From 7c27a410a04b741d3d4398af6aaf56cdef3a98f6 Mon Sep 17 00:00:00 2001 From: Rodolphe Quiedeville Date: Tue, 13 Jul 2004 13:02:40 +0000 Subject: [PATCH] Modif pour register_globals=off --- htdocs/comm/action/fiche.php | 77 ++++++------ htdocs/compta/fiche.php | 227 +++++++++++++++++------------------ 2 files changed, 143 insertions(+), 161 deletions(-) diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index e2b49475463..00828185117 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -39,31 +39,31 @@ if ($user->societe_id > 0) * * */ -if ($HTTP_POST_VARS["action"] == 'add_action') +if ($_POST["action"] == 'add_action') { - if ($contactid) + if ($_POST["contactid"]) { $contact = new Contact($db); - $contact->fetch($contactid); + $contact->fetch($_POST["contactid"]); } $societe = new Societe($db); - $societe->fetch($socid); + $societe->fetch($_POST["socid"]); - if ($HTTP_POST_VARS["afaire"] <> 1) + if ($_POST["afaire"] <> 1) { $actioncomm = new ActionComm($db); $actioncomm->priority = 2; - $actioncomm->type = $HTTP_POST_VARS["actionid"]; + $actioncomm->type = $_POST["actionid"]; - $actioncomm->date = $db->idate(mktime($HTTP_POST_VARS["heurehour"], - $HTTP_POST_VARS["heuremin"], + $actioncomm->date = $db->idate(mktime($_POST["heurehour"], + $_POST["heuremin"], 0, - $HTTP_POST_VARS["acmonth"], - $HTTP_POST_VARS["acday"], - $HTTP_POST_VARS["acyear"]) + $_POST["acmonth"], + $_POST["acday"], + $_POST["acyear"]) ); - if ($HTTP_POST_VARS["actionid"] == 5) + if ($_POST["actionid"] == 5) { $actioncomm->percent = 0; } @@ -72,12 +72,12 @@ if ($HTTP_POST_VARS["action"] == 'add_action') $actioncomm->percent = 100; } - $actioncomm->contact = $contactid; + $actioncomm->contact = $_POST["contactid"]; $actioncomm->user = $user; - $actioncomm->societe = $socid; - $actioncomm->note = $note; + $actioncomm->societe = $_POST["socid"]; + $actioncomm->note = $_POST["note"]; $actioncomm->add($user); } @@ -86,7 +86,7 @@ if ($HTTP_POST_VARS["action"] == 'add_action') { $todo = new ActionComm($db); - $todo->type = $HTTP_POST_VARS["nextactionid"]; + $todo->type = $_POST["nextactionid"]; $todo->date = $db->idate(mktime(12,0,0,$remonth, $reday, $reyear)); $todo->libelle = $todo_label; $todo->priority = 2; @@ -119,10 +119,10 @@ if ($HTTP_POST_VARS["action"] == 'add_action') } } // Header("Location: ".DOL_URL_ROOT."/comm/fiche.php?socid=$socid"); - Header("Location: ".$HTTP_POST_VARS["from"]); + Header("Location: ".$_POST["from"]); } -if ($HTTP_POST_VARS["action"] == 'confirm_delete' && $HTTP_POST_VARS["confirm"] == yes) +if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == yes) { $actioncomm = new ActionComm($db); $actioncomm->delete($id); @@ -133,8 +133,8 @@ if ($action=='update') { $action = new Actioncomm($db); $action->fetch($id); - $action->percent = $HTTP_POST_VARS["percent"]; - $action->contact->id = $HTTP_POST_VARS["scontactid"]; + $action->percent = $_POST["percent"]; + $action->contact->id = $_POST["scontactid"]; $action->update(); } @@ -156,21 +156,23 @@ if ($_GET["action"] == 'create') { $caction = new CActioncomm($db); - + if ($afaire <> 1) { - $caction->fetch($db, $actionid); - + $caction->fetch($db, $_GET["actionid"]); + $contact = new Contact($db); $contact->fetch($_GET["contactid"]); } $societe = new Societe($db); - $societe->get_nom($socid); - - print '
'; + $societe->get_nom($_GET["socid"]); + + print ''; print ''; print ''; - print ''."\n"; + print ''."\n"; + print ''; + print ''; /* * Rendez-vous @@ -180,9 +182,6 @@ if ($_GET["action"] == 'create') { print ''."\n"; - - print ''; - print ''; print ''; @@ -213,21 +212,15 @@ if ($_GET["action"] == 'create') * */ else - { - - - print ''; - print ''; - + { if($afaire <> 1) { - print_titre ("Action effectuée"); print '
'; print ''; print ''; + print ''.$societe->nom.''; print ''; print ''; + print ''.$societe->nom.''; } print ''; print ''; print ""; - print ""; + print ""; - $sql = "SELECT p.idp, p.name, p.firstname, p.poste, p.phone, p.fax, p.email, p.note FROM ".MAIN_DB_PREFIX."socpeople as p WHERE p.fk_soc = $objsoc->idp ORDER by p.datec"; + $sql = "SELECT p.idp, p.name, p.firstname, p.poste, p.phone, p.fax, p.email, p.note FROM ".MAIN_DB_PREFIX."socpeople as p WHERE p.fk_soc = $societe->id ORDER by p.datec"; $result = $db->query($sql); $i = 0 ; $num = $db->num_rows(); $var=1; @@ -396,18 +385,18 @@ if ($socid > 0) print ""; print '"; print ""; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; print ""; print "\n"; $i++; @@ -421,13 +410,13 @@ if ($socid > 0) * */ print '
Action'.$caction->libelle.'
Société'; - print ''.$societe->nom.'
Contact'.$contact->fullname.'
Date'; print $html->select_date('','ac',1,1); @@ -249,7 +242,7 @@ if ($_GET["action"] == 'create') print ''; print ''; print '
Société'; - print ''.$societe->nom.'
Date'; @@ -277,11 +270,11 @@ if ($_GET["action"] == 'create') * * */ -if ($id) +if ($_GET["id"]) { if ($action == 'delete') { - print ''; + print ''; print ''; print ''; @@ -309,7 +302,7 @@ if ($id) if ($_GET["action"] == 'edit') { print_titre ("Edition de la fiche action"); - print ''; + print ''; print ''; print '
'; print ''; diff --git a/htdocs/compta/fiche.php b/htdocs/compta/fiche.php index 8b7b929e26f..39ef74aac2a 100644 --- a/htdocs/compta/fiche.php +++ b/htdocs/compta/fiche.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2001-2004 Rodolphe Quiedeville * Copyright (C) 2004 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify @@ -40,73 +40,66 @@ $user->getrights('facture'); llxHeader(); - - - -if ($action=='add_action') { - /* - * Vient de actioncomm.php - * - */ - $actioncomm = new ActionComm($db); - $actioncomm->date = $date; - $actioncomm->type = $actionid; - $actioncomm->contact = $contactid; - - $actioncomm->societe = $socid; - $actioncomm->note = $note; - - $actioncomm->add($user); - - $societe = new Societe($db); - $societe->fetch($socid); -} - - -if ($action == 'attribute_prefix') +if ($action=='add_action') { - $societe = new Societe($db, $socid); - $societe->attribute_prefix($db, $socid); + /* + * Vient de actioncomm.php + * + */ + $actioncomm = new ActionComm($db); + $actioncomm->date = $date; + $actioncomm->type = $actionid; + $actioncomm->contact = $contactid; + + $actioncomm->societe = $socid; + $actioncomm->note = $note; + + $actioncomm->add($user); + + $societe = new Societe($db); + $societe->fetch($socid); } + if ($action == 'recontact') { - $dr = mktime(0, 0, 0, $remonth, $reday, $reyear); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."soc_recontact (fk_soc, datere, author) VALUES ($socid, $dr,'". $user->login ."')"; + $dr = mktime(0, 0, 0, $remonth, $reday, $reyear); + $sql = "INSERT INTO ".MAIN_DB_PREFIX."soc_recontact (fk_soc, datere, author) VALUES ($socid, $dr,'". $user->login ."')"; $result = $db->query($sql); } +/* TODO RODO if ($action == 'stcomm') { - if ($stcommid <> 'null' && $stcommid <> $oldstcomm) + if ($stcommid <> 'null' && $stcommid <> $oldstcomm) { - $sql = "INSERT INTO socstatutlog (datel, fk_soc, fk_statut, author) "; - $sql .= " VALUES ('$dateaction',$socid,$stcommid,'" . $user->login . "')"; - $result = @$db->query($sql); - - if ($result) + $sql = "INSERT INTO socstatutlog (datel, fk_soc, fk_statut, author) "; + $sql .= " VALUES ('$dateaction',$socid,$stcommid,'" . $user->login . "')"; + $result = @$db->query($sql); + + if ($result) { - $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=$stcommid WHERE idp=$socid"; - $result = $db->query($sql); + $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=$stcommid WHERE idp=$socid"; + $result = $db->query($sql); } - else + else { - $errmesg = "ERREUR DE DATE !"; + $errmesg = "ERREUR DE DATE !"; } } - - if ($actioncommid) + + if ($actioncommid) { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm (datea, fk_action, fk_soc, fk_user_author) VALUES ('$dateaction',$actioncommid,$socid,'" . $user->id . "')"; - $result = @$db->query($sql); - - if (!$result) + $sql = "INSERT INTO ".MAIN_DB_PREFIX."actioncomm (datea, fk_action, fk_soc, fk_user_author) VALUES ('$dateaction',$actioncommid,$socid,'" . $user->id . "')"; + $result = @$db->query($sql); + + if (!$result) { - $errmesg = "ERREUR DE DATE !"; + $errmesg = "ERREUR DE DATE !"; } } } - +*/ /* * Recherche @@ -144,71 +137,68 @@ if ($mode == 'search') * Mode fiche * */ -if ($socid > 0) +if ($_GET["socid"] > 0) { - $objsoc = new Societe($db); - $objsoc->id = $socid; - $objsoc->idp = $socid; - $objsoc->fetch($socid, $to); // si $to='next' ajouter " AND s.idp > $socid ORDER BY idp ASC LIMIT 1"; - + $societe = new Societe($db); + $societe->fetch($_GET["socid"], $to); // si $to='next' ajouter " AND s.idp > $socid ORDER BY idp ASC LIMIT 1"; /* * Affichage onglets */ $h = 0; - $head[$h][0] = DOL_URL_ROOT.'/soc.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/soc.php?socid='.$societe->id; $head[$h][1] = "Fiche société"; $h++; - if ($objsoc->client==1) + if ($societe->client==1) { - $head[$h][0] = DOL_URL_ROOT.'/comm/fiche.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/comm/fiche.php?socid='.$societe->id; $head[$h][1] = 'Fiche client'; $h++; } - if ($objsoc->client==2) + if ($societe->client==2) { - $head[$h][0] = DOL_URL_ROOT.'/comm/prospect/fiche.php?id='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/comm/prospect/fiche.php?id='.$societe->id; $head[$h][1] = 'Fiche prospect'; $h++; } - if ($objsoc->fournisseur) + if ($societe->fournisseur) { - $head[$h][0] = DOL_URL_ROOT.'/fourn/fiche.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/fourn/fiche.php?socid='.$societe->id; $head[$h][1] = 'Fiche fournisseur'; $h++; } if ($conf->compta->enabled) { $hselected=$h; - $head[$h][0] = DOL_URL_ROOT.'/compta/fiche.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/compta/fiche.php?socid='.$societe->id; $head[$h][1] = 'Fiche compta'; $h++; } - $head[$h][0] = DOL_URL_ROOT.'/socnote.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/socnote.php?socid='.$societe->id; $head[$h][1] = 'Note'; $h++; if ($user->societe_id == 0) { - $head[$h][0] = DOL_URL_ROOT.'/docsoc.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/docsoc.php?socid='.$societe->id; $head[$h][1] = 'Documents'; $h++; } - $head[$h][0] = DOL_URL_ROOT.'/societe/notify/fiche.php?socid='.$socid; + $head[$h][0] = DOL_URL_ROOT.'/societe/notify/fiche.php?socid='.$societe->id; $head[$h][1] = 'Notifications'; $h++; if ($user->societe_id == 0) { - $head[$h][0] = DOL_URL_ROOT."/index.php?socidp=$objsoc->id&action=add_bookmark"; + $head[$h][0] = DOL_URL_ROOT."/index.php?socidp=$societe->id&action=add_bookmark"; $head[$h][1] = 'Bookmark'; $head[$h][2] = 'image'; } - dolibarr_fiche_head($head, $hselected, $objsoc->nom); + dolibarr_fiche_head($head, $hselected, $societe->nom); /* * @@ -221,26 +211,20 @@ if ($socid > 0) */ print '
Type'.$act->type.'
'; - print ''; - print '"; - print ''; - print ""; + print ''; + print '"; + print ''; + print ""; - print ''; + print ''; print ""; - print "
Nom'.$objsoc->nom.'
Adresse'.nl2br($objsoc->adresse)."
$objsoc->cp $objsoc->ville
Tél'.$objsoc->tel.' Fax'.$objsoc->fax.' 
Weburl\">$objsoc->url 
Nom'.$societe->nom.'
Adresse'.nl2br($societe->adresse)."
$societe->cp $societe->ville
Tél'.$societe->tel.' Fax'.$societe->fax.' 
Weburl\">$societe->url 
Siren'.$objsoc->siren.' 
Siren'.$societe->siren.' prefix"; - if ($objsoc->prefix_comm) - { - print $objsoc->prefix_comm; - } - else - { - print "[idp&action=attribute_prefix\">Attribuer]"; - } - + if ($societe->prefix_comm) + { + print $societe->prefix_comm; + } + print "
"; - print "
"; /* @@ -257,7 +241,7 @@ if ($socid > 0) print ''; $var=!$var; $sql = "SELECT s.nom, s.idp, f.facnumber, f.amount, ".$db->pdate("f.datef")." as df, f.paye as paye, f.fk_statut as statut, f.rowid as facid "; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f WHERE f.fk_soc = s.idp AND s.idp = ".$objsoc->idp." ORDER BY f.datef DESC"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f WHERE f.fk_soc = s.idp AND s.idp = ".$societe->id." ORDER BY f.datef DESC"; if ( $db->query($sql) ) { @@ -265,7 +249,7 @@ if ($socid > 0) if ($num > 0) { print ""; - print ""; + print ""; } while ($i < $num && $i < 5) @@ -297,37 +281,40 @@ if ($socid > 0) } print "
idp\">Liste des factures ($num)
id\">Liste des factures ($num)
"; } - - /* * * Liste des projets associés * */ $sql = "SELECT p.rowid,p.title,p.ref,".$db->pdate("p.dateo")." as do"; - $sql .= " FROM ".MAIN_DB_PREFIX."projet as p WHERE p.fk_soc = $objsoc->idp"; - if ( $db->query($sql) ) { - print ""; + $sql .= " FROM ".MAIN_DB_PREFIX."projet as p WHERE p.fk_soc = $societe->id"; + if ( $db->query($sql) ) + { + print '
'; $i = 0 ; $num = $db->num_rows(); - if ($num > 0) { + if ($num > 0) + { $tag = !$tag; print ""; - print ""; - } - while ($i < $num && $i < 5) { - $obj = $db->fetch_object( $i); - $tag = !$tag; + print ""; + } + while ($i < $num && $i < 5) + { + $obj = $db->fetch_object( $i); + $tag = !$tag; print ""; print ''; - + print ""; $i++; - } + } $db->free(); print "
idp\">liste des projets ($num)
id\">liste des projets ($num)
'.$obj->title.'".strftime("%d %b %Y", $obj->do) ."
"; - } else { + } + else + { print $db->error(); - } + } /* * @@ -343,13 +330,13 @@ if ($socid > 0) print '
'; if ($user->societe_id == 0) - { - if ($user->rights->facture->creer) { - print "idp\">".translate("Créer Facture").""; + { + if ($user->rights->facture->creer) { + print "id\">".translate("Créer Facture").""; } - print "idp&action=create\">Créer Déplacement"; - } - + print "id&action=create\">Créer Déplacement"; + } + print '
'; print "
\n"; @@ -360,7 +347,7 @@ if ($socid > 0) if ($action == 'changevalue') { print "
"; - print "idp\" method=\"post\">"; + print "id\" method=\"post\">"; print ""; print "Cette société est un cabinet de recrutement : "; print ""; print "\n"; - } else { + } + else + { /* * * Liste des contacts @@ -382,9 +371,9 @@ if ($socid > 0) print '
Prénom NomPosteTélFaxEmailAjouter
id."&action=create\">Ajouter
'; - //print ''; + //print ''; //print ' '; - print ''.$obj->firstname.' '. $obj->name.''; + print ''.$obj->firstname.' '. $obj->name.''; if ($obj->note) { print "
".nl2br($obj->note); } print "		$obj->poste '.$obj->phone.' '.$obj->fax.' '.$obj->email.' '.$obj->phone.' '.$obj->fax.' '.$obj->email.' idp\">".img_edit()."
'; - print ''; + print ''; print ''; print ''; + print ''; } else { print ''; } @@ -504,9 +493,9 @@ if ($socid > 0) * Notes sur la societe * */ - if ($objsoc->note) { + if ($societe->note) { print '
Actions effectuées
Actions effectuées
'; $sql = "SELECT a.id, ".$db->pdate("a.datea")." as da, c.libelle, u.code, a.propalrowid, a.fk_user_author, fk_contact, u.rowid "; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."user as u "; - $sql .= " WHERE a.fk_soc = $objsoc->idp "; + $sql .= " WHERE a.fk_soc = $societe->id "; $sql .= " AND u.rowid = a.fk_user_author"; $sql .= " AND c.id=a.fk_action "; $sql .= " ORDER BY a.datea DESC, a.id DESC"; @@ -481,7 +470,7 @@ if ($socid > 0) if ($obj->fk_contact) { $contact = new Contact($db); $contact->fetch($obj->fk_contact); - print ''.$contact->fullname.''.$contact->fullname.' 
'; - print ""; + print ""; print "
".nl2br($objsoc->note)."
".nl2br($societe->note)."
"; } /*