".$object->id; + } else { + $sql = "UPDATE ".MAIN_DB_PREFIX."user"; + $sql .= " SET fk_socpeople=NULL, fk_soc=NULL"; + $sql .= " WHERE rowid=".$object->id; + } + dol_syslog("fiche::update", LOG_DEBUG); + $resql = $db->query($sql); + if (!$resql) { + $error ++; + setEventMessage($db->lasterror(), 'errors'); + } + } + + if (!$error && !count($object->errors)) { + if (GETPOST('deletephoto') && $object->photo) { + $fileimg = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/'.$object->photo; + $dirthumbs = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/thumbs'; + dol_delete_file($fileimg); + dol_delete_dir_recursive($dirthumbs); + } + + if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) { + $dir = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user'); + + dol_mkdir($dir); + + if (@is_dir($dir)) { + $newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']); + $result = dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']); + + if (!$result > 0) { + setEventMessage($langs->trans("ErrorFailedToSaveFile"), 'errors'); + } else { + // Create small thumbs for company (Ratio is near 16/9) + // Used on logon for example + $imgThumbSmall = vignette($newfile, $maxwidthsmall, $maxheightsmall, '_small', $quality); + + // Create mini thumbs for company (Ratio is near 16/9) + // Used on menu or for setup page for example + $imgThumbMini = vignette($newfile, $maxwidthmini, $maxheightmini, '_mini', $quality); + } + } else { + $error ++; + $langs->load("errors"); + setEventMessages($langs->trans("ErrorFailedToCreateDir", $dir), $mesgs, 'errors'); + } + } + } + + if (!$error && !count($object->errors)) { + setEventMessage($langs->trans("UserModified")); + $db->commit(); + + $login = $_SESSION["dol_login"]; + if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login + { + $_SESSION["dol_login"] = $object->login; // Set new login to avoid disconnect at next page + } + } else { + $db->rollback(); + } + } + } else { + if ($caneditpassword) // Case we can edit only password { - $db->rollback(); + $object->fetch($id); + + $object->oldcopy = dol_clone($object); + + $ret = $object->setPassword($user, $_POST["password"]); + if ($ret < 0) { + setEventMessage($object->error, 'errors'); + } } } } - else if ($caneditpassword) // Case we can edit only password - { - $object->fetch($id); - - $object->oldcopy=dol_clone($object); - - $ret=$object->setPassword($user,$_POST["password"]); - if ($ret < 0) - { - setEventMessage($object->error, 'errors'); - } - } -} // Change password with a new generated one -if ((($action == 'confirm_password' && $confirm == 'yes') -|| ($action == 'confirm_passwordsend' && $confirm == 'yes')) && $caneditpassword) -{ - $object->fetch($id); + if ((($action == 'confirm_password' && $confirm == 'yes') + || ($action == 'confirm_passwordsend' && $confirm == 'yes')) && $caneditpassword + ) { + $object->fetch($id); - $newpassword=$object->setPassword($user,''); - if ($newpassword < 0) - { - // Echec - setEventMessage($langs->trans("ErrorFailedToSetNewPassword"), 'errors'); - } - else - { - // Succes - if ($action == 'confirm_passwordsend' && $confirm == 'yes') - { - if ($object->send_password($user,$newpassword) > 0) - { - setEventMessage($langs->trans("PasswordChangedAndSentTo",$object->email)); - } - else - { - setEventMessage($object->error, 'errors'); + $newpassword = $object->setPassword($user, ''); + if ($newpassword < 0) { + // Echec + setEventMessage($langs->trans("ErrorFailedToSetNewPassword"), 'errors'); + } else { + // Succes + if ($action == 'confirm_passwordsend' && $confirm == 'yes') { + if ($object->send_password($user, $newpassword) > 0) { + setEventMessage($langs->trans("PasswordChangedAndSentTo", $object->email)); + } else { + setEventMessage($object->error, 'errors'); + } + } else { + setEventMessage($langs->trans("PasswordChangedTo", $newpassword), 'errors'); } } - else - { - setEventMessage($langs->trans("PasswordChangedTo",$newpassword), 'errors'); - } } -} // Action initialisation donnees depuis record LDAP -if ($action == 'adduserldap') -{ - $selecteduser = $_POST['users']; + if ($action == 'adduserldap') { + $selecteduser = $_POST['users']; - $required_fields = array( - $conf->global->LDAP_KEY_USERS, - $conf->global->LDAP_FIELD_NAME, - $conf->global->LDAP_FIELD_FIRSTNAME, - $conf->global->LDAP_FIELD_LOGIN, - $conf->global->LDAP_FIELD_LOGIN_SAMBA, - $conf->global->LDAP_FIELD_PASSWORD, - $conf->global->LDAP_FIELD_PASSWORD_CRYPTED, - $conf->global->LDAP_FIELD_PHONE, - $conf->global->LDAP_FIELD_FAX, - $conf->global->LDAP_FIELD_MOBILE, - $conf->global->LDAP_FIELD_SKYPE, - $conf->global->LDAP_FIELD_MAIL, - $conf->global->LDAP_FIELD_TITLE, - $conf->global->LDAP_FIELD_DESCRIPTION, - $conf->global->LDAP_FIELD_SID); + $required_fields = array( + $conf->global->LDAP_KEY_USERS, + $conf->global->LDAP_FIELD_NAME, + $conf->global->LDAP_FIELD_FIRSTNAME, + $conf->global->LDAP_FIELD_LOGIN, + $conf->global->LDAP_FIELD_LOGIN_SAMBA, + $conf->global->LDAP_FIELD_PASSWORD, + $conf->global->LDAP_FIELD_PASSWORD_CRYPTED, + $conf->global->LDAP_FIELD_PHONE, + $conf->global->LDAP_FIELD_FAX, + $conf->global->LDAP_FIELD_MOBILE, + $conf->global->LDAP_FIELD_SKYPE, + $conf->global->LDAP_FIELD_MAIL, + $conf->global->LDAP_FIELD_TITLE, + $conf->global->LDAP_FIELD_DESCRIPTION, + $conf->global->LDAP_FIELD_SID + ); - $ldap = new Ldap(); - $result = $ldap->connect_bind(); - if ($result >= 0) - { - // Remove from required_fields all entries not configured in LDAP (empty) and duplicated - $required_fields=array_unique(array_values(array_filter($required_fields, "dol_validElement"))); + $ldap = new Ldap(); + $result = $ldap->connect_bind(); + if ($result >= 0) { + // Remove from required_fields all entries not configured in LDAP (empty) and duplicated + $required_fields = array_unique(array_values(array_filter($required_fields, "dol_validElement"))); - $ldapusers = $ldap->getRecords($selecteduser, $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields); - //print_r($ldapusers); + $ldapusers = $ldap->getRecords($selecteduser, $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields); + //print_r($ldapusers); - if (is_array($ldapusers)) - { - foreach ($ldapusers as $key => $attribute) - { - $ldap_lastname = $attribute[$conf->global->LDAP_FIELD_NAME]; - $ldap_firstname = $attribute[$conf->global->LDAP_FIELD_FIRSTNAME]; - $ldap_login = $attribute[$conf->global->LDAP_FIELD_LOGIN]; - $ldap_loginsmb = $attribute[$conf->global->LDAP_FIELD_LOGIN_SAMBA]; - $ldap_pass = $attribute[$conf->global->LDAP_FIELD_PASSWORD]; - $ldap_pass_crypted = $attribute[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED]; - $ldap_phone = $attribute[$conf->global->LDAP_FIELD_PHONE]; - $ldap_fax = $attribute[$conf->global->LDAP_FIELD_FAX]; - $ldap_mobile = $attribute[$conf->global->LDAP_FIELD_MOBILE]; - $ldap_skype = $attribute[$conf->global->LDAP_FIELD_SKYPE]; - $ldap_mail = $attribute[$conf->global->LDAP_FIELD_MAIL]; - $ldap_sid = $attribute[$conf->global->LDAP_FIELD_SID]; + if (is_array($ldapusers)) { + foreach ($ldapusers as $key => $attribute) { + $ldap_lastname = $attribute[$conf->global->LDAP_FIELD_NAME]; + $ldap_firstname = $attribute[$conf->global->LDAP_FIELD_FIRSTNAME]; + $ldap_login = $attribute[$conf->global->LDAP_FIELD_LOGIN]; + $ldap_loginsmb = $attribute[$conf->global->LDAP_FIELD_LOGIN_SAMBA]; + $ldap_pass = $attribute[$conf->global->LDAP_FIELD_PASSWORD]; + $ldap_pass_crypted = $attribute[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED]; + $ldap_phone = $attribute[$conf->global->LDAP_FIELD_PHONE]; + $ldap_fax = $attribute[$conf->global->LDAP_FIELD_FAX]; + $ldap_mobile = $attribute[$conf->global->LDAP_FIELD_MOBILE]; + $ldap_skype = $attribute[$conf->global->LDAP_FIELD_SKYPE]; + $ldap_mail = $attribute[$conf->global->LDAP_FIELD_MAIL]; + $ldap_sid = $attribute[$conf->global->LDAP_FIELD_SID]; + } } + } else { + setEventMessage($ldap->error, 'errors'); } } - else - { - setEventMessage($ldap->error, 'errors'); - } } - /* * View */ diff --git a/htdocs/user/clicktodial.php b/htdocs/user/clicktodial.php index 7aaaebbac3e..44a3c90aeb7 100644 --- a/htdocs/user/clicktodial.php +++ b/htdocs/user/clicktodial.php @@ -41,27 +41,35 @@ if ($user->id == $id) // A user can always read its own card } $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /* * Actions */ -if ($action == 'update' && ! GETPOST('cancel')) -{ - $edituser = new User($db); - $edituser->fetch($id); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - $edituser->clicktodial_url = GETPOST("url"); - $edituser->clicktodial_login = GETPOST("login"); - $edituser->clicktodial_password = GETPOST("password"); - $edituser->clicktodial_poste = GETPOST("poste"); +if (empty($reshook)) { + if ($action == 'update' && !GETPOST('cancel')) { + $edituser = new User($db); + $edituser->fetch($id); - $result=$edituser->update_clicktodial(); - if ($result < 0) setEventMessage($edituser->error,'errors'); + $edituser->clicktodial_url = GETPOST("url"); + $edituser->clicktodial_login = GETPOST("login"); + $edituser->clicktodial_password = GETPOST("password"); + $edituser->clicktodial_poste = GETPOST("poste"); + + $result = $edituser->update_clicktodial(); + if ($result < 0) { + setEventMessage($edituser->error, 'errors'); + } + } } - /* * View */ diff --git a/htdocs/user/document.php b/htdocs/user/document.php index 25dea7eb398..e628e58624a 100644 --- a/htdocs/user/document.php +++ b/htdocs/user/document.php @@ -93,12 +93,20 @@ if ($id > 0 || ! empty($ref)) $upload_dir = $conf->user->multidir_output[$entitytouseforuserdir] . "/" . $object->id ; } +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); + /* * Actions */ -include_once DOL_DOCUMENT_ROOT . '/core/tpl/document_actions_pre_headers.tpl.php'; +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); +if (empty($reshook)) { + include_once DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_pre_headers.tpl.php'; +} /* * View diff --git a/htdocs/user/ldap.php b/htdocs/user/ldap.php index 2d1ac2f7464..9351450dea7 100644 --- a/htdocs/user/ldap.php +++ b/htdocs/user/ldap.php @@ -45,37 +45,41 @@ $object = new User($db); $object->fetch($id); $object->getrights(); +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /* * Actions */ -if ($_GET["action"] == 'dolibarr2ldap') -{ - $db->begin(); - $ldap=new Ldap(); - $result=$ldap->connect_bind(); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - $info=$object->_load_ldap_info(); - $dn=$object->_load_ldap_dn($info); - $olddn=$dn; // We can say that old dn = dn as we force synchro +if (empty($reshook)) { + if ($_GET["action"] == 'dolibarr2ldap') { + $db->begin(); - $result=$ldap->update($dn,$info,$user,$olddn); + $ldap = new Ldap(); + $result = $ldap->connect_bind(); - if ($result >= 0) - { - setEventMessage($langs->trans("UserSynchronized")); - $db->commit(); - } - else - { - setEventMessage($ldap->error, 'errors'); - $db->rollback(); + $info = $object->_load_ldap_info(); + $dn = $object->_load_ldap_dn($info); + $olddn = $dn; // We can say that old dn = dn as we force synchro + + $result = $ldap->update($dn, $info, $user, $olddn); + + if ($result >= 0) { + setEventMessage($langs->trans("UserSynchronized")); + $db->commit(); + } else { + setEventMessage($ldap->error, 'errors'); + $db->rollback(); + } } } - /* * View */ diff --git a/htdocs/user/note.php b/htdocs/user/note.php index 7fe5766cd3a..795a41d41c5 100644 --- a/htdocs/user/note.php +++ b/htdocs/user/note.php @@ -48,30 +48,32 @@ $feature2 = (($socid && $user->rights->user->self->creer)?'':'user'); if ($user->id == $id) $feature2=''; // A user can always read its own card $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); - +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /******************************************************************************/ /* Actions */ /******************************************************************************/ -if ($action == 'update' && $user->rights->user->user->creer && ! $_POST["cancel"]) -{ - $db->begin(); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - $res=$object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES)); - if ($res < 0) - { - $mesg='
'.$adh->error.'
'; - $db->rollback(); - } - else - { - $db->commit(); +if (empty($reshook)) { + if ($action == 'update' && $user->rights->user->user->creer && !$_POST["cancel"]) { + $db->begin(); + + $res = $object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES)); + if ($res < 0) { + $mesg = '
'.$adh->error.'
'; + $db->rollback(); + } else { + $db->commit(); + } } } - /******************************************************************************/ /* Affichage fiche */ /******************************************************************************/ diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php index 5355a0f74fc..531ccd615dd 100644 --- a/htdocs/user/param_ihm.php +++ b/htdocs/user/param_ihm.php @@ -74,38 +74,51 @@ $searchformtitle=array($langs->trans("Companies"),$langs->trans("Contacts"),$lan $form = new Form($db); $formadmin=new FormAdmin($db); +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /* * Actions */ -if ($action == 'update' && ($caneditfield || ! empty($user->admin))) -{ - if (! $_POST["cancel"]) - { - $tabparam=array(); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - if ($_POST["check_MAIN_LANG_DEFAULT"]=="on") $tabparam["MAIN_LANG_DEFAULT"]=$_POST["main_lang_default"]; - else $tabparam["MAIN_LANG_DEFAULT"]=''; +if (empty($reshook)) { + if ($action == 'update' && ($caneditfield || !empty($user->admin))) { + if (!$_POST["cancel"]) { + $tabparam = array(); - if ($_POST["check_SIZE_LISTE_LIMIT"]=="on") $tabparam["MAIN_SIZE_LISTE_LIMIT"]=$_POST["main_size_liste_limit"]; - else $tabparam["MAIN_SIZE_LISTE_LIMIT"]=''; + if ($_POST["check_MAIN_LANG_DEFAULT"] == "on") { + $tabparam["MAIN_LANG_DEFAULT"] = $_POST["main_lang_default"]; + } else { + $tabparam["MAIN_LANG_DEFAULT"] = ''; + } - if ($_POST["check_MAIN_THEME"]=="on") $tabparam["MAIN_THEME"]=$_POST["main_theme"]; - else $tabparam["MAIN_THEME"]=''; + if ($_POST["check_SIZE_LISTE_LIMIT"] == "on") { + $tabparam["MAIN_SIZE_LISTE_LIMIT"] = $_POST["main_size_liste_limit"]; + } else { + $tabparam["MAIN_SIZE_LISTE_LIMIT"] = ''; + } - $tabparam["MAIN_SEARCHFORM_CONTACT"]=$_POST["main_searchform_contact"]; - $tabparam["MAIN_SEARCHFORM_SOCIETE"]=$_POST["main_searchform_societe"]; - $tabparam["MAIN_SEARCHFORM_PRODUITSERVICE"]=$_POST["main_searchform_produitservice"]; + if ($_POST["check_MAIN_THEME"] == "on") { + $tabparam["MAIN_THEME"] = $_POST["main_theme"]; + } else { + $tabparam["MAIN_THEME"] = ''; + } - $result=dol_set_user_param($db, $conf, $object, $tabparam); + $tabparam["MAIN_SEARCHFORM_CONTACT"] = $_POST["main_searchform_contact"]; + $tabparam["MAIN_SEARCHFORM_SOCIETE"] = $_POST["main_searchform_societe"]; + $tabparam["MAIN_SEARCHFORM_PRODUITSERVICE"] = $_POST["main_searchform_produitservice"]; - header('Location: '.$_SERVER["PHP_SELF"].'?id='.$id); - exit; + $result = dol_set_user_param($db, $conf, $object, $tabparam); + + header('Location: '.$_SERVER["PHP_SELF"].'?id='.$id); + exit; + } } } - - /* * View */ diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index d611e1f5c70..c31ba0a9b29 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -67,44 +67,51 @@ if ($user->id == $id && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user- $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); if ($user->id <> $id && ! $canreaduser) accessforbidden(); +$object = new User($db); +$object->fetch($id); +$object->getrights(); + +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('usercard','globalcard')); /** * Actions */ -if ($action == 'addrights' && $caneditperms) -{ - $edituser = new User($db); - $edituser->fetch($id); - //$edituser->addrights($rights, $module, '', $entity); // TODO unused for the moment - $edituser->addrights($rights, $module); +$parameters=array('id'=>$socid); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); - // Si on a touche a ses propres droits, on recharge - if ($id == $user->id) - { - $user->clearrights(); - $user->getrights(); - $menumanager->loadMenu(); +if (empty($reshook)) { + if ($action == 'addrights' && $caneditperms) { + $edituser = new User($db); + $edituser->fetch($id); + //$edituser->addrights($rights, $module, '', $entity); // TODO unused for the moment + $edituser->addrights($rights, $module); + + // Si on a touche a ses propres droits, on recharge + if ($id == $user->id) { + $user->clearrights(); + $user->getrights(); + $menumanager->loadMenu(); + } + } + + if ($action == 'delrights' && $caneditperms) { + $edituser = new User($db); + $edituser->fetch($id); + //$edituser->delrights($rights, $module, '', $entity); // TODO unused for the moment + $edituser->delrights($rights, $module); + + // Si on a touche a ses propres droits, on recharge + if ($id == $user->id) { + $user->clearrights(); + $user->getrights(); + $menumanager->loadMenu(); + } } } -if ($action == 'delrights' && $caneditperms) -{ - $edituser = new User($db); - $edituser->fetch($id); - //$edituser->delrights($rights, $module, '', $entity); // TODO unused for the moment - $edituser->delrights($rights, $module); - - // Si on a touche a ses propres droits, on recharge - if ($id == $user->id) - { - $user->clearrights(); - $user->getrights(); - $menumanager->loadMenu(); - } -} - - /** * View @@ -114,10 +121,6 @@ llxHeader('',$langs->trans("Permissions")); $form=new Form($db); -$object = new User($db); -$object->fetch($id); -$object->getrights(); - $head = user_prepare_head($object); $title = $langs->trans("User"); From ddb23eaf3bbfca0b67683f40f640b1c0738cafa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Mon, 12 Oct 2015 15:25:36 +0200 Subject: [PATCH 2/2] [Qual] Use default data root path if no conf Installation can be protected by an install.lock file in the data root path. This protection was ineffective if no configuration file was available. Whith this change, it still searches the default path. --- htdocs/install/inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/install/inc.php b/htdocs/install/inc.php index e5ad6f019a1..82e9a3dfeaa 100644 --- a/htdocs/install/inc.php +++ b/htdocs/install/inc.php @@ -86,7 +86,7 @@ if (! defined('DONOTLOADCONF') && file_exists($conffile)) if (empty($dolibarr_main_db_port) && ($dolibarr_main_db_type=='mysqli' || $dolibarr_main_db_type=='mysql')) $dolibarr_main_db_port='3306'; // For backward compatibility // Clean parameters - $dolibarr_main_data_root =isset($dolibarr_main_data_root)?trim($dolibarr_main_data_root):''; + $dolibarr_main_data_root =isset($dolibarr_main_data_root)?trim($dolibarr_main_data_root):DOL_DOCUMENT_ROOT . '/../documents'; $dolibarr_main_url_root =isset($dolibarr_main_url_root)?trim($dolibarr_main_url_root):''; $dolibarr_main_url_root_alt =isset($dolibarr_main_url_root_alt)?trim($dolibarr_main_url_root_alt):''; $dolibarr_main_document_root =isset($dolibarr_main_document_root)?trim($dolibarr_main_document_root):''; @@ -133,7 +133,7 @@ if (! isset($dolibarr_main_db_prefix) || ! $dolibarr_main_db_prefix) $dolibarr_m define('MAIN_DB_PREFIX',(isset($dolibarr_main_db_prefix)?$dolibarr_main_db_prefix:'')); define('DOL_CLASS_PATH', 'class/'); // Filsystem path to class dir -define('DOL_DATA_ROOT',(isset($dolibarr_main_data_root)?$dolibarr_main_data_root:'')); +define('DOL_DATA_ROOT',(isset($dolibarr_main_data_root)?$dolibarr_main_data_root:DOL_DOCUMENT_ROOT . '/../documents')); define('DOL_MAIN_URL_ROOT', (isset($dolibarr_main_url_root)?$dolibarr_main_url_root:'')); // URL relative root $uri=preg_replace('/^http(s?):\/\//i','',constant('DOL_MAIN_URL_ROOT')); // $uri contains url without http* $suburi = strstr($uri, '/'); // $suburi contains url without domain