From 65874a977ec4cad7fac5039a9274d373af41a3b5 Mon Sep 17 00:00:00 2001 From: Rodolphe Quiedeville Date: Fri, 2 Sep 2005 09:56:24 +0000 Subject: [PATCH] Modif permissions --- htdocs/telephonie/ligne/conso.php | 38 ++++---- htdocs/telephonie/ligne/history.php | 131 ++++++++++++++-------------- htdocs/telephonie/ligne/infoc.php | 16 +++- htdocs/telephonie/ligne/stat.php | 32 ++++--- 4 files changed, 124 insertions(+), 93 deletions(-) diff --git a/htdocs/telephonie/ligne/conso.php b/htdocs/telephonie/ligne/conso.php index 27c3c788549..f265b4c3ed9 100644 --- a/htdocs/telephonie/ligne/conso.php +++ b/htdocs/telephonie/ligne/conso.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2004-2005 Rodolphe Quiedeville * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,24 +26,32 @@ $mesg = ''; llxHeader("","","Fiche Ligne"); - - if ($_GET["id"] or $_GET["numero"]) { - if ($_GET["action"] <> 're-edit') + + $ligne = new LigneTel($db); + if ($_GET["id"]) { - $ligne = new LigneTel($db); - if ($_GET["id"]) - { - $result = $ligne->fetch_by_id($_GET["id"]); - } - if ($_GET["numero"]) - { - $result = $ligne->fetch($_GET["numero"]); - } + $result = $ligne->fetch_by_id($_GET["id"]); + } + if ($_GET["numero"]) + { + $result = $ligne->fetch($_GET["numero"]); } - if ( $result ) + if ($result == 1) + { + $client_comm = new Societe($db); + $client_comm->fetch($ligne->client_comm_id, $user); + } + + if (!$client_comm->perm_read) + { + print "Lecture non authorisée"; + } + + + if ($result == 1 && $client_comm->perm_read) { if ($_GET["action"] <> 'edit' && $_GET["action"] <> 're-edit') { @@ -128,7 +136,7 @@ if ($_GET["id"] or $_GET["numero"]) } else { - print $sql; + //print $sql; } print ''; diff --git a/htdocs/telephonie/ligne/history.php b/htdocs/telephonie/ligne/history.php index d17b0e55973..05af72e6493 100644 --- a/htdocs/telephonie/ligne/history.php +++ b/htdocs/telephonie/ligne/history.php @@ -26,10 +26,6 @@ $mesg = ''; llxHeader("","","Historique Ligne"); -if ($cancel == $langs->trans("Cancel")) -{ - $action = ''; -} /* * Affichage * @@ -50,7 +46,20 @@ if ($cancel == $langs->trans("Cancel")) } } - if ( $result ) + + if ($result == 1) + { + $client_comm = new Societe($db); + $client_comm->fetch($ligne->client_comm_id, $user); + } + + if (!$client_comm->perm_read) + { + print "Lecture non authorisée"; + } + + + if ($result == 1 && $client_comm->perm_read) { if ($_GET["action"] <> 'edit' && $_GET["action"] <> 're-edit') { @@ -92,9 +101,6 @@ if ($cancel == $langs->trans("Cancel")) $client = new Societe($db, $ligne->client_id); $client->fetch($ligne->client_id); - $client_comm = new Societe($db, $ligne->client_comm_id); - $client_comm->fetch($ligne->client_comm_id); - print 'Client'; print ''; print $client_comm->nom.''; @@ -160,15 +166,16 @@ if ($cancel == $langs->trans("Cancel")) $sql .= ",".MAIN_DB_PREFIX."user as u"; $sql .= " WHERE u.rowid = l.fk_user AND l.fk_ligne = ".$ligne->id; $sql .= " ORDER BY l.tms DESC "; - if ( $db->query( $sql) ) + $resql = $db->query($sql); + if ($resql) { - $num = $db->num_rows(); + $num = $db->num_rows($resql); if ( $num > 0 ) { $i = 0; while ($i < $num) { - $row = $db->fetch_row($i); + $row = $db->fetch_row($resql); print ''.strftime("%a %d %B %Y %H:%M:%S",$row[0]).''; print ' '; @@ -179,14 +186,12 @@ if ($cancel == $langs->trans("Cancel")) } print ''; - print $ff[$row[6]]; - print ''.$row[4] . " " . $row[3] . ""; $i++; } } - $db->free(); + $db->free($resql); } else { @@ -195,64 +200,60 @@ if ($cancel == $langs->trans("Cancel")) print ""; } - } - /* - * - */ - print '
'; - print_titre("Retours Fournisseurs"); - $sql = "SELECT "; - $sql .= " cli,mode,situation,date_mise_service,date_resiliation,motif_resiliation,commentaire,fichier, traite "; - - $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_commande_retour"; - $sql .= " WHERE cli = ".$ligne->numero; - $sql .= " ORDER BY rowid DESC " . $db->plimit($conf->liste_limit+1, $offset); - - if ($db->query($sql)) - { - $num = $db->num_rows(); - $i = 0; + + /* + * + */ + print '
'; + print_titre("Retours Fournisseurs"); + $sql = "SELECT "; + $sql .= " cli,mode,situation,date_mise_service,date_resiliation,motif_resiliation,commentaire,fichier, traite "; - print ''; - print ''; - print ''; - print "\n"; - $var=True; + $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_commande_retour"; + $sql .= " WHERE cli = ".$ligne->numero; + $sql .= " ORDER BY rowid DESC " . $db->plimit($conf->liste_limit+1, $offset); - while ($i < $num) + $resql = $db->query($sql); + if ($resql) { - $obj = $db->fetch_object(); - $var=!$var; - - print ""; - print '\n"; - print '\n"; - print '\n"; - print '\n"; - print '\n"; - print '\n"; + print '
ModeResultatDate MeSRésilCommentaireFichier
'.$obj->mode."'.$obj->situation."'.$obj->date_mise_service."'.$obj->date_resiliation."'.$obj->commentaire."'.$obj->fichier."
'; + print ''; + print ''; print "\n"; - - $i++; + $var=True; + + while ($obj = $db->fetch_object($resql)) + { + $var=!$var; + + print ""; + print '\n"; + print '\n"; + print '\n"; + print '\n"; + print '\n"; + print '\n"; + print "\n"; + } + print "
ModeResultatDate MeSRésilCommentaireFichier
'.$obj->mode."'.$obj->situation."'.$obj->date_mise_service."'.$obj->date_resiliation."'.$obj->commentaire."'.$obj->fichier."
"; + $db->free($resql); } - print ""; - $db->free(); + else + { + print $db->error() . ' ' . $sql; + } + + /* + * + * + * + */ } - else - { - print $db->error() . ' ' . $sql; - } - - /* - * - * - * - */ - } - else - { - print "Error"; } +else +{ + print "Error"; +} $db->close(); diff --git a/htdocs/telephonie/ligne/infoc.php b/htdocs/telephonie/ligne/infoc.php index 9f6110e2641..42278990835 100644 --- a/htdocs/telephonie/ligne/infoc.php +++ b/htdocs/telephonie/ligne/infoc.php @@ -30,7 +30,7 @@ require("./pre.inc.php"); $mesg = ''; -if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel")) +if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel") && $user->rights->telephonie->ligne->creer) { $ligne = new LigneTel($db); $ligne->id = $_GET["id"]; @@ -79,7 +79,19 @@ if ($_GET["id"] or $_GET["numero"]) } } - if ( $result == 1) + if ($result == 1) + { + $client_comm = new Societe($db); + $client_comm->fetch($ligne->client_comm_id, $user); + } + + if (!$client_comm->perm_read) + { + print "Lecture non authorisée"; + } + + + if ($result == 1 && $client_comm->perm_read) { if ($_GET["action"] <> 'edit' && $_GET["action"] <> 're-edit') { diff --git a/htdocs/telephonie/ligne/stat.php b/htdocs/telephonie/ligne/stat.php index 988a8532ce2..d114211c091 100644 --- a/htdocs/telephonie/ligne/stat.php +++ b/htdocs/telephonie/ligne/stat.php @@ -26,20 +26,30 @@ llxHeader("","","Fiche Ligne"); if ($_GET["id"] or $_GET["numero"]) { - if ($_GET["action"] <> 're-edit') + $ligne = new LigneTel($db); + if ($_GET["id"]) { - $ligne = new LigneTel($db); - if ($_GET["id"]) - { - $result = $ligne->fetch_by_id($_GET["id"]); - } - if ($_GET["numero"]) - { - $result = $ligne->fetch($_GET["numero"]); - } + $result = $ligne->fetch_by_id($_GET["id"]); + } + if ($_GET["numero"]) + { + $result = $ligne->fetch($_GET["numero"]); } - if ( $result ) + + if ($result == 1) + { + $client_comm = new Societe($db); + $client_comm->fetch($ligne->client_comm_id, $user); + } + + if (!$client_comm->perm_read) + { + print "Lecture non authorisée"; + } + + + if ($result == 1 && $client_comm->perm_read) { if ($_GET["action"] <> 'edit' && $_GET["action"] <> 're-edit') {