diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index cc420c48d15..86a4708b489 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -1,6 +1,6 @@ - * Copyright (C) 2004-2011 Laurent Destailleur + * Copyright (C) 2004-2013 Laurent Destailleur * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 449ba902c26..0ca4bd9391e 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -410,7 +410,7 @@ class Conf $this->maxfilesize = (empty($this->global->MAIN_UPLOAD_DOC) ? 0 : $this->global->MAIN_UPLOAD_DOC * 1024); // Define list of limited modules - if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='facture,commande,fournisseur,contact,propal,projet,contrat,societe,ficheinter,expedition,agenda'; // '' means 'all'. Note that contact is added here as it should be a module later. + if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,facture,commande,fournisseur,contact,propal,projet,contrat,societe,ficheinter,expedition,agenda'; // '' means 'all'. Note that contact is added here as it should be a module later. // Timeouts if (empty($this->global->MAIN_USE_CONNECT_TIMEOUT)) $this->global->MAIN_USE_CONNECT_TIMEOUT=10; diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index fa0c80ce4ae..0713430f66e 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -186,9 +186,9 @@ function show_array_actions_to_do($max=5) $sql.= " s.nom as sname, s.rowid, s.client"; $sql.= " FROM (".MAIN_DB_PREFIX."c_actioncomm as c,"; $sql.= " ".MAIN_DB_PREFIX."actioncomm as a"; + $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ")"; - $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql.= " WHERE c.id = a.fk_action"; $sql.= " AND a.entity = ".$conf->entity; $sql.= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep2 > '".$db->idate($now)."'))"; @@ -285,9 +285,9 @@ function show_array_last_actions_done($max=5) $sql.= " s.rowid, s.nom as sname, s.client"; $sql.= " FROM (".MAIN_DB_PREFIX."c_actioncomm as c,"; $sql.= " ".MAIN_DB_PREFIX."actioncomm as a"; + $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.=")"; - $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql.= " WHERE c.id = a.fk_action"; $sql.= " AND a.entity = ".$conf->entity; $sql.= " AND (a.percent >= 100 OR (a.percent = -1 AND a.datep2 <= '".$db->idate($now)."'))"; diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index dd3b9981fce..f3780d0876a 100755 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -150,11 +150,11 @@ if (! empty($dolibarr_main_document_root_alt)) // Define DOL_MAIN_URL_ROOT and DOL_URL_ROOT $tmp=''; $found=0; -$real_dolibarr_main_document_root=str_replace('\\','/',realpath($dolibarr_main_document_root)); -$pathroot=$_SERVER["DOCUMENT_ROOT"]; -$paths=explode('/',str_replace('\\','/',$_SERVER["SCRIPT_NAME"])); +$real_dolibarr_main_document_root=str_replace('\\','/',realpath($dolibarr_main_document_root)); // A) Ex: C:/xxx/dolibarr/htdocs +$pathroot=$_SERVER["DOCUMENT_ROOT"]; // B) Ex: C:/Program Files/wamp/www/ +$paths=explode('/',str_replace('\\','/',$_SERVER["SCRIPT_NAME"])); // C) Ex: /dolibarr/htdocs/admin/system/phpinfo.php $concatpath=''; -foreach($paths as $tmppath) +foreach($paths as $tmppath) // We check to find (B+start of C)=A { if ($tmppath) $concatpath.='/'.$tmppath; //print $_SERVER["SCRIPT_NAME"].'-'.$pathroot.'-'.$concatpath.'-'.$real_dolibarr_main_document_root.'-'.realpath($pathroot.$concatpath).'
'; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 1c1c1b916fa..ef18e248010 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -63,6 +63,7 @@ if ($user->id == $id && (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user- $feature2=''; $canreaduser=1; } + $result = restrictedArea($user, 'user', $id, '&user', $feature2); if ($user->id <> $id && ! $canreaduser) accessforbidden(); @@ -268,8 +269,7 @@ print '
'; if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"), 0, 1).'
'; // Show warning about external users -print showModulesExludedForExternal($modules).'
'."\n"; -print "
\n"; +if (empty($user->societe_id)) print showModulesExludedForExternal($modules).'

'."\n"; // For multicompany transversal mode if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))