diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 0a596dd0ae2..30909855f14 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -38,10 +38,12 @@ if ($conf->contrat->enabled) $langs->load("commercial"); $langs->load("orders"); -// Securité accès client +// Sécurité accés client $socidp=''; -if ($user->societe_id > 0) +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } +if ($user->societe_id > 0) { + $action = ''; $socidp = $user->societe_id; } @@ -126,40 +128,41 @@ if ($conf->contrat->enabled) */ if ($conf->propal->enabled && $user->rights->propale->lire) { - $sql = "SELECT p.rowid, p.ref, p.price, s.idp, s.nom"; - $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - $sql .= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp"; - - $resql=$db->query($sql); - if ($resql) + $sql = "SELECT p.rowid, p.ref, p.price, s.idp, s.nom"; + $sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; + $sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp"; + $sql.= " AND s.idp = ".$socidp; + + $resql=$db->query($sql); + if ($resql) { - $total = 0; - $num = $db->num_rows($resql); - if ($num > 0) + $total = 0; + $num = $db->num_rows($resql); + if ($num > 0) { - print ''; - print ""; - print ""; - - $i = 0; - $var=true; - while ($i < $num) + print '
".$langs->trans("ProposalsDraft")."
'; + print ""; + print ""; + + $i = 0; + $var=true; + while ($i < $num) { - $obj = $db->fetch_object($resql); - $var=!$var; - print ''; - print ''; - $i++; - $total += $obj->price; + $obj = $db->fetch_object($resql); + $var=!$var; + print ''; + print ''; + $i++; + $total += $obj->price; } - if ($total>0) - { - $var=!$var; - print '"; - } - print "
".$langs->trans("ProposalsDraft")."
'."rowid."\">".img_object($langs->trans("ShowPropal"),"propal")." ".$obj->ref.''.dolibarr_trunc($obj->nom,18).''.price($obj->price).'
'."rowid."\">".img_object($langs->trans("ShowPropal"),"propal")." ".$obj->ref.''.dolibarr_trunc($obj->nom,18).''.price($obj->price).'
'.$langs->trans("Total").''.price($total)."

"; + if ($total>0) + { + $var=!$var; + print ''.$langs->trans("Total").''.price($total).""; + } + print "
"; } - $db->free($resql); + $db->free($resql); } } diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index 98946efa98d..44a82024e54 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -33,6 +33,17 @@ if (!$user->rights->commande->lire) accessforbidden(); $langs->load("orders"); +// Sécurité accés client +$socidp=''; +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} + + + llxHeader("",$langs->trans("Orders"),"Commande"); print_fiche_titre($langs->trans("OrdersArea")); @@ -60,10 +71,7 @@ print "
\n"; */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 0"; -if ($socidp) -{ - $sql .= " AND c.fk_soc = $socidp"; -} +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; if ( $db->query($sql) ) { @@ -93,28 +101,31 @@ if ( $db->query($sql) ) */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 1"; +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql .= " ORDER BY c.rowid DESC"; if ( $db->query($sql) ) { - $num = $db->num_rows(); - if ($num) + print ''; + print ''; + print ''; + + $num = $db->num_rows(); + if ($num) { - $i = 0; - print '
'.$langs->trans("OrdersToProcess").'
'; - print ''; - print ''; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object(); - print ""; - print ''; - $i++; - } - print "
'.$langs->trans("OrdersToProcess").'
rowid\">".img_object($langs->trans("ShowOrder"),"order")." ".$obj->ref."'.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.'

"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object(); + print "rowid\">".img_object($langs->trans("ShowOrder"),"order")." ".$obj->ref.""; + print ''.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.''; + $i++; + } } + + print "
"; } @@ -126,32 +137,31 @@ print ''; */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 2 "; -if ($socidp) -{ - $sql .= " AND c.fk_soc = $socidp"; -} +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql .= " ORDER BY c.rowid DESC"; + if ( $db->query($sql) ) { - $num = $db->num_rows(); - if ($num) + print ''; + print ''; + print ''; + + $num = $db->num_rows(); + if ($num) { - $i = 0; - print '
'.$langs->trans("OnProcessOrders").' ('.$num.')
'; - print ''; - print ''; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object(); - print "'; - print ''; - $i++; - } - print "
'.$langs->trans("OnProcessOrders").' ('.$num.')
rowid\">".img_object($langs->trans("ShowOrder"),"order").' '; - print $obj->ref.''.$obj->nom.'

"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object(); + print "rowid\">".img_object($langs->trans("ShowOrder"),"order").' '; + print $obj->ref.''; + print ''.$obj->nom.''; + $i++; + } } + print "
"; } /* @@ -163,34 +173,35 @@ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp,"; $sql.= " ".$db->pdate("date_cloture")." as datec"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE c.fk_soc = s.idp and c.fk_statut > 2"; -if ($socidp) $sql .= " AND c.fk_soc = $socidp"; +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql.= " ORDER BY c.tms DESC"; $sql.= $db->plimit($max, 0); $resql=$db->query($sql); if ($resql) { - $num = $db->num_rows($resql); - if ($num) + print ''; + print ''; + print ''; + + $num = $db->num_rows($resql); + if ($num) { - $i = 0; - print '
'.$langs->trans("LastClosedOrders",$max).'
'; - print ''; - print ''; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object($resql); - print "'; - print ''; - print ''; - print ''; - $i++; - } - print "
'.$langs->trans("LastClosedOrders",$max).'
rowid\">".img_object($langs->trans("ShowOrders"),"order").' '; - print $obj->ref.''.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.''.dolibarr_print_date($obj->datec).'

"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object($resql); + print "rowid\">".img_object($langs->trans("ShowOrders"),"order").' '; + print $obj->ref.''; + print ''.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.''; + print ''.dolibarr_print_date($obj->datec).''; + print ''; + $i++; + } } + print "
"; } diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index b27e036e187..50ed834d7d9 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -41,14 +41,14 @@ $sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"]; $page = isset($_GET["page"])?$_GET["page"]:$_POST["page"]; $statut=isset($_GET["statut"])?$_GET["statut"]:1; -$socid=$_GET["socid"]; - // Sécurité accés client +$socidp=''; +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } if ($user->societe_id > 0) { $action = ''; - $socid = $user->societe_id; + $socidp = $user->societe_id; } print_fiche_titre($langs->trans("ContractsArea")); @@ -102,7 +102,7 @@ $sql.= " c.rowid as cid, c.datec, c.statut, s.nom, s.idp as sidp"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.idp "; -if ($socid > 0) $sql .= " AND s.idp = $socid"; +if ($socidp > 0) $sql .= " AND s.idp = ".$socidp; $sql.= " GROUP BY c.rowid, c.datec, c.statut, s.nom, s.idp"; $sql.= " ORDER BY c.datec DESC"; $sql.= " LIMIT $max"; @@ -163,7 +163,7 @@ $sql = "SELECT cd.rowid as cid, cd.statut, cd.label, cd.description as note, cd. $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE c.statut=1 AND cd.statut = 0"; $sql.= " AND cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; -if ($user->societe_id > 0) $sql.= " AND s.idp = ".$user->societe_id; +if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; if ( $db->query($sql) ) @@ -210,7 +210,7 @@ $max=5; $sql = "SELECT cd.rowid as cid, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; -if ($user->societe_id > 0) $sql.= " AND s.idp = ".$user->societe_id; +if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; if ( $db->query($sql) )