From 6fd533481225ce81d6ccfc862d2d70961a66e94e Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 3 Mar 2016 10:10:55 +0100 Subject: [PATCH] Fix: compatibility with multicompany transversal mode and more security issue --- htdocs/societe/commerciaux.php | 40 ++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/htdocs/societe/commerciaux.php b/htdocs/societe/commerciaux.php index 498257ea496..245626752e4 100644 --- a/htdocs/societe/commerciaux.php +++ b/htdocs/societe/commerciaux.php @@ -33,7 +33,7 @@ $langs->load("suppliers"); $langs->load("banks"); // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST('socid', 'int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'societe','',''); @@ -43,7 +43,7 @@ $hookmanager->initHooks(array('salesrepresentativescard','globalcard')); * Actions */ -if($_GET["socid"] && $_GET["commid"]) +if (! empty($socid) && $_GET["commid"]) { $action = 'add'; @@ -51,8 +51,8 @@ if($_GET["socid"] && $_GET["commid"]) { $soc = new Societe($db); - $soc->id = $_GET["socid"]; - $soc->fetch($_GET["socid"]); + $soc->id = $socid; + $soc->fetch($socid); $parameters=array('id'=>$_GET["commid"]); @@ -61,17 +61,17 @@ if($_GET["socid"] && $_GET["commid"]) if (empty($reshook)) $soc->add_commercial($user, $_GET["commid"]); - header("Location: commerciaux.php?socid=".$soc->id); + header("Location: ".$_SERVER["PHP_SELF"]."?socid=".$soc->id); exit; } else { - header("Location: commerciaux.php?socid=".$_GET["socid"]); + header("Location: ".$_SERVER["PHP_SELF"]."?socid=".$socid); exit; } } -if($_GET["socid"] && $_GET["delcommid"]) +if (! empty($socid) && $_GET["delcommid"]) { $action = 'delete'; @@ -87,12 +87,12 @@ if($_GET["socid"] && $_GET["delcommid"]) if (empty($reshook)) $soc->del_commercial($user, $_GET["delcommid"]); - header("Location: commerciaux.php?socid=".$soc->id); + header("Location: ".$_SERVER["PHP_SELF"]."?socid=".$soc->id); exit; } else { - header("Location: commerciaux.php?socid=".$_GET["socid"]); + header("Location: ".$_SERVER["PHP_SELF"]."?socid=".$socid); exit; } } @@ -107,11 +107,11 @@ llxHeader('',$langs->trans("ThirdParty"),$help_url); $form = new Form($db); -if ($_GET["socid"]) +if (! empty($socid)) { $soc = new Societe($db); - $soc->id = $_GET["socid"]; - $result=$soc->fetch($_GET["socid"]); + $soc->id = $socid; + $result=$soc->fetch($socid); $action='view'; @@ -190,7 +190,7 @@ if ($_GET["socid"]) print ' '; if ($user->rights->societe->creer) { - print ''; + print ''; print img_delete(); print ''; } @@ -222,9 +222,17 @@ if ($_GET["socid"]) $langs->load("users"); $title=$langs->trans("ListOfUsers"); - $sql = "SELECT u.rowid, u.lastname, u.firstname, u.login"; + $sql = "SELECT DISTINCT u.rowid, u.lastname, u.firstname, u.login"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; - $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; + if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + { + $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; + $sql.= " WHERE (ug.fk_user = u.rowid"; + $sql.= " AND ug.entity = ".$conf->entity.")"; + $sql.= " OR u.admin = 1"; + } + else + $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; if (! empty($conf->global->USER_HIDE_INACTIVE_IN_COMBOBOX)) $sql.= " AND u.statut<>0 "; $sql.= " ORDER BY u.lastname ASC "; @@ -256,7 +264,7 @@ if ($_GET["socid"]) print dolGetFirstLastname($obj->firstname, $obj->lastname)."\n"; print ''; print ''.$obj->login.''; - print ''.$langs->trans("Add").''; + print ''.$langs->trans("Add").''; print ''."\n"; $i++;