diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 7b82e5be253..6677f7f8dce 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -696,7 +696,7 @@ class FormCompany extends Form print "\n".''."\n"; print ''; - print ajax_autocompleter(($socid ? $socid : -1), $htmlname, DOL_URL_ROOT.'/societe/ajaxcompanies.php', '', $minLength, 0); + print ajax_autocompleter(($socid ? $socid : -1), $htmlname, DOL_URL_ROOT.'/societe/ajax/ajaxcompanies.php', '', $minLength, 0); return $socid; } else { // Search to list thirdparties diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php index 658d7816001..4108724236d 100644 --- a/htdocs/core/lib/ajax.lib.php +++ b/htdocs/core/lib/ajax.lib.php @@ -25,7 +25,7 @@ /** - * Generic function that return javascript to add to a page to transform a common input field into an autocomplete field by calling an Ajax page (ex: /societe/ajaxcompanies.php). + * Generic function that return javascript to add to a page to transform a common input field into an autocomplete field by calling an Ajax page (ex: /societe/ajax/ajaxcompanies.php). * The HTML field must be an input text with id=search_$htmlname. * This use the jQuery "autocomplete" function. If we want to use the select2, we must also convert the input into select on funcntions that call this method. * diff --git a/htdocs/societe/ajaxcompanies.php b/htdocs/societe/ajax/ajaxcompanies.php similarity index 88% rename from htdocs/societe/ajaxcompanies.php rename to htdocs/societe/ajax/ajaxcompanies.php index cc327b155fa..9295c363206 100644 --- a/htdocs/societe/ajaxcompanies.php +++ b/htdocs/societe/ajax/ajaxcompanies.php @@ -19,7 +19,7 @@ */ /** - * \file htdocs/societe/ajaxcompanies.php + * \file htdocs/societe/ajax/ajaxcompanies.php * \brief File to return Ajax response on third parties request */ @@ -42,7 +42,22 @@ if (!defined('NOCSRFCHECK')) { define('NOCSRFCHECK', '1'); } -require '../main.inc.php'; +require '../../main.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php'; + +$id = GETPOST('socid', 'int') || GETPOST('id_fourn', 'int'); + +$object = new Societe($db); +if ($id > 0) { + $object->fetch($id); +} + +// Security check +if ($user->socid > 0) { + $socid = $user->socid; + $object->id = $socid; +} +restrictedArea($user, 'societe', $object->id, '&societe'); /* @@ -59,8 +74,8 @@ top_httphead(); //print ''."\n"; -// Generation liste des societes -if (GETPOST('newcompany') || GETPOST('socid', 'int') || GETPOST('id_fourn')) { +// Generate list of companies +if (GETPOST('newcompany') || GETPOST('socid', 'int') || GETPOST('id_fourn', 'int')) { $return_arr = array(); // Define filter on text typed diff --git a/htdocs/societe/ajax/company.php b/htdocs/societe/ajax/company.php index fc10bb3c688..76151bccb97 100644 --- a/htdocs/societe/ajax/company.php +++ b/htdocs/societe/ajax/company.php @@ -42,6 +42,7 @@ if (!defined('NOCSRFCHECK')) { } require '../../main.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php'; $htmlname = GETPOST('htmlname', 'alpha'); $filter = GETPOST('filter', 'alpha'); diff --git a/htdocs/societe/ajaxcountries.php b/htdocs/societe/ajaxcountries.php deleted file mode 100644 index aa6cbf70de8..00000000000 --- a/htdocs/societe/ajaxcountries.php +++ /dev/null @@ -1,84 +0,0 @@ - - * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2013 Laurent Destailleur - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -/** - * \file htdocs/societe/ajaxcountries.php - * \brief File to return Ajax response on country request - */ - -if (!defined('NOTOKENRENEWAL')) { - define('NOTOKENRENEWAL', 1); // Disables token renewal -} -if (!defined('NOREQUIREMENU')) { - define('NOREQUIREMENU', '1'); -} -if (!defined('NOREQUIREHTML')) { - define('NOREQUIREHTML', '1'); -} -if (!defined('NOREQUIREAJAX')) { - define('NOREQUIREAJAX', '1'); -} -if (!defined('NOREQUIRESOC')) { - define('NOREQUIRESOC', '1'); -} -if (!defined('NOCSRFCHECK')) { - define('NOCSRFCHECK', '1'); -} - -require '../main.inc.php'; - -$country = GETPOST('country', 'alpha'); - - -/* - * View - */ - -// Ajout directives pour resoudre bug IE -//header('Cache-Control: Public, must-revalidate'); -//header('Pragma: public'); - -//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. -top_httphead(); - -print ''."\n"; - -// Generate list of countries -if (!empty($country)) { - global $langs; - $langs->load("dict"); - - $sql = "SELECT rowid, code, label, active"; - $sql .= " FROM ".MAIN_DB_PREFIX."c_country"; - $sql .= " WHERE active = 1 AND label LIKE '%".$db->escape(utf8_decode($country))."%'"; - $sql .= " ORDER BY label ASC"; - - $resql = $db->query($sql); - if ($resql) { - print '
    '; - while ($country = $db->fetch_object($resql)) { - print '
  • '; - // Si traduction existe, on l'utilise, sinon on prend le libellĂ© par dĂ©faut - print ($country->code && $langs->trans("Country".$country->code) != "Country".$country->code ? $langs->trans("Country".$country->code) : ($country->label != '-' ? $country->label : ' ')); - print ''; - print '
    • '; - } - print '
'; - } -}