lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Corrections nombreux problmes en mode register_globals=off

Browse Source
This commit is contained in:
Laurent Destailleur 2004-11-23 20:44:19 +00:00
parent d2c3b947d3
commit 84f9b9a1f2
1 changed files with 68 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
htdocs/compta/bank/ligne.php
View File

@ -22,6 +22,14 @@
* $Source$
*
*/
/*!
\file htdocs/compta/bank/ligne.php
\ingroup compta
\brief Page édition d'une écriture bancaire
\version $Revision$
*/
require("./pre.inc.php");
if (!$user->rights->banque->modifier)
@ -46,30 +54,32 @@ if ($_GET["action"] == 'dvprev')
if ($_POST["action"] == 'confirm_delete_categ' && $_POST["confirm"] == yes)
if ($_POST["action"] == 'confirm_delete_categ' && $_POST["confirm"] == "yes")
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = $rowid AND fk_categ = $cat1";
$db->query($sql);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = $rowid AND fk_categ = ".$_GET["cat1"];
if (! $db->query($sql))
{
dolibarr_print_error($db);
}
}
if ($_POST["action"] == 'class')
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = $rowid AND fk_categ = $cat1";
$db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES ($rowid, $cat1)";
if ($db->query($sql))
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = $rowid AND fk_categ = ".$_POST["cat1"];
if (! $db->query($sql))
{
dolibarr_print_error($db);
}
else
$sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES (".$_GET["rowid"].", ".$_POST["cat1"].")";
if (! $db->query($sql))
{
print $db->error();
dolibarr_print_error($db);
}
}
if ($_POST["action"] == 'UPDATE')
if ($_POST["action"] == $langs->trans("Update"))
{
// Avant de modifier la date ou le montant, on controle si ce n'est pas encore rapproche
if (!empty($_POST['amount']))
@ -112,7 +122,7 @@ if ($result)
$var=True;
$num = $db->num_rows();
$i = 0;
$options = "<option value=\"0\" SELECTED></option>";
$options = "<option value=\"0\" selected></option>";
while ($i < $num)
{
$obj = $db->fetch_object($result);
@ -122,22 +132,26 @@ if ($result)
$db->free();
}
if ($_POST["action"] == 'delete_categ')
{
$html = new Form($db);
$html->form_confirm("ligne.php?rowid=$rowid&amp;cat1=$fk_categ","Supprimer dans la catégorie","Etes-vous sûr de vouloir supprimer le classement dans la catégorie ?","confirm_delete_categ");
}
print_titre("Edition de la ligne");
print '<table class="border" width="100%" cellspacing="0" cellpadding="2">';
print "<tr class=\"liste_titre\">";
print '<td>Date</td><td>'.$langs->trans("Description").'</td>';
print "<td align=\"right\">Debit</td>";
print "<td align=\"right\">Credit</td>";
if ($_GET["action"] == 'delete_categ')
{
$html = new Form($db);
$html->form_confirm("ligne.php?rowid=".$_GET["rowid"]."&amp;cat1=".$_GET["fk_categ"],"Supprimer dans la catégorie","Etes-vous sûr de vouloir supprimer le classement dans la catégorie ?","confirm_delete_categ");
}
$var=False;
print '<table class="border" width="100%">';
print "<tr $bc[$var]>";
print '<td>'.$langs->trans("Date").'</td><td>'.$langs->trans("Description").'</td>';
print "<td align=\"right\">".$langs->trans("Debit")."</td>";
print "<td align=\"right\">".$langs->trans("Credit")."</td>";
print "<td align=\"center\">Releve</td>";
print "<td align=\"center\">".$langs->trans("Author")."</td>";
print "</TR>\n";
print "</tr>\n";
$sql = "SELECT b.rowid,".$db->pdate("b.dateo")." as do,".$db->pdate("b.datev")." as dv, b.amount, b.label, b.rappro, b.num_releve, b.author, b.num_chq, b.fk_type, fk_account";
$sql .= " FROM ".MAIN_DB_PREFIX."bank as b WHERE rowid=$rowid";
@ -145,10 +159,8 @@ $sql .= " ORDER BY dateo ASC";
$result = $db->query($sql);
if ($result)
{
$var=True;
$num = $db->num_rows();
$i = 0; $total = 0;
while ($i < $num)
if ($db->num_rows())
{
$objp = $db->fetch_object($result);
$total = $total + $objp->amount;
@ -157,11 +169,7 @@ if ($result)
$acct->fetch($objp->fk_account);
$account = $acct->id;
$var=!$var;
print "<tr $bc[$var]>";
print "<form method=\"post\" action=\"ligne.php?rowid=$rowid&amp;account=$account\">";
print "<input type=\"hidden\" name=\"action\" value=\"class\">";
print "<td>".strftime("%d %b %Y",$objp->do)."</td>\n";
print "<td>$objp->label</td>";
if ($objp->amount < 0)
@ -170,7 +178,7 @@ if ($result)
}
else
{
print "<td>&nbsp;</td><td align=\"right\">".price($objp->amount)."</TD>\n";
print "<td>&nbsp;</td><td align=\"right\">".price($objp->amount)."</td>\n";
}
print "<td align=\"center\"><a href=\"releve.php?num=$objp->num_releve&amp;ve=1&amp;account=$account\">$objp->num_releve</a></td>";
@ -178,7 +186,7 @@ if ($result)
print "</tr>";
print "<tr $bc[$var]>";
print '<td colspan="5">Date de valeur : '.strftime("%d %b %Y",$objp->dv)."</td>\n";
print '<td>'.$langs->trans("DateValue").'</td><td colspan="4">'.strftime("%d %b %Y",$objp->dv)."</td>\n";
print '<td><a href="ligne.php?action=dvprev&amp;account='.$_GET["account"].'&amp;rowid='.$objp->rowid.'">';
print img_previous() . "</a> ";
@ -187,6 +195,8 @@ if ($result)
print '</tr>';
print "<tr $bc[$var]><td>".$langs->trans("Account")."</td><td colspan=\"5\"><a href=\"account.php?account=$account\">".$acct->label."</a></td></tr>";
print "<tr $bc[$var]><td>&nbsp;</td><td colspan=\"5\">";
print "<form method=\"post\" action=\"ligne.php?rowid=$objp->rowid\">";
@ -199,39 +209,28 @@ if ($result)
print '<option value="DEP"'.($objp->fk_type == 'DEP'?' selected':'').'>Dépôt</option>';
print "</select>";
print $objp->num_chq?" - $objp->num_chq":'';
print "<input type=\"submit\" value=\"UPDATE\">";
print "<input type=\"submit\" value=\"".$langs->trans("Update")."\">";
print "</form>";
print "</td></tr>";
print "<tr $bc[$var]><td>Catégorie</td><td colspan=\"5\">";
print "<select name=\"cat1\">$options";
print "</select>&nbsp;";
print '<input type="submit" value="'.$langs->trans("Add").'"></td>';
print "</tr>";
print "</form>";
print "<tr $bc[$var]><td>Compte</td><td colspan=\"5\"><a href=\"account.php?account=$account\">".$acct->label."</a></td></tr>";
print "<form method=\"post\" action=\"ligne.php?rowid=$objp->rowid\">";
print "<input type=\"hidden\" name=\"action\" value=\"UPDATE\">";
print "<input type=\"hidden\" name=\"action\" value=\"".$langs->trans("Update")."\">";
print "<tr $bc[$var]><td>Libell&eacute;</td><td colspan=\"5\">";
print "<tr $bc[$var]><td>".$langs->trans("Label")."</td><td colspan=\"5\">";
print '<input name="label" value="'.$objp->label.'">';
print "<input type=\"submit\" value=\"UPDATE\"></td>";
print "<input type=\"submit\" value=\"".$langs->trans("Update")."\"></td>";
print "</tr>";
if (!$objp->rappro)
{
print "<tr $bc[$var]><td>Date</td><td colspan=\"5\">";
print "<tr $bc[$var]><td>".$langs->trans("Date")."</td><td colspan=\"5\">";
print '<input name="date" value="'.strftime("%Y%m%d",$objp->do).'">';
print "<input type=\"submit\" value=\"UPDATE\"></td>";
print "<input type=\"submit\" value=\"".$langs->trans("Update")."\"></td>";
print "</tr>";
print "<tr $bc[$var]><td>Montant</td><td colspan=\"5\">";
print "<tr $bc[$var]><td>".$langs->trans("Amount")."</td><td colspan=\"5\">";
print '<input name="amount" value="'.price($objp->amount).'">';
print "<input type=\"submit\" value=\"UPDATE\"></td>";
print "<input type=\"submit\" value=\"".$langs->trans("Update")."\"></td>";
print "</tr>";
}
print "</form>";
@ -240,9 +239,21 @@ if ($result)
print '<input type="hidden" name="action" value="num_releve">';
print "<tr $bc[$var]><td>Relevé</td><td colspan=\"5\">";
print '<input name="num_rel" value="'.$objp->num_releve.'">';
print "<input type=\"submit\" value=\"Mettre à jour\"></td>";
print "<input type=\"submit\" value=\"".$langs->trans("Update")."\"></td>";
print "</tr>";
print "</form>";
// Categorie
print "<form method=\"post\" action=\"ligne.php?rowid=$rowid&amp;account=$account\">";
print "<input type=\"hidden\" name=\"action\" value=\"class\">";
print "<tr $bc[$var]><td>".$langs->trans("Category")."</td><td colspan=\"5\">";
print "<select name=\"cat1\">$options";
print "</select>&nbsp;";
print '<input type="submit" value="'.$langs->trans("Add").'"></td>';
print "</tr>";
print "</form>";
$i++;
@ -251,9 +262,9 @@ if ($result)
}
print "</table>";
print "<p>Classé dans</p>";
print "<br>Classé dans:<br>";
print '<table class="border" width="100%" cellspacing="0" cellpadding="2">';
print '<table class="noborder" width="100%">';
print "<tr class=\"liste_titre\">";
print '<td colspan="3">'.$langs->trans("Description").'</td>';
print "</tr>\n";
@ -276,7 +287,7 @@ if ($result)
print "<td>$objp->label</td>";
print "<td align=\"center\"><a href=\"budget.php?bid=$objp->rowid\">voir</a></td>";
print "<td align=\"center\"><a href=\"ligne.php?action=delete_categ&amp;rowid=$rowid&amp;fk_categ=$objp->rowid\">Supprimer</a></td>";
print "<td align=\"center\"><a href=\"ligne.php?action=delete_categ&amp;rowid=$rowid&amp;fk_categ=$objp->rowid\">".img_delete($langs->trans("Remove"))."</a></td>";
print "</tr>";
$i++;