From 9795f48046079fa4417af1d7b57efb50afa46ed4 Mon Sep 17 00:00:00 2001 From: arnaud Date: Mon, 18 Sep 2017 17:27:29 +0200 Subject: [PATCH 1/7] NEW comment system working with all objects --- htdocs/core/actions_comments.inc.php | 76 ++++ htdocs/core/class/comment.class.php | 322 +++++++++++++++++ htdocs/core/class/commonobject.class.php | 29 ++ htdocs/core/lib/project.lib.php | 18 +- htdocs/core/tpl/bloc_comment.tpl.php | 105 ++++++ .../install/mysql/migration/6.0.0-7.0.0.sql | 9 +- htdocs/langs/en_US/main.lang | 5 + htdocs/langs/en_US/projects.lang | 6 +- htdocs/langs/fr_FR/main.lang | 5 + htdocs/langs/fr_FR/projects.lang | 6 +- htdocs/projet/admin/project.php | 9 + htdocs/projet/class/project.class.php | 1 + htdocs/projet/class/task.class.php | 328 ------------------ htdocs/projet/comment.php | 189 ++++++++++ htdocs/projet/tasks/comment.php | 186 ++-------- 15 files changed, 787 insertions(+), 507 deletions(-) create mode 100644 htdocs/core/actions_comments.inc.php create mode 100644 htdocs/core/class/comment.class.php create mode 100644 htdocs/core/tpl/bloc_comment.tpl.php create mode 100644 htdocs/projet/comment.php diff --git a/htdocs/core/actions_comments.inc.php b/htdocs/core/actions_comments.inc.php new file mode 100644 index 00000000000..185973cb258 --- /dev/null +++ b/htdocs/core/actions_comments.inc.php @@ -0,0 +1,76 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * or see http://www.gnu.org/ + * + * $elementype must be defined. + */ + +/** + * \file htdocs/core/actions_comments.inc.php + * \brief Code for actions on comments pages + */ + + +require_once DOL_DOCUMENT_ROOT.'/core/class/comment.class.php'; + +$varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; +$comment = new Comment($db); + +/* + * Actions + */ + +if ($action == 'addcomment') +{ + $description = GETPOST('comment_description'); + if (!empty($description)) + { + $comment->description = $description; + $comment->datec = time(); + $comment->fk_element = GETPOST('id'); + $comment->element_type = GETPOST('comment_element_type'); + $comment->fk_user_author = $user->id; + $comment->entity = $conf->entity; + if ($comment->create($user) > 0) + { + setEventMessages($langs->trans("CommentAdded"), null, 'mesgs'); + header('Location: '.$varpage.'?id='.$id.($withproject?'&withproject=1':'')); + exit; + } + else + { + setEventMessages($comment->error, $comment->errors,'errors'); + $action=''; + } + } +} +if ($action == 'deletecomment') +{ + if ($comment->fetch($idcomment) >= 0) + { + if ($comment->delete($user) > 0) + { + setEventMessages($langs->trans("CommentDeleted"), null, 'mesgs'); + header('Location: '.$varpage.'?id='.$id.($withproject?'&withproject=1':'')); + exit; + } + else + { + setEventMessages($comment->error, $comment->errors,'errors'); + $action=''; + } + } +} \ No newline at end of file diff --git a/htdocs/core/class/comment.class.php b/htdocs/core/class/comment.class.php new file mode 100644 index 00000000000..0ec77405721 --- /dev/null +++ b/htdocs/core/class/comment.class.php @@ -0,0 +1,322 @@ +db = $db; + } + + + /** + * Create into database + * + * @param User $user User that create + * @param int $notrigger 0=launch triggers after, 1=disable triggers + * @return int <0 if KO, Id of created object if OK + */ + function create($user, $notrigger=0) + { + global $conf, $langs; + + $error=0; + + // Insert request + $sql = "INSERT INTO ".MAIN_DB_PREFIX."comment ("; + $sql.= "description"; + $sql.= ", datec"; + $sql.= ", fk_element"; + $sql.= ", element_type"; + $sql.= ", fk_user_author"; + $sql.= ", entity"; + $sql.= ", import_key"; + $sql.= ") VALUES ("; + $sql.= "'".$this->db->escape($this->description)."'"; + $sql.= ", ".($this->datec!=''?"'".$this->db->idate($this->datec)."'":'null'); + $sql.= ", '".(isset($this->fk_element)?$this->fk_element:"null")."'"; + $sql.= ", '".$this->db->escape($this->element_type)."'"; + $sql.= ", '".(isset($this->fk_user_author)?$this->fk_user_author:"null")."'"; + $sql.= ", ".(!empty($this->entity)?$this->entity:'1'); + $sql.= ", ".(!empty($this->import_key)?"'".$this->db->escape($this->import_key)."'":"null"); + $sql.= ")"; + + //var_dump($this->db); + //echo $sql; + + $this->db->begin(); + + dol_syslog(get_class($this)."::create", LOG_DEBUG); + $resql=$this->db->query($sql); + if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } + + if (! $error) + { + $this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."projet_task_comment"); + + if (! $notrigger) + { + // Call trigger + $result=$this->call_trigger('TASK_COMMENT_CREATE',$user); + if ($result < 0) { $error++; } + // End call triggers + } + } + + // Commit or rollback + if ($error) + { + foreach($this->errors as $errmsg) + { + dol_syslog(get_class($this)."::create ".$errmsg, LOG_ERR); + $this->error.=($this->error?', '.$errmsg:$errmsg); + } + $this->db->rollback(); + return -1*$error; + } + else + { + $this->db->commit(); + return $this->id; + } + } + + + /** + * Load object in memory from database + * + * @param int $id Id object + * @param int $ref ref object + * @return int <0 if KO, 0 if not found, >0 if OK + */ + function fetch($id, $ref='') + { + global $langs; + + $sql = "SELECT"; + $sql.= " c.rowid,"; + $sql.= " c.description,"; + $sql.= " c.datec,"; + $sql.= " c.tms,"; + $sql.= " c.fk_element,"; + $sql.= " c.element_type,"; + $sql.= " c.fk_user_author,"; + $sql.= " c.entity,"; + $sql.= " c.import_key"; + $sql.= " FROM ".MAIN_DB_PREFIX."comment as c"; + $sql.= " WHERE c.rowid = ".$id; + + dol_syslog(get_class($this)."::fetch", LOG_DEBUG); + $resql=$this->db->query($sql); + if ($resql) + { + $num_rows = $this->db->num_rows($resql); + + if ($num_rows) + { + $obj = $this->db->fetch_object($resql); + + $this->id = $obj->rowid; + $this->description = $obj->description; + $this->element_type = $obj->element_type; + $this->datec = $this->db->jdate($obj->datec); + $this->tms = $obj->tms; + $this->fk_user_author = $obj->fk_user_author; + $this->fk_element = $obj->fk_element; + $this->entity = $obj->entity; + $this->import_key = $obj->import_key; + } + + $this->db->free($resql); + + if ($num_rows) return 1; + else return 0; + } + else + { + $this->error="Error ".$this->db->lasterror(); + return -1; + } + } + + + /** + * Update database + * + * @param User $user User that modify + * @param int $notrigger 0=launch triggers after, 1=disable triggers + * @return int <=0 if KO, >0 if OK + */ + function update(User $user, $notrigger=0) + { + global $conf, $langs; + $error=0; + + // Clean parameters + if (isset($this->fk_element)) $this->fk_project=(int) trim($this->fk_element); + if (isset($this->fk_user_author)) $this->fk_user_author=(int) trim($this->fk_user_author); + if (isset($this->description)) $this->description=trim($this->description); + + + // Update request + $sql = "UPDATE ".MAIN_DB_PREFIX."projet_task_comment SET"; + $sql.= " description=".(isset($this->description)?"'".$this->db->escape($this->description)."'":"null").","; + $sql.= " datec=".($this->datec!=''?"'".$this->db->idate($this->datec)."'":'null').","; + $sql.= " fk_element=".(isset($this->fk_element)?$this->fk_element:"null").","; + $sql.= " element_type='".$this->element_type."',"; + $sql.= " fk_user_author=".(isset($this->fk_user_author)?$this->fk_user_author:"null").","; + $sql.= " entity=".(!empty($this->entity)?$this->entity:'1').","; + $sql.= " import_key=".(!empty($this->import_key)?"'".$this->db->escape($this->import_key)."'":"null"); + $sql.= " WHERE rowid=".$this->id; + + $this->db->begin(); + + dol_syslog(get_class($this)."::update", LOG_DEBUG); + $resql = $this->db->query($sql); + if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } + + if (! $error) + { + if (! $notrigger) + { + // Call trigger + $result=$this->call_trigger('TASK_COMMENT_MODIFY',$user); + if ($result < 0) { $error++; } + // End call triggers + } + } + + // Commit or rollback + if ($error) + { + foreach($this->errors as $errmsg) + { + dol_syslog(get_class($this)."::update ".$errmsg, LOG_ERR); + $this->error.=($this->error?', '.$errmsg:$errmsg); + } + $this->db->rollback(); + return -1*$error; + } + else + { + $this->db->commit(); + return 1; + } + } + + + /** + * Delete task from database + * + * @param User $user User that delete + * @param int $notrigger 0=launch triggers after, 1=disable triggers + * @return int <0 if KO, >0 if OK + */ + function delete($user, $notrigger=0) + { + global $conf, $langs; + require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; + + $error=0; + + $this->db->begin(); + + $sql = "DELETE FROM ".MAIN_DB_PREFIX."comment"; + $sql.= " WHERE rowid=".$this->id; + + $resql = $this->db->query($sql); + if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } + + if (! $error) + { + if (! $notrigger) + { + // Call trigger + $result=$this->call_trigger('TASK_COMMENT_DELETE',$user); + if ($result < 0) { $error++; } + // End call triggers + } + } + + // Commit or rollback + if ($error) + { + foreach($this->errors as $errmsg) + { + dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); + $this->error.=($this->error?', '.$errmsg:$errmsg); + } + $this->db->rollback(); + return -1*$error; + }else{ + $this->db->commit(); + return 1; + } + } + + + /** + * Load comments linked with current task + * + * @return array Comment array + */ + public static function fetchAllFor($element_type, $fk_element) + { + global $db,$conf; + $TComments = array(); + if(!empty($element_type) && !empty($fk_element)) { + $sql = "SELECT"; + $sql.= " c.rowid"; + $sql.= " FROM ".MAIN_DB_PREFIX."comment as c"; + $sql.= " WHERE c.fk_element = ".$fk_element; + $sql.= " AND c.element_type = '".$element_type."'"; + $sql.= " AND c.entity = ".$conf->entity; + $sql.= " ORDER BY c.tms DESC"; + + dol_syslog("Comment::fetchAllFor", LOG_DEBUG); + $resql=$db->query($sql); + if ($resql) + { + $num_rows = $db->num_rows($resql); + if ($num_rows > 0) + { + while($obj = $db->fetch_object($resql)) + { + $comment = new self($db); + $comment->fetch($obj->rowid); + $TComments[] = $comment; + } + } + $db->free($resql); + } + } + return $TComments; + } +} \ No newline at end of file diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 54a907a3c0f..d7037ba5d2c 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -308,6 +308,12 @@ abstract class CommonObject * @var CommonObjectLine[] */ public $lines; + + /** + * @var mixed Contains comments + * @see fetchComments() + */ + public $comments=array(); /** * @var int @@ -5283,5 +5289,28 @@ abstract class CommonObject // TODO... } + + /** + * Load comments linked with current task + * @return boolean 1 if ok + */ + public function fetchComments() + { + require_once DOL_DOCUMENT_ROOT.'/core/class/comment.class.php'; + + $comment = new Comment($this->db); + $this->comments = Comment::fetchAllFor($this->element, $this->id); + return 1; + } + + /** + * Return nb comments already posted + * + * @return int + */ + public function getNbComments() + { + return count($this->comments); + } } diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index 0395f9f17ff..ec6be594ac3 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -66,7 +66,19 @@ function project_prepare_head($object) // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab // $this->tabs = array('entity:-tabname); to remove a tab complete_head_from_modules($conf,$langs,$object,$head,$h,'project'); - + + + // Manage discussion + if (!empty($conf->global->PROJECT_ALLOW_COMMENT_ON_PROJECT)) + { + $nbComments = $object->getNbComments(); + $head[$h][0] = DOL_URL_ROOT.'/projet/comment.php?id='.$object->id; + $head[$h][1] = $langs->trans("CommentLink"); + if ($nbComments > 0) $head[$h][1].= ' '.$nbComments.''; + $head[$h][2] = 'project_comment'; + $h++; + } + if (empty($conf->global->MAIN_DISABLE_NOTES_TAB)) { $nbNote = 0; @@ -179,9 +191,9 @@ function task_prepare_head($object) // Manage discussion if (!empty($conf->global->PROJECT_ALLOW_COMMENT_ON_TASK)) { - $nbComments= $object->getNbComments(); + $nbComments = $object->getNbComments(); $head[$h][0] = DOL_URL_ROOT.'/projet/tasks/comment.php?id='.$object->id.(GETPOST('withproject')?'&withproject=1':''); - $head[$h][1] = $langs->trans("TaskCommentLinks"); + $head[$h][1] = $langs->trans("CommentLink"); if ($nbComments > 0) $head[$h][1].= ' '.$nbComments.''; $head[$h][2] = 'task_comment'; $h++; diff --git a/htdocs/core/tpl/bloc_comment.tpl.php b/htdocs/core/tpl/bloc_comment.tpl.php new file mode 100644 index 00000000000..b28699744d2 --- /dev/null +++ b/htdocs/core/tpl/bloc_comment.tpl.php @@ -0,0 +1,105 @@ +'; +print '
'; +print '
'; +print ''; +print ''; +print ''; +print ''; +print ''; + +print ''; + +print ''; +print ''; +print ''; +print ''; +print ''; +print "\n"; + +print ''; +print ''; + +// Description +print ''; + +print ''; +print '
'.$langs->trans("Comments").'
'; + +$desc = GETPOST('comment_description'); + +$doleditor = new DolEditor('comment_description', $desc, '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '100%'); +print $doleditor->Create(1); + +print ''; +print ''; +print '
'; + +// List of comments +if(!empty($object->comments)) { + // Default color for current user + $TColors = array($user->id => array('bgcolor'=>'efefef','color'=>'555')); + $first = true; + foreach($object->comments as $comment) { + $fk_user = $comment->fk_user_author; + $userstatic->fetch($fk_user); + if(empty($TColors[$fk_user])) { + $bgcolor = random_color(180,240); + if(!empty($userstatic->color)) { + $bgcolor = $userstatic->color; + } + $color = (colorIsLight($bgcolor))?'555':'fff'; + $TColors[$fk_user] = array('bgcolor'=>$bgcolor,'color'=>$color); + } + print '
'; + if($fk_user == $user->id) { + print '
 
'; + } + + print '
'; + print '
'; + if (! empty($user->photo)) + { + print Form::showphoto('userphoto', $userstatic, 80, 0, 0, '', 'small', 0, 1).'
'; + } + print $langs->trans('User').' : '.$userstatic->getNomUrl().'
'; + print $langs->trans('Date').' : '.dol_print_date($comment->datec,'dayhoursec'); + print '
'; // End comment-info + + print '
'; + print '
'; + print '
'; + print $comment->description; + print '
'; // End comment-description + if(($first && $fk_user == $user->id) || $user->admin == 1) { + print ''; + print img_picto('', 'delete.png'); + print ''; + } + print '
'; // End comment-table + print '
'; // End comment-right + print '
'; // End comment + + if($fk_user != $user->id) { + print '
 
'; + } + print '
'; + print '
'; // end 100p + + $first = false; + } +} + +print '
'; +print '
'; diff --git a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql index d4e78720abf..80d2e7cb292 100644 --- a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql +++ b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql @@ -273,14 +273,15 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPOSAL_SUPPLIER_CLOSE_SIGNED','Price request closed signed','Executed when a customer proposal is closed signed','proposal_supplier',10); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPOSAL_SUPPLIER_CLOSE_REFUSED','Price request closed refused','Executed when a customer proposal is closed refused','proposal_supplier',10); - -CREATE TABLE llx_projet_task_comment ( +DROP TABLE `llx_projet_task_comment`; +CREATE TABLE IF NOT EXISTS llx_comment ( rowid integer AUTO_INCREMENT PRIMARY KEY, datec datetime DEFAULT NULL, tms timestamp, description text NOT NULL, - fk_user integer DEFAULT NULL, - fk_task integer DEFAULT NULL, + fk_user_author integer DEFAULT NULL, + fk_element integer DEFAULT NULL, + element_type varchar(50) DEFAULT NULL, entity integer DEFAULT 1, import_key varchar(125) DEFAULT NULL )ENGINE=innodb; diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 1b92d87e9ba..39df55e02ce 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -866,3 +866,8 @@ SearchIntoContracts=Contracts SearchIntoCustomerShipments=Customer shipments SearchIntoExpenseReports=Expense reports SearchIntoLeaves=Leaves +CommentLink=Comments +NbComments=Number of comments +CommentPage=Comments space +CommentAdded=Comment added +CommentDeleted=Comment deleted diff --git a/htdocs/langs/en_US/projects.lang b/htdocs/langs/en_US/projects.lang index 408c3db5e7a..f9eb6c00477 100644 --- a/htdocs/langs/en_US/projects.lang +++ b/htdocs/langs/en_US/projects.lang @@ -210,8 +210,4 @@ OppStatusLOST=Lost Budget=Budget # Comments trans AllowCommentOnTask=Allow user comments on tasks -TaskCommentLinks=Comments -TaskNbComments=Number of comments -TaskComment=Task's comments space -CommentAdded=Comment added -CommentDeleted=Comment deleted +AllowCommentOnProject=Allow user comments on projects diff --git a/htdocs/langs/fr_FR/main.lang b/htdocs/langs/fr_FR/main.lang index 6a6c80a78bf..7a47c934a80 100644 --- a/htdocs/langs/fr_FR/main.lang +++ b/htdocs/langs/fr_FR/main.lang @@ -842,3 +842,8 @@ SearchIntoContracts=Contrats SearchIntoCustomerShipments=Expéditions clients SearchIntoExpenseReports=Notes de frais SearchIntoLeaves=Congés +CommentLink=Commentaires +NbComments=Nombre de commentaires +CommentPage=Espace commentaires +CommentAdded=Commentaire ajouté avec succès +CommentDeleted=Commentaire supprimé avec succès diff --git a/htdocs/langs/fr_FR/projects.lang b/htdocs/langs/fr_FR/projects.lang index 154c1138ab9..c235230eb2f 100644 --- a/htdocs/langs/fr_FR/projects.lang +++ b/htdocs/langs/fr_FR/projects.lang @@ -209,8 +209,4 @@ OppStatusLOST=Perdu Budget=Budget #Comments trans AllowCommentOnTask=Autoriser les commentaires entre utilisateurs sur les tâches -TaskCommentLinks=Commentaires -TaskNbComments=Nombre de commentaires -TaskComment=Tâches espace commentaires -CommentAdded=Commentaire ajouté avec succès -CommentDeleted=Commentaire supprimé avec succès +AllowCommentOnProject=Autoriser les commentaires entre utilisateurs sur les projets diff --git a/htdocs/projet/admin/project.php b/htdocs/projet/admin/project.php index 0c0da27457e..54e864e1bf6 100644 --- a/htdocs/projet/admin/project.php +++ b/htdocs/projet/admin/project.php @@ -918,6 +918,15 @@ print ''; print ' '; print ''; +print ''; +print ''.$langs->trans("AllowCommentOnProject").''; + +print ''; +echo ajax_constantonoff('PROJECT_ALLOW_COMMENT_ON_PROJECT'); +print ''; +print ' '; +print ''; + print ''; print ''.$langs->trans("AllowCommentOnTask").''; diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index af55063c66a..18aa3fe1f52 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -441,6 +441,7 @@ class Project extends CommonObject // Retreive all extrafield for thirdparty $this->fetch_optionals(); + $this->fetchComments(); return 1; } diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index 10a78e017c8..2fc849f9fe7 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -1783,332 +1783,4 @@ class Task extends CommonObject return ($datetouse > 0 && ($datetouse < ($now - $conf->projet->task->warning_delay))); } - - /** - * Return nb comments already posted - * - * @return int - */ - public function getNbComments() - { - return count($this->comments); - } - - /** - * Load comments linked with current task - * - * @return int <0 if KO, 0 if not found, >0 if OK - */ - public function fetchComments() - { - $this->comments = array(); - $sql = "SELECT"; - $sql.= " c.rowid"; - $sql.= " FROM ".MAIN_DB_PREFIX."projet_task_comment as c"; - $sql.= " WHERE c.fk_task = ".$this->id; - $sql.= " ORDER BY c.tms DESC"; - - dol_syslog(get_class($this)."::fetchComments", LOG_DEBUG); - $resql=$this->db->query($sql); - if ($resql) - { - $num_rows = $this->db->num_rows($resql); - if ($num_rows > 0) - { - while($obj = $this->db->fetch_object($resql)) - { - $comment = new TaskComment($this->db); - $comment->fetch($obj->rowid); - $this->comments[] = $comment; - } - return $num_rows; - }else{ - return 0; - } - } - else - { - $this->error="Error ".$this->db->lasterror(); - return -1; - } - } -} - -/** - * Class to manage tasks - */ -class TaskComment extends CommonObject -{ - public $element='project_task_comment'; //!< Id that identify managed objects - public $table_element='projet_task_comment'; //!< Name of table without prefix where object is stored - public $fk_element='fk_task'; - public $picto = 'task'; - - var $fk_task; - - var $description; - - var $tms; - - var $datec; - - var $fk_user; - - var $entity; - - var $import_key; - - public $oldcopy; - - - /** - * Constructor - * - * @param DoliDB $db Database handler - */ - function __construct($db) - { - $this->db = $db; - } - - - /** - * Create into database - * - * @param User $user User that create - * @param int $notrigger 0=launch triggers after, 1=disable triggers - * @return int <0 if KO, Id of created object if OK - */ - function create($user, $notrigger=0) - { - global $conf, $langs; - - $error=0; - - // Insert request - $sql = "INSERT INTO ".MAIN_DB_PREFIX."projet_task_comment ("; - $sql.= "description"; - $sql.= ", datec"; - $sql.= ", fk_task"; - $sql.= ", fk_user"; - $sql.= ", entity"; - $sql.= ", import_key"; - $sql.= ") VALUES ("; - $sql.= "'".$this->db->escape($this->description)."'"; - $sql.= ", ".($this->datec!=''?"'".$this->db->idate($this->datec)."'":'null'); - $sql.= ", '".(isset($this->fk_task)?$this->fk_task:"null")."'"; - $sql.= ", '".(isset($this->fk_user)?$this->fk_user:"null")."'"; - $sql.= ", ".(!empty($this->entity)?$this->entity:'1'); - $sql.= ", ".(!empty($this->import_key)?"'".$this->db->escape($this->import_key)."'":"null"); - $sql.= ")"; - - //var_dump($this->db); - //echo $sql; - - $this->db->begin(); - - dol_syslog(get_class($this)."::create", LOG_DEBUG); - $resql=$this->db->query($sql); - if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } - - if (! $error) - { - $this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."projet_task_comment"); - - if (! $notrigger) - { - // Call trigger - $result=$this->call_trigger('TASK_COMMENT_CREATE',$user); - if ($result < 0) { $error++; } - // End call triggers - } - } - - // Commit or rollback - if ($error) - { - foreach($this->errors as $errmsg) - { - dol_syslog(get_class($this)."::create ".$errmsg, LOG_ERR); - $this->error.=($this->error?', '.$errmsg:$errmsg); - } - $this->db->rollback(); - return -1*$error; - } - else - { - $this->db->commit(); - return $this->id; - } - } - - - /** - * Load object in memory from database - * - * @param int $id Id object - * @param int $ref ref object - * @return int <0 if KO, 0 if not found, >0 if OK - */ - function fetch($id, $ref='') - { - global $langs; - - $sql = "SELECT"; - $sql.= " c.rowid,"; - $sql.= " c.description,"; - $sql.= " c.datec,"; - $sql.= " c.tms,"; - $sql.= " c.fk_task,"; - $sql.= " c.fk_user,"; - $sql.= " c.entity,"; - $sql.= " c.import_key"; - $sql.= " FROM ".MAIN_DB_PREFIX."projet_task_comment as c"; - $sql.= " WHERE c.rowid = ".$id; - - dol_syslog(get_class($this)."::fetch", LOG_DEBUG); - $resql=$this->db->query($sql); - if ($resql) - { - $num_rows = $this->db->num_rows($resql); - - if ($num_rows) - { - $obj = $this->db->fetch_object($resql); - - $this->id = $obj->rowid; - $this->description = $obj->description; - $this->datec = $this->db->jdate($obj->datec); - $this->tms = $obj->tms; - $this->fk_user = $obj->fk_user; - $this->fk_task = $obj->fk_task; - $this->entity = $obj->entity; - $this->import_key = $obj->import_key; - } - - $this->db->free($resql); - - if ($num_rows) return 1; - else return 0; - } - else - { - $this->error="Error ".$this->db->lasterror(); - return -1; - } - } - - - /** - * Update database - * - * @param User $user User that modify - * @param int $notrigger 0=launch triggers after, 1=disable triggers - * @return int <=0 if KO, >0 if OK - */ - function update(User $user, $notrigger=0) - { - global $conf, $langs; - $error=0; - - // Clean parameters - if (isset($this->fk_task)) $this->fk_project=(int) trim($this->fk_task); - if (isset($this->fk_user)) $this->fk_user=(int) trim($this->fk_user); - if (isset($this->description)) $this->description=trim($this->description); - - - // Update request - $sql = "UPDATE ".MAIN_DB_PREFIX."projet_task_comment SET"; - $sql.= " description=".(isset($this->description)?"'".$this->db->escape($this->description)."'":"null").","; - $sql.= " datec=".($this->datec!=''?"'".$this->db->idate($this->datec)."'":'null').","; - $sql.= " fk_task=".(isset($this->fk_task)?$this->fk_task:"null").","; - $sql.= " fk_user=".(isset($this->fk_user)?$this->fk_user:"null").","; - $sql.= " entity=".(!empty($this->entity)?$this->entity:'1').","; - $sql.= " import_key=".(!empty($this->import_key)?"'".$this->db->escape($this->import_key)."'":"null"); - $sql.= " WHERE rowid=".$this->id; - - $this->db->begin(); - - dol_syslog(get_class($this)."::update", LOG_DEBUG); - $resql = $this->db->query($sql); - if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } - - if (! $error) - { - if (! $notrigger) - { - // Call trigger - $result=$this->call_trigger('TASK_COMMENT_MODIFY',$user); - if ($result < 0) { $error++; } - // End call triggers - } - } - - // Commit or rollback - if ($error) - { - foreach($this->errors as $errmsg) - { - dol_syslog(get_class($this)."::update ".$errmsg, LOG_ERR); - $this->error.=($this->error?', '.$errmsg:$errmsg); - } - $this->db->rollback(); - return -1*$error; - } - else - { - $this->db->commit(); - return 1; - } - } - - - /** - * Delete task from database - * - * @param User $user User that delete - * @param int $notrigger 0=launch triggers after, 1=disable triggers - * @return int <0 if KO, >0 if OK - */ - function delete($user, $notrigger=0) - { - global $conf, $langs; - require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - - $error=0; - - $this->db->begin(); - - $sql = "DELETE FROM ".MAIN_DB_PREFIX."projet_task_comment"; - $sql.= " WHERE rowid=".$this->id; - - $resql = $this->db->query($sql); - if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } - - if (! $error) - { - if (! $notrigger) - { - // Call trigger - $result=$this->call_trigger('TASK_COMMENT_DELETE',$user); - if ($result < 0) { $error++; } - // End call triggers - } - } - - // Commit or rollback - if ($error) - { - foreach($this->errors as $errmsg) - { - dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); - $this->error.=($this->error?', '.$errmsg:$errmsg); - } - $this->db->rollback(); - return -1*$error; - }else{ - $this->db->commit(); - return 1; - } - } } \ No newline at end of file diff --git a/htdocs/projet/comment.php b/htdocs/projet/comment.php new file mode 100644 index 00000000000..4e3d52a2f37 --- /dev/null +++ b/htdocs/projet/comment.php @@ -0,0 +1,189 @@ + + * Copyright (C) 2006-2017 Laurent Destailleur + * Copyright (C) 2010-2012 Regis Houssin + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/projet/tasks/task.php + * \ingroup project + * \brief Page of a project task + */ + +require '../main.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; +require_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/modules/project/modules_project.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; + +$langs->load("projects"); +$langs->load("companies"); + +$id=GETPOST('id','int'); +$idcomment=GETPOST('idcomment','int'); +$ref=GETPOST("ref",'alpha',1); // task ref +$objectref=GETPOST("taskref",'alpha'); // task ref +$action=GETPOST('action','alpha'); +$confirm=GETPOST('confirm','alpha'); +$withproject=GETPOST('withproject','int'); +$project_ref=GETPOST('project_ref','alpha'); +$planned_workload=((GETPOST('planned_workloadhour','int')!='' || GETPOST('planned_workloadmin','int')!='') ? (GETPOST('planned_workloadhour','int')>0?GETPOST('planned_workloadhour','int')*3600:0) + (GETPOST('planned_workloadmin','int')>0?GETPOST('planned_workloadmin','int')*60:0) : ''); + +// Security check +$socid=0; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. +if (! $user->rights->projet->lire) accessforbidden(); + +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('projectcard','globalcard')); + +$object = new Project($db); +$extrafields = new ExtraFields($db); +$object = new Project($db); + +// fetch optionals attributes and labels +$extralabels=$extrafields->fetch_name_optionals_label($object->table_element); + +// Load object +if ($id > 0 || ! empty($ref)) +{ + $ret = $object->fetch($id,$ref); // If we create project, ref may be defined into POST but record does not yet exists into database + if ($ret > 0) { + $object->fetch_thirdparty(); + $id=$object->id; + } +} + +// include comment actions +include DOL_DOCUMENT_ROOT . '/core/actions_comments.inc.php'; + +/* + * View +*/ + + +llxHeader('', $langs->trans("CommentPage")); + +$form = new Form($db); +$formother = new FormOther($db); +$formfile = new FormFile($db); + +// Tabs for project +$tab = 'project_comment'; +$head = project_prepare_head($object); +dol_fiche_head($head, $tab, $langs->trans("Project"), - 1, ($object->public ? 'projectpub' : 'project')); + +$param = ($mode == 'mine' ? '&mode=mine' : ''); + +// Project card + +$linkback = '' . $langs->trans("BackToList") . ''; + +$morehtmlref = '
'; +// Title +$morehtmlref .= $object->title; +// Thirdparty +if ($object->thirdparty->id > 0) { + $morehtmlref .= '
' . $langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1, 'project'); +} +$morehtmlref .= '
'; + +// Define a complementary filter for search of next/prev ref. +if (! $user->rights->projet->all->lire) { + $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); + $object->next_prev_filter = " rowid in (" . (count($objectsListId) ? join(',', array_keys($objectsListId)) : '0') . ")"; +} + +dol_banner_tab($object, 'project_ref', $linkback, 1, 'ref', 'ref', $morehtmlref); + +print '
'; +print '
'; +print '
'; + +print ''; + +// Visibility +print ''; + +// Date start - end +print ''; + +// Budget +print ''; + +// Other attributes +$cols = 2; +// include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; + +print '
' . $langs->trans("Visibility") . ''; +if ($object->public) print $langs->trans('SharedProject'); +else + print $langs->trans('PrivateProject'); +print '
' . $langs->trans("DateStart") . ' - ' . $langs->trans("DateEnd") . ''; +print dol_print_date($object->date_start, 'day'); +$end = dol_print_date($object->date_end, 'day'); +if ($end) print ' - ' . $end; +print '
' . $langs->trans("Budget") . ''; +if (strcmp($object->budget_amount, '')) print price($object->budget_amount, '', $langs, 1, 0, 0, $conf->currency); +print '
'; + +print '
'; +print '
'; +print '
'; +print '
'; + +print ''; + +// Description +print ''; + +// Categories +if ($conf->categorie->enabled) { + print '"; +} + +// Nb comments +print ''; + +print '
' . $langs->trans("Description") . ''; +print nl2br($object->description); +print '
' . $langs->trans("Categories") . ''; + print $form->showCategories($object->id, 'project', 1); + print "
'.$langs->trans("NbComments").''; +print $object->getNbComments(); +print '
'; + +print '
'; +print '
'; +print '
'; + +print '
'; + +dol_fiche_end(); + +print '
'; + +// Include comment tpl view +include DOL_DOCUMENT_ROOT . '/core/tpl/bloc_comment.tpl.php'; + + +llxFooter(); +$db->close(); diff --git a/htdocs/projet/tasks/comment.php b/htdocs/projet/tasks/comment.php index a36337c324d..e4250bad062 100644 --- a/htdocs/projet/tasks/comment.php +++ b/htdocs/projet/tasks/comment.php @@ -33,7 +33,6 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/modules/project/task/modules_task.php'; -require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; $langs->load("projects"); $langs->load("companies"); @@ -41,7 +40,7 @@ $langs->load("companies"); $id=GETPOST('id','int'); $idcomment=GETPOST('idcomment','int'); $ref=GETPOST("ref",'alpha',1); // task ref -$taskref=GETPOST("taskref",'alpha'); // task ref +$objectref=GETPOST("taskref",'alpha'); // task ref $action=GETPOST('action','alpha'); $confirm=GETPOST('confirm','alpha'); $withproject=GETPOST('withproject','int'); @@ -56,69 +55,25 @@ if (! $user->rights->projet->lire) accessforbidden(); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('projecttaskcard','globalcard')); -$task = new Task($db); -$object = new TaskComment($db); +$object = new Task($db); $extrafields = new ExtraFields($db); $projectstatic = new Project($db); -$userstatic = new User($db); // fetch optionals attributes and labels -$extralabels=$extrafields->fetch_name_optionals_label($task->table_element); +$extralabels=$extrafields->fetch_name_optionals_label($object->table_element); - -/* - * Actions - */ - -if ($action == 'addcomment') -{ - if (!empty($_POST['comment_description'])) - { - $object->description = GETPOST('comment_description'); - $object->datec = time(); - $object->fk_task = $id; - $object->fk_user = $user->id; - $object->entity = $conf->entity; - if ($object->create($user) > 0) - { - setEventMessages($langs->trans("CommentAdded"), null, 'mesgs'); - header('Location: '.DOL_URL_ROOT.'/projet/tasks/comment.php?id='.$id.($withproject?'&withproject=1':'')); - exit; - } - else - { - setEventMessages($task->error,$task->errors,'errors'); - $action=''; - } - } -} -if ($action == 'deletecomment') -{ - if ($object->fetch($idcomment) >= 0) - { - if ($object->delete($user) > 0) - { - setEventMessages($langs->trans("CommentDeleted"), null, 'mesgs'); - header('Location: '.DOL_URL_ROOT.'/projet/tasks/comment.php?id='.$id.($withproject?'&withproject=1':'')); - exit; - } - else - { - setEventMessages($task->error,$task->errors,'errors'); - $action=''; - } - } -} +// include comment actions +include DOL_DOCUMENT_ROOT . '/core/actions_comments.inc.php'; // Retreive First Task ID of Project if withprojet is on to allow project prev next to work if (! empty($project_ref) && ! empty($withproject)) { if ($projectstatic->fetch('',$project_ref) > 0) { - $tasksarray=$task->getTasksArray(0, 0, $projectstatic->id, $socid, 0); - if (count($tasksarray) > 0) + $objectsarray=$object->getTasksArray(0, 0, $projectstatic->id, $socid, 0); + if (count($objectsarray) > 0) { - $id=$tasksarray[0]->id; + $id=$objectsarray[0]->id; } else { @@ -132,7 +87,7 @@ if (! empty($project_ref) && ! empty($withproject)) */ -llxHeader('', $langs->trans("TaskComment")); +llxHeader('', $langs->trans("CommentPage")); $form = new Form($db); $formother = new FormOther($db); @@ -140,14 +95,14 @@ $formfile = new FormFile($db); if ($id > 0 || ! empty($ref)) { - if ($task->fetch($id,$ref) > 0) + if ($object->fetch($id,$ref) > 0) { - $res=$task->fetch_optionals($task->id,$extralabels); + $res=$object->fetch_optionals($object->id,$extralabels); - $result=$projectstatic->fetch($task->fk_project); + $result=$projectstatic->fetch($object->fk_project); if (! empty($projectstatic->socid)) $projectstatic->fetch_thirdparty(); - $task->project = clone $projectstatic; + $object->project = clone $projectstatic; $userWrite = $projectstatic->restrictedProjectArea($user,'write'); @@ -177,8 +132,8 @@ if ($id > 0 || ! empty($ref)) // Define a complementary filter for search of next/prev ref. if (! $user->rights->projet->all->lire) { - $tasksListId = $projectstatic->getProjectsAuthorizedForUser($user,0,0); - $projectstatic->next_prev_filter=" rowid in (".(count($tasksListId)?join(',',array_keys($tasksListId)):'0').")"; + $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,0); + $projectstatic->next_prev_filter=" rowid in (".(count($objectsListId)?join(',',array_keys($objectsListId)):'0').")"; } dol_banner_tab($projectstatic, 'project_ref', $linkback, 1, 'ref', 'ref', $morehtmlref); @@ -245,7 +200,7 @@ if ($id > 0 || ! empty($ref)) print '
'; } - $head=task_prepare_head($task); + $head=task_prepare_head($object); /* * Fiche tache en mode visu @@ -263,9 +218,9 @@ if ($id > 0 || ! empty($ref)) if (! GETPOST('withproject') || empty($projectstatic->id)) { $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1); - $task->next_prev_filter=" fk_projet in (".$projectsListId.")"; + $object->next_prev_filter=" fk_projet in (".$projectsListId.")"; } - else $task->next_prev_filter=" fk_projet = ".$projectstatic->id; + else $object->next_prev_filter=" fk_projet = ".$projectstatic->id; $morehtmlref=''; @@ -285,7 +240,7 @@ if ($id > 0 || ! empty($ref)) $morehtmlref.=''; } - dol_banner_tab($task, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, $param); + dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, $param); print '
'; @@ -293,8 +248,8 @@ if ($id > 0 || ! empty($ref)) print ''; // Nb comments - print ''; // Other attributes @@ -308,102 +263,9 @@ if ($id > 0 || ! empty($ref)) dol_fiche_end(); - - print '
'; - print '
'; - - // Add comment - - print '
'; - print ''; - print ''; - print ''; - print ''; - - print '
'.$langs->trans("TaskNbComments").''; - print $task->getNbComments(); + print ''.$langs->trans("NbComments").''; + print $object->getNbComments(); print '
'; - - print ''; - print ''; - print ''; - print ''; - print ''; - print "\n"; - - print ''; - print ''; - - // Description - print ''; - - print ''; - print '
'.$langs->trans("Comments").'
'; - - $desc = ($_POST['comment_description']?$_POST['comment_description']:''); - - $doleditor = new DolEditor('comment_description', $desc, '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '100%'); - print $doleditor->Create(1); - - print ''; - print ''; - print '
'; - - // List of comments - if(!empty($task->comments)) { - // Default color for current user - $TColors = array($user->id => array('bgcolor'=>'efefef','color'=>'555')); - $first = true; - foreach($task->comments as $comment) { - $fk_user = $comment->fk_user; - $userstatic->fetch($fk_user); - if(empty($TColors[$fk_user])) { - $bgcolor = random_color(180,240); - if(!empty($userstatic->color)) { - $bgcolor = $userstatic->color; - } - $color = (colorIsLight($bgcolor))?'555':'fff'; - $TColors[$fk_user] = array('bgcolor'=>$bgcolor,'color'=>$color); - } - print '
'; - if($comment->fk_user == $user->id) { - print '
 
'; - } - - print '
'; - print '
'; - if (! empty($user->photo)) - { - print Form::showphoto('userphoto', $userstatic, 80, 0, 0, '', 'small', 0, 1).'
'; - } - print $langs->trans('User').' : '.$userstatic->getNomUrl().'
'; - print $langs->trans('Date').' : '.dol_print_date($comment->datec,'dayhoursec'); - print '
'; // End comment-info - - print '
'; - print '
'; - print '
'; - print $comment->description; - print '
'; // End comment-description - if(($first && $fk_user == $user->id) || $user->admin == 1) { - print ''; - print img_picto('', 'delete.png'); - print ''; - } - print '
'; // End comment-table - print '
'; // End comment-right - print '
'; // End comment - - if($comment->fk_user != $user->id) { - print '
 
'; - } - print '
'; - print '
'; // end 100p - - $first = false; - } - } - - print '
'; - print '
'; + + // Include comment tpl view + include DOL_DOCUMENT_ROOT . '/core/tpl/bloc_comment.tpl.php'; } } From db8d27f0fe89821cc99d20fbfc88710def29471c Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 3 Oct 2017 12:08:25 +0200 Subject: [PATCH 2/7] Fix: wrong type value --- htdocs/categories/viewcat.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 75a9215e18d..a3ca8053281 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -319,7 +319,7 @@ else // List of products or services (type is type of category) -if ($object->type == Categorie::TYPE_PRODUCT) +if ($type == Categorie::TYPE_PRODUCT) { $prods = $object->getObjectsInCateg("product"); if ($prods < 0) @@ -391,7 +391,7 @@ if ($object->type == Categorie::TYPE_PRODUCT) } } -if ($object->type == Categorie::TYPE_SUPPLIER) +if ($type == Categorie::TYPE_SUPPLIER) { $socs = $object->getObjectsInCateg("supplier"); if ($socs < 0) @@ -440,7 +440,7 @@ if ($object->type == Categorie::TYPE_SUPPLIER) } } -if($object->type == Categorie::TYPE_CUSTOMER) +if($type == Categorie::TYPE_CUSTOMER) { $socs = $object->getObjectsInCateg("customer"); if ($socs < 0) @@ -494,7 +494,7 @@ if($object->type == Categorie::TYPE_CUSTOMER) } // List of members -if ($object->type == Categorie::TYPE_MEMBER) +if ($type == Categorie::TYPE_MEMBER) { require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; @@ -547,7 +547,7 @@ if ($object->type == Categorie::TYPE_MEMBER) } // Categorie contact -if($object->type == Categorie::TYPE_CONTACT) +if ($type == Categorie::TYPE_CONTACT) { $contacts = $object->getObjectsInCateg("contact"); if ($contacts < 0) @@ -600,7 +600,7 @@ if($object->type == Categorie::TYPE_CONTACT) } // List of accounts -if ($object->type == Categorie::TYPE_ACCOUNT) +if ($type == Categorie::TYPE_ACCOUNT) { require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; @@ -653,7 +653,7 @@ if ($object->type == Categorie::TYPE_ACCOUNT) } // List of Project -if ($object->type == Categorie::TYPE_PROJECT) +if ($type == Categorie::TYPE_PROJECT) { require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; From f8f4ff6d2149a63b1c08601024fca7402d03506f Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 3 Oct 2017 13:07:07 +0200 Subject: [PATCH 3/7] Fix: missing include api_categories class --- htdocs/adherents/class/api_members.class.php | 25 +++++- .../categories/class/api_categories.class.php | 76 ++++++++--------- htdocs/product/class/api_products.class.php | 84 ++++++++++--------- htdocs/societe/class/api_contacts.class.php | 6 +- .../societe/class/api_thirdparties.class.php | 76 +++++++++-------- 5 files changed, 151 insertions(+), 116 deletions(-) diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 4d13b6347ec..571c77d91f7 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2016 Xebax Christy + * Copyright (C) 2017 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -357,4 +358,26 @@ class Members extends DolibarrApi return $member->subscription($start_date, $amount, 0, '', $label, '', '', '', $end_date); } + /** + * Get categories for a member + * + * @param int $id ID of member + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * + * @return mixed + * + * @url GET {id}/categories + */ + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + + $categories = new Categories(); + + return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'member', $id); + } + } diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index ed10e337f7b..a43ccbd180b 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -23,13 +23,13 @@ /** * API class for categories * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} */ class Categories extends DolibarrApi { /** - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'label', @@ -44,7 +44,7 @@ class Categories extends DolibarrApi 4 => 'contact', 5 => 'account', ); - + /** * @var Categorie $category {@type Categorie} */ @@ -67,20 +67,20 @@ class Categories extends DolibarrApi * * @param int $id ID of category * @return array|mixed data without useless information - * + * * @throws RestException */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->categorie->lire) { throw new RestException(401); } - + $result = $this->category->fetch($id); if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -90,7 +90,7 @@ class Categories extends DolibarrApi /** * List categories - * + * * Get a list of categories * * @param string $sortfield Sort field @@ -105,13 +105,13 @@ class Categories extends DolibarrApi */ function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $type = '', $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + if(! DolibarrApiAccess::$user->rights->categorie->lire) { throw new RestException(401); } - + $sql = "SELECT t.rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."categorie as t"; $sql.= ' WHERE t.entity IN ('.getEntity('category').')'; @@ -120,7 +120,7 @@ class Categories extends DolibarrApi $sql.= ' AND t.type='.array_search($type,Categories::$TYPES); } // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -129,7 +129,7 @@ class Categories extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { if ($page < 0) @@ -168,7 +168,7 @@ class Categories extends DolibarrApi /** * List categories of an entity - * + * * Note: This method is not directly exposed in the API, it is used * in the GET /xxx/{id}/categories requests. * @@ -184,9 +184,9 @@ class Categories extends DolibarrApi */ function getListForItem($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $type='customer', $item = 0) { global $db, $conf; - + $obj_ret = array(); - + if(! DolibarrApiAccess::$user->rights->categorie->lire) { throw new RestException(401); } @@ -250,13 +250,13 @@ class Categories extends DolibarrApi if( ! count($obj_ret)) { throw new RestException(404, 'No category found'); } - + return $obj_ret; } /** * Create category object - * + * * @param array $request_data Request data * @return int ID of category */ @@ -268,7 +268,7 @@ class Categories extends DolibarrApi // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->category->$field = $value; } @@ -280,22 +280,22 @@ class Categories extends DolibarrApi /** * Update category - * + * * @param int $id Id of category to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->categorie->creer) { throw new RestException(401); } - + $result = $this->category->fetch($id); if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -304,13 +304,13 @@ class Categories extends DolibarrApi if ($field == 'id') continue; $this->category->$field = $value; } - + if($this->category->update(DolibarrApiAccess::$user)) return $this->get ($id); - + return false; } - + /** * Delete category * @@ -326,15 +326,15 @@ class Categories extends DolibarrApi if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + if (! $this->category->delete(DolibarrApiAccess::$user)) { throw new RestException(401,'error when delete category'); } - + return array( 'success' => array( 'code' => 200, @@ -342,8 +342,8 @@ class Categories extends DolibarrApi ) ); } - - + + /** * Clean sensible object datas * @@ -351,9 +351,9 @@ class Categories extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + // Remove fields not relevent to categories unset($object->country); unset($object->country_id); @@ -394,16 +394,16 @@ class Categories extends DolibarrApi unset($object->fk_project); unset($object->note); unset($object->statut); - + return $object; } - + /** * Validate fields before create or update object - * + * * @param array|null $data Data to validate * @return array - * + * * @throws RestException */ function _validate($data) diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 0d6694ac569..a16022ea047 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -16,24 +16,24 @@ */ use Luracast\Restler\RestException; - + require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for products * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} */ class Products extends DolibarrApi { /** - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'ref', - 'label' + 'label' ); /** @@ -53,30 +53,30 @@ class Products extends DolibarrApi /** * Get properties of a product object - * + * * Return an array with product informations * * @param int $id ID of product * @return array|mixed data without useless information - * + * * @throws RestException * TODO implement getting a product by ref or by $ref_ext */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->produit->lire) { throw new RestException(401); } - + $result = $this->product->fetch($id); if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + $this->product->load_stock(); return $this->_cleanObjectDatas($this->product); @@ -84,9 +84,9 @@ class Products extends DolibarrApi /** * List products - * + * * Get a list of products - * + * * @param string $sortfield Sort field * @param string $sortorder Sort order * @param int $limit Limit for list @@ -98,9 +98,9 @@ class Products extends DolibarrApi */ function index($sortfield = "t.ref", $sortorder = 'ASC', $limit = 0, $page = 0, $mode=0, $category=0, $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : ''; $sql = "SELECT t.rowid, t.ref, t.ref_ext"; @@ -121,7 +121,7 @@ class Products extends DolibarrApi // Show services if ($mode == 2) $sql.= " AND t.fk_product_type = 1"; // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -130,7 +130,7 @@ class Products extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { if ($page < 0) @@ -165,10 +165,10 @@ class Products extends DolibarrApi } return $obj_ret; } - + /** * Create product object - * + * * @param array $request_data Request data * @return int ID of product */ @@ -179,35 +179,35 @@ class Products extends DolibarrApi } // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->product->$field = $value; } if ($this->product->create(DolibarrApiAccess::$user) < 0) { throw new RestException(500, "Error creating product", array_merge(array($this->product->error), $this->product->errors)); } - + return $this->product->id; } /** * Update product - * + * * @param int $id Id of product to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->produit->creer) { throw new RestException(401); } - + $result = $this->product->fetch($id); if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -216,16 +216,16 @@ class Products extends DolibarrApi if ($field == 'id') continue; $this->product->$field = $value; } - + if($this->product->update($id, DolibarrApiAccess::$user,1,'update')) return $this->get ($id); - + return false; } - + /** * Delete product - * + * * @param int $id Product ID * @return array */ @@ -238,18 +238,18 @@ class Products extends DolibarrApi if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + // The Product::delete() method uses the global variable $user. global $user; $user = DolibarrApiAccess::$user; return $this->product->delete(DolibarrApiAccess::$user); } - + /** * Get categories for a product * @@ -263,9 +263,13 @@ class Products extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - $categories = new Categories(); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'product', $id); + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + + $categories = new Categories(); + + return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'product', $id); } /** @@ -275,17 +279,17 @@ class Products extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + unset($object->regeximgext); - + return $object; } - + /** * Validate fields before create or update object - * + * * @param array $data Datas to validate * @return array * @throws RestException diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index fcfdf4ad084..6d3a5970c9b 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -333,8 +333,12 @@ class Contacts extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categories(); + return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'contact', $id); } diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index f25fda9a5fb..88492779bda 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -21,15 +21,15 @@ /** * API class for thirdparties * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} - * + * */ class Thirdparties extends DolibarrApi { /** * - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'name' @@ -48,7 +48,7 @@ class Thirdparties extends DolibarrApi global $db, $conf; $this->db = $db; $this->company = new Societe($this->db); - + if (! empty($conf->global->SOCIETE_EMAIL_MANDATORY)) { static::$FIELDS[] = 'email'; } @@ -61,20 +61,20 @@ class Thirdparties extends DolibarrApi * * @param int $id ID of thirdparty * @return array|mixed data without useless information - * + * * @throws RestException */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->societe->lire) { throw new RestException(401); } - + $result = $this->company->fetch($id); if( ! $result ) { throw new RestException(404, 'Thirdparty not found'); } - + if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -84,14 +84,14 @@ class Thirdparties extends DolibarrApi /** * List thirdparties - * + * * Get a list of thirdparties - * + * * @param string $sortfield Sort field * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number - * @param int $mode Set to 1 to show only customers + * @param int $mode Set to 1 to show only customers * Set to 2 to show only prospects * Set to 3 to show only those are not customer neither prospect * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" @@ -99,12 +99,12 @@ class Thirdparties extends DolibarrApi */ function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $mode=0, $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + // case of external user, we force socids $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : ''; - + // If the internal user must only see his customers, force searching by him $search_sale = 0; if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id; @@ -112,7 +112,7 @@ class Thirdparties extends DolibarrApi $sql = "SELECT t.rowid"; if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql.= " FROM ".MAIN_DB_PREFIX."societe as t"; - + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st"; $sql.= " WHERE t.fk_stcomm = st.id"; @@ -130,7 +130,7 @@ class Thirdparties extends DolibarrApi $sql .= " AND sc.fk_user = ".$search_sale; } // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -139,7 +139,7 @@ class Thirdparties extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { @@ -175,7 +175,7 @@ class Thirdparties extends DolibarrApi } return $obj_ret; } - + /** * Create thirdparty object * @@ -189,13 +189,13 @@ class Thirdparties extends DolibarrApi } // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->company->$field = $value; } if ($this->company->create(DolibarrApiAccess::$user) < 0) throw new RestException(500, 'Error creating thirdparty', array_merge(array($this->company->error), $this->company->errors)); - + return $this->company->id; } @@ -203,20 +203,20 @@ class Thirdparties extends DolibarrApi * Update thirdparty * * @param int $id Id of thirdparty to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->societe->creer) { throw new RestException(401); } - + $result = $this->company->fetch($id); if( ! $result ) { throw new RestException(404, 'Thirdparty not found'); } - + if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -225,13 +225,13 @@ class Thirdparties extends DolibarrApi if ($field == 'id') continue; $this->company->$field = $value; } - + if($this->company->update($id, DolibarrApiAccess::$user,1,'','','update')) return $this->get ($id); - + return false; } - + /** * Delete thirdparty * @@ -252,7 +252,7 @@ class Thirdparties extends DolibarrApi } return $this->company->delete($id); } - + /** * Get categories for a thirdparty * @@ -266,8 +266,12 @@ class Thirdparties extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categories(); + return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'customer', $id); } @@ -318,24 +322,24 @@ class Thirdparties extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + unset($object->total_ht); unset($object->total_tva); unset($object->total_localtax1); unset($object->total_localtax2); unset($object->total_ttc); - + return $object; - } - + } + /** * Validate fields before create or update object - * + * * @param array $data Datas to validate * @return array - * + * * @throws RestException */ function _validate($data) From 4537e5472b0bd7172476e7dfb7943483840aee3e Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 3 Oct 2017 19:01:54 +0200 Subject: [PATCH 4/7] Fix: refactorization of "getListForItem" function --- htdocs/adherents/class/api_members.class.php | 19 +++- .../categories/class/api_categories.class.php | 88 ----------------- htdocs/categories/class/categorie.class.php | 94 +++++++++++++++++++ htdocs/product/class/api_products.class.php | 14 ++- htdocs/societe/class/api_contacts.class.php | 15 ++- .../societe/class/api_thirdparties.class.php | 15 ++- 6 files changed, 143 insertions(+), 102 deletions(-) diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 571c77d91f7..a4a888ae9a5 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -20,6 +20,7 @@ use Luracast\Restler\RestException; require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for members @@ -362,8 +363,8 @@ class Members extends DolibarrApi * Get categories for a member * * @param int $id ID of member - * @param string $sortfield Sort field - * @param string $sortorder Sort order + * @param string $sortfield Sort field + * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number * @@ -373,11 +374,19 @@ class Members extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categorie($this->db); - $categories = new Categories(); + $result = $categories->getListForItem($id, 'member', $sortfield, $sortorder, $limit, $page); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'member', $id); + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } } diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index a43ccbd180b..1c8d9fcfe50 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -166,94 +166,6 @@ class Categories extends DolibarrApi return $obj_ret; } - /** - * List categories of an entity - * - * Note: This method is not directly exposed in the API, it is used - * in the GET /xxx/{id}/categories requests. - * - * @param string $sortfield Sort field - * @param string $sortorder Sort order - * @param int $limit Limit for list - * @param int $page Page number - * @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact') - * @param int $item Id of the item to get categories for - * @return array Array of category objects - * - * @access private - */ - function getListForItem($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $type='customer', $item = 0) { - global $db, $conf; - - $obj_ret = array(); - - if(! DolibarrApiAccess::$user->rights->categorie->lire) { - throw new RestException(401); - } - //if ($type == "") { - //$type="product"; - //} - $sub_type = $type; - $subcol_name = "fk_".$type; - if ($type=="customer" || $type=="supplier") { - $sub_type="societe"; - $subcol_name="fk_soc"; - } - if ($type=="contact") { - $subcol_name="fk_socpeople"; - } - $sql = "SELECT s.rowid"; - $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s"; - $sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub "; - $sql.= ' WHERE s.entity IN ('.getEntity('category').')'; - $sql.= ' AND s.type='.array_search($type,Categories::$TYPES); - $sql.= ' AND s.rowid = sub.fk_categorie'; - $sql.= ' AND sub.'.$subcol_name.' = '.$item; - - $nbtotalofrecords = ''; - if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) - { - $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - } - - $sql.= $db->order($sortfield, $sortorder); - if ($limit) { - if ($page < 0) - { - $page = 0; - } - $offset = $limit * $page; - - $sql.= $db->plimit($limit + 1, $offset); - } - - $result = $db->query($sql); - if ($result) - { - $i=0; - $num = $db->num_rows($result); - $min = min($num, ($limit <= 0 ? $num : $limit)); - while ($i < $min) - { - $obj = $db->fetch_object($result); - $category_static = new Categorie($db); - if($category_static->fetch($obj->rowid)) { - $obj_ret[] = $this->_cleanObjectDatas($category_static); - } - $i++; - } - } - else { - throw new RestException(503, 'Error when retrieve category list : '.$db->lasterror()); - } - if( ! count($obj_ret)) { - throw new RestException(404, 'No category found'); - } - - return $obj_ret; - } - /** * Create category object * diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 5cbe56554dd..6027f76ec58 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -879,6 +879,100 @@ class Categorie extends CommonObject } } + /** + * List categories of an element id + * + * @param int $item Id of element + * @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact') + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * @return array Array of categories + */ + function getListForItem($id, $type='customer', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + global $conf; + + $categories = array(); + + $sub_type = $type; + $subcol_name = "fk_".$type; + if ($type=="customer" || $type=="supplier") { + $sub_type="societe"; + $subcol_name="fk_soc"; + } + if ($type=="contact") { + $subcol_name="fk_socpeople"; + } + $sql = "SELECT s.rowid"; + $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s"; + $sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub "; + $sql.= ' WHERE s.entity IN ('.getEntity('category').')'; + $sql.= ' AND s.type='.array_search($type, self::$MAP_ID_TO_CODE); + $sql.= ' AND s.rowid = sub.fk_categorie'; + $sql.= ' AND sub.'.$subcol_name.' = '.$id; + + $nbtotalofrecords = ''; + if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) + { + $result = $this->db->query($sql); + $nbtotalofrecords = $this->db->num_rows($result); + } + + $sql.= $this->db->order($sortfield, $sortorder); + if ($limit) { + if ($page < 0) + { + $page = 0; + } + $offset = $limit * $page; + + $sql.= $this->db->plimit($limit + 1, $offset); + } + + $result = $this->db->query($sql); + if ($result) + { + $i=0; + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + while ($i < $min) + { + $obj = $this->db->fetch_object($result); + $category_static = new Categorie($this->db); + if ($category_static->fetch($obj->rowid)) + { + $categories[$i]['id'] = $category_static->id; + $categories[$i]['fk_parent'] = $category_static->fk_parent; + $categories[$i]['label'] = $category_static->label; + $categories[$i]['description'] = $category_static->description; + $categories[$i]['color'] = $category_static->color; + $categories[$i]['socid'] = $category_static->socid; + $categories[$i]['visible'] = $category_static->visible; + $categories[$i]['type'] = $category_static->type; + $categories[$i]['entity'] = $category_static->entity; + $categories[$i]['array_options'] = $category_static->array_options; + + // multilangs + if (! empty($conf->global->MAIN_MULTILANGS)) { + $categories[$i]['multilangs'] = $category_static->multilangs; + } + } + $i++; + } + } + else { + $this->error = $this->db->lasterror(); + return -1; + } + if ( ! count($categories)) { + return 0; + } + + return $categories; + } + /** * Return childs of a category * diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index a16022ea047..809b8b160c3 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -265,11 +265,19 @@ class Products extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categorie($this->db); - $categories = new Categories(); + $result = $categories->getListForItem($id, 'product', $sortfield, $sortorder, $limit, $page); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'product', $id); + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index 6d3a5970c9b..29bb43d211d 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -18,6 +18,7 @@ use Luracast\Restler\RestException; //require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for contacts @@ -335,11 +336,19 @@ class Contacts extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categorie($this->db); - $categories = new Categories(); + $result = $categories->getListForItem($id, 'contact', $sortfield, $sortorder, $limit, $page); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'contact', $id); + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 88492779bda..0fe5d5e706e 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -17,6 +17,7 @@ use Luracast\Restler\RestException; + require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for thirdparties @@ -268,11 +269,19 @@ class Thirdparties extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - require_once DOL_DOCUMENT_ROOT.'/categories/class/api_categories.class.php'; + $categories = new Categorie($this->db); - $categories = new Categories(); + $result = $categories->getListForItem($id, 'customer', $sortfield, $sortorder, $limit, $page); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'customer', $id); + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** From 45de1ca21efdfc061ef931c8ad863fedd6bda90a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 3 Oct 2017 19:09:46 +0200 Subject: [PATCH 5/7] Fix: check security --- htdocs/adherents/class/api_members.class.php | 4 ++++ htdocs/product/class/api_products.class.php | 4 ++++ htdocs/societe/class/api_contacts.class.php | 4 ++++ htdocs/societe/class/api_thirdparties.class.php | 4 ++++ 4 files changed, 16 insertions(+) diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index a4a888ae9a5..99a4f401171 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -374,6 +374,10 @@ class Members extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + $categories = new Categorie($this->db); $result = $categories->getListForItem($id, 'member', $sortfield, $sortorder, $limit, $page); diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 809b8b160c3..25071801fe3 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -265,6 +265,10 @@ class Products extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + $categories = new Categorie($this->db); $result = $categories->getListForItem($id, 'product', $sortfield, $sortorder, $limit, $page); diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index 29bb43d211d..0e3c10ce726 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -336,6 +336,10 @@ class Contacts extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + $categories = new Categorie($this->db); $result = $categories->getListForItem($id, 'contact', $sortfield, $sortorder, $limit, $page); diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 0fe5d5e706e..ab38f62b2ed 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -269,6 +269,10 @@ class Thirdparties extends DolibarrApi */ function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + $categories = new Categorie($this->db); $result = $categories->getListForItem($id, 'customer', $sortfield, $sortorder, $limit, $page); From 69314e08aca32cd0497a1903125ec5c7805d450c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 4 Oct 2017 10:12:51 +0200 Subject: [PATCH 6/7] can't clean search_type in holiday list --- htdocs/holiday/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index 2e63793cbfd..e4c5437028b 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -418,7 +418,7 @@ foreach($typeleaves as $key => $val) //$labeltoshow .= ($val['delay'] > 0 ? ' ('.$langs->trans("NoticePeriod").': '.$val['delay'].' '.$langs->trans("days").')':''); $arraytypeleaves[$val['rowid']]=$labeltoshow; } -print $form->selectarray('search_type', $arraytypeleaves, (GETPOST('search_type')?GETPOST('search_type'):''), 1); +print $form->selectarray('search_type', $arraytypeleaves, $search_type, 1); print ''; // Duration From 2dee81125a53bbbd898c35937f8250e4ce9e46d9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 4 Oct 2017 11:18:31 +0200 Subject: [PATCH 7/7] Hide comment feature for the moment --- htdocs/projet/admin/project.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/projet/admin/project.php b/htdocs/projet/admin/project.php index 54e864e1bf6..53444a7580c 100644 --- a/htdocs/projet/admin/project.php +++ b/htdocs/projet/admin/project.php @@ -918,6 +918,8 @@ print ''; print ' '; print ''; +/* Kept as hidden feature because this will be "probaly be supported by standard event feature in a future + print ''; print ''.$langs->trans("AllowCommentOnProject").''; @@ -935,6 +937,7 @@ echo ajax_constantonoff('PROJECT_ALLOW_COMMENT_ON_TASK'); print ''; print ' '; print ''; +*/ print '';