FIX #yogosha5758
This commit is contained in:
Laurent Destailleur
parent
4b35645920
commit
5fd8612891
@ -52,7 +52,6 @@ $ref = GETPOST('ref', 'alpha');
|
||||
if ($user->socid) {
|
||||
$id = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', $id, 'product&product');
|
||||
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST("sortfield", 'alpha');
|
||||
@ -74,6 +73,8 @@ if (!$sortorder) {
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
$hookmanager->initHooks(array('agendathirdparty'));
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', $id, 'product&product');
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -62,6 +62,9 @@ $alsoproductwithnosupplierprice = GETPOST('alsoproductwithnosupplierprice', 'int
|
||||
$warehouseStatus = GETPOST('warehousestatus', 'alpha');
|
||||
$hidepriceinlabel = GETPOST('hidepriceinlabel', 'int');
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'produit|service', 0, 'product&product');
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
@ -216,10 +219,13 @@ if (!empty($action) && $action == 'fetch' && !empty($id)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Filter on product to search can be:
|
||||
// Into an array with key $htmlname123 (we take first one found)
|
||||
// Into a var with name $htmlname can be 'prodid', 'productid', ...
|
||||
$match = preg_grep('/('.$htmlname.'[0-9]+)/', array_keys($_GET));
|
||||
sort($match);
|
||||
|
||||
$idprod = (!empty($match[0]) ? $match[0] : '');
|
||||
$idprod = (empty($match[0]) ? '' : $match[0]); // Take first param in GET with key answer
|
||||
|
||||
if (GETPOST($htmlname, 'alpha') == '' && (!$idprod || !GETPOST($idprod, 'alpha'))) {
|
||||
print json_encode(array());
|
||||
|
||||
@ -52,7 +52,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid');
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
$hookmanager->initHooks(array('productdocuments'));
|
||||
@ -98,6 +97,8 @@ $modulepart = 'produit';
|
||||
|
||||
$permissiontoadd = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer));
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -73,7 +73,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid');
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
if (empty($user->rights->fournisseur->lire)) {
|
||||
accessforbidden();
|
||||
@ -114,6 +113,8 @@ if (!$sortorder) {
|
||||
$sortorder = "ASC";
|
||||
}
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -41,6 +41,14 @@ if ($type == '' && !$user->rights->service->lire) {
|
||||
$type = '0'; // Force global page on product page only
|
||||
}
|
||||
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('products', 'stocks'));
|
||||
|
||||
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
|
||||
$hookmanager->initHooks(array('productindex'));
|
||||
|
||||
$product_static = new Product($db);
|
||||
|
||||
// Security check
|
||||
if ($type == '0') {
|
||||
$result = restrictedArea($user, 'produit');
|
||||
@ -50,14 +58,6 @@ if ($type == '0') {
|
||||
$result = restrictedArea($user, 'produit|service|expedition');
|
||||
}
|
||||
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('products', 'stocks'));
|
||||
|
||||
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
|
||||
$hookmanager->initHooks(array('productindex'));
|
||||
|
||||
$product_static = new Product($db);
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
|
||||
@ -43,7 +43,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid');
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
$object = new Product($db);
|
||||
if ($id > 0 || !empty($ref)) {
|
||||
@ -52,6 +51,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
|
||||
$permissionnote = $user->rights->produit->creer; // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -42,7 +42,6 @@ $mode = GETPOST('mode', 'alpha') ? GETPOST('mode', 'alpha') : '';
|
||||
if (!empty($user->socid)) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service');
|
||||
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST("sortfield", 'alpha');
|
||||
@ -61,9 +60,10 @@ $offset = $limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
|
||||
$staticproduct = new Product($db);
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', 0, 'product&product');
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
|
||||
@ -68,7 +68,6 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid');
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
if ($id > 0 || !empty($ref)) {
|
||||
$object = new Product($db);
|
||||
@ -83,6 +82,8 @@ if ((!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
$hookmanager->initHooks(array('productpricecard', 'globalcard'));
|
||||
|
||||
$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype);
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -35,13 +35,6 @@ require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('products', 'stocks'));
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service');
|
||||
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$sref = GETPOST("sref", 'alpha');
|
||||
$snom = GETPOST("snom", 'alpha');
|
||||
@ -99,6 +92,10 @@ if (!empty($conf->global->STOCK_CALCULATE_ON_SHIPMENT)
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
$hookmanager->initHooks(array('productreassortlist'));
|
||||
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', 0, 'product&product');
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@ -37,13 +37,6 @@ require_once DOL_DOCUMENT_ROOT.'/product/stock/class/entrepot.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('products', 'stocks', 'productbatch'));
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service');
|
||||
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$sref = GETPOST("sref", 'alpha');
|
||||
$snom = GETPOST("snom", 'alpha');
|
||||
@ -89,6 +82,11 @@ if (!empty($canvas)) {
|
||||
$objcanvas->getCanvas('product', 'list', $canvas);
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'produit|service', 0, 'product&product');
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@ -117,6 +117,13 @@ if (!empty($canvas)) {
|
||||
$objcanvas->getCanvas('thirdparty', 'card', $canvas);
|
||||
}
|
||||
|
||||
$permissiontoread = $user->rights->societe->lire;
|
||||
$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->rights->societe->supprimer || ($permissiontoadd && isset($object->status) && $object->status == 0);
|
||||
$permissionnote = $user->rights->societe->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->societe->creer; // Used by the include of actions_dellink.inc.php
|
||||
$upload_dir = $conf->societe->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0);
|
||||
|
||||
@ -130,12 +137,6 @@ if ($object->id > 0) {
|
||||
}
|
||||
*/
|
||||
|
||||
$permissiontoread = $user->rights->societe->lire;
|
||||
$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->rights->societe->supprimer || ($permissiontoadd && isset($object->status) && $object->status == 0);
|
||||
$permissionnote = $user->rights->societe->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->societe->creer; // Used by the include of actions_dellink.inc.php
|
||||
$upload_dir = $conf->societe->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user