FIx #yogosha5661
This commit is contained in:
Laurent Destailleur
parent
46972ec669
commit
640f5f6051
@ -67,11 +67,6 @@ if ($contextpage == 'takepos') {
|
||||
$_GET['optioncss'] = 'print';
|
||||
}
|
||||
|
||||
// Security check
|
||||
if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$arrayofpaymentmode = array('cash'=>'Cash', 'cheque'=>'Cheque', 'card'=>'CreditCard');
|
||||
|
||||
$arrayofposavailable = array();
|
||||
@ -95,6 +90,15 @@ $hookmanager->initHooks(array('cashcontrolcard', 'globalcard'));
|
||||
// Load object
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
|
||||
|
||||
// Security check
|
||||
if ($user->socid > 0) { // Protection if external user
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -94,14 +94,6 @@ if (!$sortorder) {
|
||||
$sortorder = "ASC";
|
||||
}
|
||||
|
||||
// Security check
|
||||
$socid = 0;
|
||||
if ($user->socid > 0) { // Protection if external user
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
//$result = restrictedArea($user, 'monmodule', $id, '');
|
||||
|
||||
// Initialize array of search criterias
|
||||
$search_all = GETPOST("search_all", 'alpha');
|
||||
$search = array();
|
||||
@ -133,6 +125,14 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
|
||||
$object->fields = dol_sort_array($object->fields, 'position');
|
||||
$arrayfields = dol_sort_array($arrayfields, 'position');
|
||||
|
||||
// Security check
|
||||
if ($user->socid > 0) { // Protection if external user
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@ -72,6 +72,15 @@ $sday = $cashcontrol->day_close;
|
||||
$posmodule = $cashcontrol->posmodule;
|
||||
$terminalid = $cashcontrol->posnumber;
|
||||
|
||||
// Security check
|
||||
if ($user->socid > 0) { // Protection if external user
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
|
||||
Loading…
Reference in New Issue
Block a user