diff --git a/htdocs/product/stock/fiche.php b/htdocs/product/stock/fiche.php
index 6fd5a617e94..b95668b81b5 100644
--- a/htdocs/product/stock/fiche.php
+++ b/htdocs/product/stock/fiche.php
@@ -34,9 +34,10 @@ $langs->load("products");
$langs->load("stocks");
$langs->load("companies");
+$action=GETPOST('action');
-$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
-$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
+$sortfield = GETPOST("sortfield");
+$sortorder = GETPOST("sortorder");
if (! $sortfield) $sortfield="p.ref";
if (! $sortorder) $sortorder="DESC";
@@ -48,7 +49,7 @@ $mesg = '';
*/
// Ajout entrepot
-if ($_POST["action"] == 'add' && $user->rights->stock->creer)
+if ($action == 'add' && $user->rights->stock->creer)
{
$entrepot = new Entrepot($db);
@@ -70,17 +71,17 @@ if ($_POST["action"] == 'add' && $user->rights->stock->creer)
exit;
}
- $_GET["action"] = 'create';
+ $action = 'create';
$mesg=''.$entrepot->error.'
';
}
else {
$mesg=''.$langs->trans("ErrorWarehouseRefRequired").'
';
- $_GET["action"]="create"; // Force retour sur page creation
+ $action="create"; // Force retour sur page creation
}
}
// Delete warehouse
-if ($_REQUEST["action"] == 'confirm_delete' && $_REQUEST["confirm"] == 'yes' && $user->rights->stock->supprimer)
+if ($action == 'confirm_delete' && $_REQUEST["confirm"] == 'yes' && $user->rights->stock->supprimer)
{
$entrepot = new Entrepot($db);
$entrepot->fetch($_REQUEST["id"]);
@@ -93,12 +94,12 @@ if ($_REQUEST["action"] == 'confirm_delete' && $_REQUEST["confirm"] == 'yes' &&
else
{
$mesg=''.$entrepot->error.'
';
- $_REQUEST['action']='';
+ $action='';
}
}
// Modification entrepot
-if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel"))
+if ($action == 'update' && $_POST["cancel"] <> $langs->trans("Cancel"))
{
$entrepot = new Entrepot($db);
if ($entrepot->fetch($_POST["id"]))
@@ -114,20 +115,20 @@ if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel"))
if ( $entrepot->update($_POST["id"], $user) > 0)
{
- $_GET["action"] = '';
+ $action = '';
$_GET["id"] = $_POST["id"];
//$mesg = 'Fiche mise a jour
';
}
else
{
- $_GET["action"] = 'edit';
+ $action = 'edit';
$_GET["id"] = $_POST["id"];
$mesg = ''.$entrepot->error.'
';
}
}
else
{
- $_GET["action"] = 'edit';
+ $action = 'edit';
$_GET["id"] = $_POST["id"];
$mesg = ''.$entrepot->error.'
';
}
@@ -135,7 +136,7 @@ if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel"))
if ($_POST["cancel"] == $langs->trans("Cancel"))
{
- $_GET["action"] = '';
+ $action = '';
$_GET["id"] = $_POST["id"];
}
@@ -152,7 +153,7 @@ $help_url='EN:Module_Stocks_En|FR:Module_Stock|ES:Módulo_Stocks';
llxHeader("",$langs->trans("WarehouseCard"),$help_url);
-if ($_GET["action"] == 'create')
+if ($action == 'create')
{
print_fiche_titre($langs->trans("NewWarehouse"));
@@ -197,7 +198,7 @@ if ($_GET["action"] == 'create')
print '';
print '';
-
+
print '
';
print '';
@@ -218,14 +219,14 @@ else
/*
* Affichage fiche
*/
- if ($_GET["action"] <> 'edit' && $_GET["action"] <> 're-edit')
+ if ($action <> 'edit' && $action <> 're-edit')
{
$head = stock_prepare_head($entrepot);
dol_fiche_head($head, 'card', $langs->trans("Warehouse"), 0, 'stock');
// Confirm delete third party
- if ($_GET["action"] == 'delete')
+ if ($action == 'delete')
{
$html = new Form($db);
$ret=$html->form_confirm($_SERVER["PHP_SELF"]."?id=".$entrepot->id,$langs->trans("DeleteAWarehouse"),$langs->trans("ConfirmDeleteWarehouse",$entrepot->libelle),"confirm_delete",'',0,2);
@@ -290,8 +291,15 @@ else
dol_print_error($db);
}
print '| '.$langs->trans("LastMovement").' | ';
- if ($lastmovementdate) print dol_print_date($lastmovementdate,'dayhour').' ';
- print '('.$langs->trans("FullList").')';
+ if ($lastmovementdate)
+ {
+ print dol_print_date($lastmovementdate,'dayhour').' ';
+ print '('.$langs->trans("FullList").')';
+ }
+ else
+ {
+ print $langs->trans("None");
+ }
print " |
";
print "";
@@ -307,7 +315,7 @@ else
print "\n";
- if ($_GET["action"] == '')
+ if ($action == '')
{
if ($user->rights->stock->creer)
print "
id."\">".$langs->trans("Modify")."";
@@ -460,7 +468,7 @@ else
/*
* Edition fiche
*/
- if (($_GET["action"] == 'edit' || $_GET["action"] == 're-edit') && 1)
+ if (($action == 'edit' || $action == 're-edit') && 1)
{
print_fiche_titre($langs->trans("WarehouseEdit"), $mesg);
diff --git a/htdocs/product/stock/mouvement.php b/htdocs/product/stock/mouvement.php
index d2763537639..fdfc8a86f66 100644
--- a/htdocs/product/stock/mouvement.php
+++ b/htdocs/product/stock/mouvement.php
@@ -1,6 +1,6 @@
- * Copyright (C) 2004-2009 Laurent Destailleur
+ * Copyright (C) 2004-2011 Laurent Destailleur
* Copyright (C) 2005-2009 Regis Houssin
*
* This program is free software; you can redistribute it and/or modify
@@ -43,9 +43,9 @@ $search_movement = isset($_REQUEST["search_movement"])?$_REQUEST["search_movemen
$search_product = isset($_REQUEST["search_product"])?$_REQUEST["search_product"]:'';
$search_warehouse = isset($_REQUEST["search_warehouse"])?$_REQUEST["search_warehouse"]:'';
$search_user = isset($_REQUEST["search_user"])?$_REQUEST["search_user"]:'';
-$page = $_GET["page"];
-$sortfield = $_GET["sortfield"];
-$sortorder = $_GET["sortorder"];
+$page = GETPOST("page");
+$sortfield = GETPOST("sortfield");
+$sortorder = GETPOST("sortorder");
if ($page < 0) $page = 0;
$offset = $conf->liste_limit * $page;
@@ -173,7 +173,7 @@ if ($resql)
print '| '.$langs->trans("LocationSummary").' | '.$entrepot->lieu.' |
';
// Description
- print '| '.$langs->trans("Description").' | '.nl2br($entrepot->description).' |
';
+ print '| '.$langs->trans("Description").' | '.dol_htmlentitiesbr($entrepot->description).' |
';
// Address
print '| '.$langs->trans('Address').' | ';
@@ -222,7 +222,14 @@ if ($resql)
}
print ' |
| '.$langs->trans("LastMovement").' | ';
- if ($lastmovementdate) print dol_print_date($lastmovementdate,'dayhour');
+ if ($lastmovementdate)
+ {
+ print dol_print_date($lastmovementdate,'dayhour');
+ }
+ else
+ {
+ print $langs->trans("None");
+ }
print " |
";
print "";