From 99d976cd8e2e3cf045a3f93a806b7b727f8072b1 Mon Sep 17 00:00:00 2001
From: Rodolphe Quiedeville <rodolphe@quiedeville.org>
Date: Sun, 23 Mar 2003 15:19:03 +0000
Subject: [PATCH] =?UTF-8?q?Filtre=20acc=E9s=20client?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/compta/ca.php3       | 125 +++++++++++++++++++++---------------
 htdocs/compta/paiement.php3 |  28 ++++++--
 2 files changed, 97 insertions(+), 56 deletions(-)

diff --git a/htdocs/compta/ca.php3 b/htdocs/compta/ca.php3
index 73b867b87bb..5ed0673fc62 100644
--- a/htdocs/compta/ca.php3
+++ b/htdocs/compta/ca.php3
@@ -1,8 +1,5 @@
 <?PHP
-/* Copyright (C) 2001-2002 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- *
- * $Id$
- * $Source$
+/* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -18,10 +15,81 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  *
+ * $Id$
+ * $Source$
+ *
  */
 require("./pre.inc.php3");
 
-function pt ($db, $sql, $date) {
+/*
+ *
+ */
+
+$db = new Db();
+
+llxHeader();
+
+/*
+ * Sécurité accés client
+ */
+if ($user->societe_id > 0) 
+{
+  $socidp = $user->societe_id;
+}
+
+print_titre("Chiffres d'affaires en euros HT");
+
+print "<table width=\"100%\">";
+print "<tr><td valign=\"top\">";
+
+$sql = "SELECT sum(f.amount) as amount , date_format(f.datef,'%Y-%m') as dm";
+$sql .= " FROM llx_facture as f WHERE f.paye = 1";
+if ($socidp)
+{
+  $sql .= " AND f.fk_soc = $socidp";
+}
+$sql .= " GROUP BY dm DESC";
+
+pt($db, $sql,"Par mois");
+
+print "</td><td valign=\"top\">";
+
+$sql = "SELECT sum(f.amount) as amount, month(f.datef) as dm";
+$sql .= " FROM llx_facture as f WHERE f.paye = 1";
+if ($socidp)
+{
+  $sql .= " AND f.fk_soc = $socidp";
+}
+$sql .= " GROUP BY dm";
+
+pt($db, $sql,"Mois cumulés");
+
+
+print "<P>";
+
+$sql = "SELECT sum(f.amount) as amount, year(f.datef) as dm";
+$sql .= " FROM llx_facture as f WHERE f.paye = 1";
+if ($socidp)
+{
+  $sql .= " AND f.fk_soc = $socidp";
+}
+$sql .= " GROUP BY dm DESC";
+
+pt($db, $sql,"Année");
+
+print "</td></tr></table>";
+
+$db->close();
+
+llxFooter("<em>Derni&egrave;re modification $Date$ r&eacute;vision $Revision$</em>");
+
+/*
+ * Fonctions
+ *
+ */
+
+function pt ($db, $sql, $date)
+{
   $bc[0]="class=\"pair\"";
   $bc[1]="class=\"impair\"";
 
@@ -54,53 +122,6 @@ function pt ($db, $sql, $date) {
     $db->free();
   }
 }
-/*
- *
- */
-
-llxHeader();
 
 
-$db = new Db();
-if ($sortfield == "") {
-  $sortfield="lower(p.label)";
-}
-if ($sortorder == "") {
-  $sortorder="ASC";
-}
-
-
-print_titre("Chiffres d'affaires en euros HT");
-
-print "<table width=\"100%\">";
-print "<tr><td valign=\"top\">";
-
-$sql = "SELECT sum(f.amount) as amount , date_format(f.datef,'%Y-%m') as dm";
-$sql .= " FROM llx_facture as f WHERE f.paye = 1";
-$sql .= " GROUP BY dm DESC";
-
-pt($db, $sql,"Par mois");
-
-print "</td><td valign=\"top\">";
-
-$sql = "SELECT sum(f.amount) as amount, month(f.datef) as dm";
-$sql .= " FROM llx_facture as f WHERE f.paye = 1";
-$sql .= " GROUP BY dm";
-
-pt($db, $sql,"Mois cumulés");
-
-
-print "<P>";
-
-$sql = "SELECT sum(f.amount) as amount, year(f.datef) as dm";
-$sql .= " FROM llx_facture as f WHERE f.paye = 1";
-$sql .= " GROUP BY dm DESC";
-
-pt($db, $sql,"Année");
-
-print "</td></tr></table>";
-
-$db->close();
-
-llxFooter("<em>Derni&egrave;re modification $Date$ r&eacute;vision $Revision$</em>");
 ?>
diff --git a/htdocs/compta/paiement.php3 b/htdocs/compta/paiement.php3
index 2382508af8d..2837d0df546 100644
--- a/htdocs/compta/paiement.php3
+++ b/htdocs/compta/paiement.php3
@@ -1,5 +1,5 @@
 <?PHP
-/* Copyright (C) 2001-2002 Rodolphe Quiedeville <rodolphe@quiedeville.org>
+/* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -25,6 +25,16 @@ llxHeader();
 
 $db = new Db();
 
+/*
+ * Sécurité accés client
+ */
+if ($user->societe_id > 0) 
+{
+  $action = '';
+  $socidp = $user->societe_id;
+}
+
+
 if ($action == 'add') {
   $datepaye = $db->idate(mktime(12, 0 , 0, $pmonth, $pday, $pyear));
 
@@ -162,11 +172,21 @@ if ($action == 'add') {
 
 if ($action == '') {
 
-  $sql = "SELECT ".$db->pdate("p.datep")." as dp, p.amount, f.amount as fa_amount, f.facnumber, f.rowid as facid, c.libelle as paiement_type, p.num_paiement";
-  $sql .= " FROM llx_paiement as p, llx_facture as f, c_paiement as c WHERE p.fk_facture = f.rowid AND p.fk_paiement = c.id";
+  $sql = "SELECT ".$db->pdate("p.datep")." as dp, p.amount, f.amount as fa_amount, f.facnumber";
+  $sql .=", f.rowid as facid, c.libelle as paiement_type, p.num_paiement";
+  $sql .= " FROM llx_paiement as p, llx_facture as f, c_paiement as c";
+  $sql .= " WHERE p.fk_facture = f.rowid AND p.fk_paiement = c.id";
+
+  if ($socidp)
+    {
+      $sql .= " AND f.fk_soc = $socidp";
+    }
+
   $sql .= " ORDER BY datep DESC";
   $result = $db->query($sql);
-  if ($result) {
+
+  if ($result)
+    {
     $num = $db->num_rows();
     $i = 0; $total = 0;