Fix: external user confidentiality
This commit is contained in:
Regis Houssin
parent
5318fb54d5
commit
b2317fd3ee
@ -225,34 +225,36 @@ complete_head_from_modules($conf,$langs,$object,$head,$h,'propal_stats');
|
||||
|
||||
dol_fiche_head($head,'byyear',$langs->trans("Statistics"));
|
||||
|
||||
if (empty($socid))
|
||||
{
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
$filter='s.client in (1,2,3)';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
$filter='s.client in (1,2,3)';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
}
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr height="24">';
|
||||
|
||||
@ -243,34 +243,37 @@ complete_head_from_modules($conf,$langs,$object,$head,$h,$type);
|
||||
|
||||
dol_fiche_head($head,'byyear',$langs->trans("Statistics"));
|
||||
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
if (empty($socid))
|
||||
{
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
if ($mode == 'customer') $filter='s.client in (1,2,3)';
|
||||
if ($mode == 'supplier') $filter='s.fournisseur = 1';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
if ($mode == 'customer') $filter='s.client in (1,2,3)';
|
||||
if ($mode == 'supplier') $filter='s.fournisseur = 1';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
}
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr height="24">';
|
||||
|
||||
@ -219,34 +219,37 @@ complete_head_from_modules($conf,$langs,$object,$head,$h,$type);
|
||||
|
||||
dol_fiche_head($head,'byyear',$langs->trans("Statistics"));
|
||||
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
if (empty($socid))
|
||||
{
|
||||
print '<table class="notopnoleftnopadd" width="100%"><tr>';
|
||||
print '<td align="center" valign="top">';
|
||||
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
if ($mode == 'customer') $filter='s.client in (1,2,3)';
|
||||
if ($mode == 'supplier') $filter='s.fournisseur = 1';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="mode" value="'.$mode.'">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
// Company
|
||||
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
|
||||
if ($mode == 'customer') $filter='s.client in (1,2,3)';
|
||||
if ($mode == 'supplier') $filter='s.fournisseur = 1';
|
||||
print $form->select_company($socid,'socid',$filter,1);
|
||||
print '</td></tr>';
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("User").'/'.$langs->trans("SalesRepresentative").'</td><td>';
|
||||
print $form->select_users($userid,'userid',1);
|
||||
print '</td></tr>';
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;
|
||||
arsort($arrayyears);
|
||||
print $form->selectarray('year',$arrayyears,$year,0);
|
||||
print '</td></tr>';
|
||||
print '<tr><td align="center" colspan="2"><input type="submit" name="submit" class="button" value="'.$langs->trans("Refresh").'"></td></tr>';
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
}
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr height="24">';
|
||||
|
||||
Loading…
Reference in New Issue
Block a user