lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New: early development of multi-company module

Browse Source
This commit is contained in:
Regis Houssin 2009-04-27 20:37:50 +00:00
parent 672f75a4d7
commit b86684805c
263 changed files with 4108 additions and 3335 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
htdocs/actioncomm.class.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2002-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -390,12 +391,15 @@ class ActionComm
$this->nbtodo=$this->nbtodolate=0;
$sql = "SELECT a.id, a.datep as dp";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE a.percent < 100";
$sql.= " AND a.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if ($user->societe_id) $sql.=" AND a.fk_soc = ".$user->societe_id;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
$resql=$this->db->query($sql);
if ($resql)
{

2
htdocs/adherents/adherent.class.php
View File

@ -1721,9 +1721,11 @@ class Adherent extends CommonObject
if ($user->societe_id) return -1; // protection pour eviter appel par utilisateur externe
$this->nbtodo=$this->nbtodolate=0;
$sql = "SELECT a.rowid, a.datefin";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as a";
$sql.= " WHERE a.statut=1";
$resql=$this->db->query($sql);
if ($resql)
{

6
htdocs/admin/adherent.php
View File

@ -43,7 +43,7 @@ $typeconst=array('yesno','texte','chaine');
// Action mise a jour ou ajout d'une constante
if ($_POST["action"] == 'update' || $_POST["action"] == 'add')
{
$result=dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$typeconst[$_POST["consttype"]],0,isset($_POST["constnote"])?$_POST["constnote"]:'');
$result=dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$typeconst[$_POST["consttype"]],0,isset($_POST["constnote"])?$_POST["constnote"]:'',$conf->entity);
if ($result < 0)
{
print $db->error();
@ -53,7 +53,7 @@ if ($_POST["action"] == 'update' || $_POST["action"] == 'add')
// Action activation d'un sous module du module adherent
if ($_GET["action"] == 'set')
{
$result=dolibarr_set_const($db, $_GET["name"],$_GET["value"]);
$result=dolibarr_set_const($db, $_GET["name"],$_GET["value"],'',0,'',$conf->entity);
if ($result < 0)
{
print $db->error();
@ -63,7 +63,7 @@ if ($_GET["action"] == 'set')
// Action desactivation d'un sous module du module adherent
if ($_GET["action"] == 'unset')
{
$result=dolibarr_del_const($db,$_GET["name"]);
$result=dolibarr_del_const($db,$_GET["name"],$conf->entity);
if ($result < 0)
{
print $db->error();

4
htdocs/admin/agenda.php
View File

@ -73,8 +73,8 @@ if ($action == "save")
{
$param='MAIN_AGENDA_ACTIONAUTO_'.$arr['id'];
//print "param=".$param." - ".$_POST[$param];
if (! empty($_POST[$param])) dolibarr_set_const($db,$param,$_POST[$param],'chaine',0);
else dolibarr_del_const($db,$param);
if (! empty($_POST[$param])) dolibarr_set_const($db,$param,$_POST[$param],'chaine',0,'',$conf->entity);
else dolibarr_del_const($db,$param,$conf->entity);
}
$db->commit();

2
htdocs/admin/agenda_xcal.php
View File

@ -45,7 +45,7 @@ if ($actionsave)
$db->begin();
$i+=dolibarr_set_const($db,'MAIN_AGENDA_XCAL_EXPORTKEY',trim($_POST["MAIN_AGENDA_XCAL_EXPORTKEY"]),'chaine',0);
$i+=dolibarr_set_const($db,'MAIN_AGENDA_XCAL_EXPORTKEY',trim($_POST["MAIN_AGENDA_XCAL_EXPORTKEY"]),'chaine',0,'',$conf->entity);
if ($i > 0)
{

8
htdocs/admin/barcode.php
View File

@ -46,20 +46,20 @@ if ($_POST["action"] == 'setcoder')
}
else if ($_POST["action"] == 'setgenbarcodelocation')
{
dolibarr_set_const($db, "GENBARCODE_LOCATION",$_POST["genbarcodelocation"]);
dolibarr_set_const($db, "GENBARCODE_LOCATION",$_POST["genbarcodelocation"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'setdefaultbarcodetype')
{
dolibarr_set_const($db, "PRODUIT_DEFAULT_BARCODE_TYPE", $_POST["coder_id"]);
dolibarr_set_const($db, "PRODUIT_DEFAULT_BARCODE_TYPE", $_POST["coder_id"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'GENBARCODE_BARCODETYPE_THIRDPARTY')
{
dolibarr_set_const($db, "GENBARCODE_BARCODETYPE_THIRDPARTY", $_POST["coder_id"]);
dolibarr_set_const($db, "GENBARCODE_BARCODETYPE_THIRDPARTY", $_POST["coder_id"],'chaine',0,'',$conf->entity);
}
/*
else if ($_POST["action"] == 'setproductusebarcode')
{
dolibarr_set_const($db, "PRODUIT_USE_BARCODE",$_POST["value"]);
dolibarr_set_const($db, "PRODUIT_USE_BARCODE",$_POST["value"],'chaine',0,'',$conf->entity);
Header("Location: barcode.php");
exit;
}

2
htdocs/admin/bookmark.php
View File

@ -34,7 +34,7 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
$result=dolibarr_set_const($db, "BOOKMARKS_SHOW_IN_MENU",$_POST["BOOKMARKS_SHOW_IN_MENU"]);
$result=dolibarr_set_const($db, "BOOKMARKS_SHOW_IN_MENU",$_POST["BOOKMARKS_SHOW_IN_MENU"],'chaine',0,'',$conf->entity);
if ($result >= 0)
{
$mesg='<div class="ok">'.$langs->trans("SetupSaved").'</div>';

38
htdocs/admin/boutique.php
View File

@ -45,28 +45,28 @@ if (!$user->admin)
if ($_POST["save"])
{
$db->begin();
$db->begin();
$i=0;
$i=0;
$i+=dolibarr_set_const($db,'OSC_DB_HOST',trim($_POST["oscommerce_dbhost"]),'chaine',0);
$i+=dolibarr_set_const($db,'OSC_DB_NAME',trim($_POST["oscommerce_dbname"]),'chaine',0);
$i+=dolibarr_set_const($db,'OSC_DB_USER',trim($_POST["oscommerce_dbuser"]),'chaine',0);
$i+=dolibarr_set_const($db,'OSC_DB_PASS',trim($_POST["oscommerce_dbpass"]),'chaine',0);
$i+=dolibarr_set_const($db,'OSC_DB_TABLE_PREFIX',trim($_POST["oscommerce_db_table_prefix"]),'chaine',0);
$i+=dolibarr_set_const($db,'OSC_LANGUAGE_ID',1,'chaine',0);
$i+=dolibarr_set_const($db,'OSC_DB_HOST',trim($_POST["oscommerce_dbhost"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'OSC_DB_NAME',trim($_POST["oscommerce_dbname"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'OSC_DB_USER',trim($_POST["oscommerce_dbuser"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'OSC_DB_PASS',trim($_POST["oscommerce_dbpass"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'OSC_DB_TABLE_PREFIX',trim($_POST["oscommerce_db_table_prefix"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'OSC_LANGUAGE_ID',1,'chaine',0,'',$conf->entity);
if ($i >= 4)
{
$db->commit();
$mesg = "<font class=\"ok\">".$langs->trans("OSCommerceSetupSaved")."</font>";
}
else
{
$db->rollback();
header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
if ($i >= 4)
{
$db->commit();
$mesg = "<font class=\"ok\">".$langs->trans("OSCommerceSetupSaved")."</font>";
}
else
{
$db->rollback();
header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
}
elseif ($_POST["test"])
{

116
htdocs/admin/boxes.php
View File

@ -42,39 +42,39 @@ $boxes = array();
*/
if ((isset($_POST["action"]) && $_POST["action"] == 'addconst'))
{
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES",$_POST["MAIN_BOXES_MAXLINES"]);
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES",$_POST["MAIN_BOXES_MAXLINES"],'',0,'',$conf->entity);
}
if ($_POST["action"] == 'add')
{
$sql = "SELECT rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes";
$sql.= " WHERE fk_user=0 AND box_id=".$_POST["boxid"]." AND position=".$_POST["pos"];
$resql = $db->query($sql);
dol_syslog("boxes.php::search if box active sql=".$sql);
$sql.= " FROM ".MAIN_DB_PREFIX."boxes";
$sql.= " WHERE fk_user=0 AND box_id=".$_POST["boxid"]." AND position=".$_POST["pos"];
$resql = $db->query($sql);
dol_syslog("boxes.php::search if box active sql=".$sql);
if ($resql)
{
$num = $db->num_rows($resql);
if ($num == 0)
{
$db->begin();
{
$num = $db->num_rows($resql);
if ($num == 0)
{
$db->begin();
// Si la boite n'est pas deja active, insert with box_order=''
$sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id, position, box_order, fk_user) values (".$_POST["boxid"].",".$_POST["pos"].", '', 0)";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes (box_id, position, box_order, fk_user) values (".$_POST["boxid"].",".$_POST["pos"].", '', 0)";
dol_syslog("boxes.php activate box sql=".$sql);
$resql = $db->query($sql);
$resql = $db->query($sql);
// Remove all personalized setup when a box is activated or disabled
// Remove all personalized setup when a box is activated or disabled
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param";
$sql.= " WHERE param like 'MAIN_BOXES_%'";
$sql.= " WHERE param like 'MAIN_BOXES_%'";
dol_syslog("boxes.php delete user_param sql=".$sql);
$resql = $db->query($sql);
$resql = $db->query($sql);
$db->commit();
}
Header("Location: boxes.php");
exit;
Header("Location: boxes.php");
exit;
}
else
{
@ -86,49 +86,49 @@ if ($_GET["action"] == 'delete')
{
$db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes";
$sql.= " WHERE rowid=".$_GET["rowid"];
$resql = $db->query($sql);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes";
$sql.= " WHERE rowid=".$_GET["rowid"];
$resql = $db->query($sql);
// Remove all personalized setup when a box is activated or disabled
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param";
$sql.= " WHERE param like 'MAIN_BOXES_%'";
$resql = $db->query($sql);
// Remove all personalized setup when a box is activated or disabled
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param";
$sql.= " WHERE param like 'MAIN_BOXES_%'";
$resql = $db->query($sql);
$db->commit();
}
if ($_GET["action"] == 'switch')
{
// On permute les valeur du champ box_order des 2 lignes de la table boxes
$db->begin();
// On permute les valeur du champ box_order des 2 lignes de la table boxes
$db->begin();
$objfrom=new ModeleBoxes($db);
$objfrom->fetch($_GET["switchfrom"]);
$objto=new ModeleBoxes($db);
$objto->fetch($_GET["switchto"]);
$objfrom=new ModeleBoxes($db);
$objfrom->fetch($_GET["switchfrom"]);
$objto=new ModeleBoxes($db);
$objto->fetch($_GET["switchto"]);
if (is_object($objfrom) && is_object($objto))
{
$sql="UPDATE ".MAIN_DB_PREFIX."boxes set box_order='".$objto->box_order."' WHERE rowid=".$objfrom->rowid;
if (is_object($objfrom) && is_object($objto))
{
$sql="UPDATE ".MAIN_DB_PREFIX."boxes set box_order='".$objto->box_order."' WHERE rowid=".$objfrom->rowid;
//print "xx".$sql;
$resultupdatefrom = $db->query($sql);
if (! $resultupdatefrom) { dol_print_error($db); }
$sql="UPDATE ".MAIN_DB_PREFIX."boxes set box_order='".$objfrom->box_order."' WHERE rowid=".$objto->rowid;
$resultupdatefrom = $db->query($sql);
if (! $resultupdatefrom) { dol_print_error($db); }
$sql="UPDATE ".MAIN_DB_PREFIX."boxes set box_order='".$objfrom->box_order."' WHERE rowid=".$objto->rowid;
//print "xx".$sql;
$resultupdateto = $db->query($sql);
if (! $resultupdateto) { dol_print_error($db); }
}
$resultupdateto = $db->query($sql);
if (! $resultupdateto) { dol_print_error($db); }
}
if ($resultupdatefrom && $resultupdateto)
{
$db->commit();
}
else
{
$db->rollback();
}
if ($resultupdatefrom && $resultupdateto)
{
$db->commit();
}
else
{
$db->rollback();
}
}
@ -147,10 +147,12 @@ print $langs->trans("BoxesDesc")." ".$langs->trans("OnlyActiveElementsAreShown")
$actives = array();
$sql = "SELECT b.rowid, b.box_id, b.position, b.box_order,";
$sql.= " d.rowid as boxid";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as d";
$sql.= " WHERE b.box_id = d.rowid AND fk_user=0";
$sql.= " ORDER by position, box_order";
$sql.= " bd.rowid as boxid";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as bd";
$sql.= " WHERE b.box_id = bd.rowid";
$sql.= " AND bd.entity = ".$conf->entity;
$sql.= " AND b.fk_user=0";
$sql.= " ORDER by b.position, b.box_order";
$resql = $db->query($sql);
if ($resql)
@ -243,6 +245,7 @@ print "</tr>\n";
$sql = "SELECT rowid, file, note, tms";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes_def";
$sql.= " WHERE entity = ".$conf->entity;
$resql = $db->query($sql);
$var=True;
@ -316,11 +319,12 @@ print '<td align="center" width="80">'.$langs->trans("Disable").'</td>';
print "</tr>\n";
$sql = "SELECT b.rowid, b.box_id, b.position,";
$sql.= " d.file, d.note, d.tms";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as d";
$sql.= " WHERE b.box_id = d.rowid";
$sql.= " bd.file, bd.note, bd.tms";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as bd";
$sql.= " WHERE b.box_id = bd.rowid";
$sql.= " AND bd.entity = ".$conf->entity;
$sql.= " AND b.fk_user=0";
$sql.= " ORDER by position, box_order"; // Note box_order return A01,A03...,B02,B04...
$sql.= " ORDER by b.position, b.box_order"; // Note box_order return A01,A03...,B02,B04...
$resql = $db->query($sql);

6
htdocs/admin/cashdesk.php
View File

@ -43,9 +43,9 @@ if ($_POST["action"] == 'set')
if ($_POST["CASHDESK_ID_WAREHOUSE"] < 0) $_POST["CASHDESK_ID_WAREHOUSE"]='';
if ($_POST["CASHDESK_ID_BANKACCOUNT"] < 0) $_POST["CASHDESK_ID_BANKACCOUNT"]='';
dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",$_POST["CASHDESK_ID_THIRDPARTY"]);
dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT",$_POST["CASHDESK_ID_BANKACCOUNT"]);
dolibarr_set_const($db,"CASHDESK_ID_WAREHOUSE",$_POST["CASHDESK_ID_WAREHOUSE"]);
dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",$_POST["CASHDESK_ID_THIRDPARTY"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT",$_POST["CASHDESK_ID_BANKACCOUNT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db,"CASHDESK_ID_WAREHOUSE",$_POST["CASHDESK_ID_WAREHOUSE"],'chaine',0,'',$conf->entity);
dol_syslog("admin/cashdesk: level ".$_POST["level"]);
}

2
htdocs/admin/clicktodial.php
View File

@ -34,7 +34,7 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
$result=dolibarr_set_const($db, "CLICKTODIAL_URL",$_POST["url"]);
$result=dolibarr_set_const($db, "CLICKTODIAL_URL",$_POST["url"],'chaine',0,'',$conf->entity);
if ($result >= 0)
{
$mesg='<div class="ok">'.$langs->trans("Success").'</div>';

44
htdocs/admin/commande.php
View File

@ -1,11 +1,11 @@
<?php
/* Copyright (C) 2003-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2005-2007 Regis Houssin <regis.houssin@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
/* Copyright (C) 2003-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis.houssin@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -49,7 +49,7 @@ if ($_POST["action"] == 'updateMask')
{
$maskconstorder=$_POST['maskconstorder'];
$maskorder=$_POST['maskorder'];
if ($maskconstorder) dolibarr_set_const($db,$maskconstorder,$maskorder);
if ($maskconstorder) dolibarr_set_const($db,$maskconstorder,$maskorder,'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -90,7 +90,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='order';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -101,7 +101,10 @@ if ($_GET["action"] == 'del')
{
$type='order';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -112,7 +115,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "COMMANDE_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "COMMANDE_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->COMMANDE_ADDON_PDF = $_GET["value"];
}
@ -120,9 +123,11 @@ if ($_GET["action"] == 'setdoc')
// On active le modele
$type='order';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -139,32 +144,32 @@ if ($_GET["action"] == 'setmod')
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "COMMANDE_ADDON",$_GET["value"]);
dolibarr_set_const($db, "COMMANDE_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_COMMANDE_DRAFT_WATERMARK')
{
dolibarr_set_const($db, "COMMANDE_DRAFT_WATERMARK",trim($_POST["COMMANDE_DRAFT_WATERMARK"]));
dolibarr_set_const($db, "COMMANDE_DRAFT_WATERMARK",trim($_POST["COMMANDE_DRAFT_WATERMARK"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_COMMANDE_FREE_TEXT')
{
dolibarr_set_const($db, "COMMANDE_FREE_TEXT",trim($_POST["COMMANDE_FREE_TEXT"]));
dolibarr_set_const($db, "COMMANDE_FREE_TEXT",trim($_POST["COMMANDE_FREE_TEXT"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setvalidorder')
{
dolibarr_set_const($db, "COMMANDE_VALID_AFTER_CLOSE_PROPAL",$_POST["validorder"]);
dolibarr_set_const($db, "COMMANDE_VALID_AFTER_CLOSE_PROPAL",$_POST["validorder"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'deliverycostline')
{
dolibarr_set_const($db, "COMMANDE_ADD_DELIVERY_COST_LINE",$_POST["addline"]);
dolibarr_set_const($db, "COMMANDE_ADD_DELIVERY_COST_LINE",$_POST["addline"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_use_customer_contact_as_recipient')
{
dolibarr_set_const($db, "COMMANDE_USE_CUSTOMER_CONTACT_AS_RECIPIENT",$_POST["use_customer_contact_as_recipient"]);
dolibarr_set_const($db, "COMMANDE_USE_CUSTOMER_CONTACT_AS_RECIPIENT",$_POST["use_customer_contact_as_recipient"],'chaine',0,'',$conf->entity);
}
@ -288,6 +293,7 @@ $def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{

58
htdocs/admin/company.php
View File

@ -41,18 +41,18 @@ accessforbidden();
if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
|| (isset($_POST["action"]) && $_POST["action"] == 'updateedit') )
{
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOM",$_POST["nom"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ADRESSE",$_POST["address"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_VILLE",$_POST["ville"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_CP",$_POST["cp"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_PAYS",$_POST["pays_id"]);
dolibarr_set_const($db, "MAIN_MONNAIE",$_POST["currency"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TEL",$_POST["tel"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX",$_POST["fax"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL",$_POST["mail"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_WEB",$_POST["web"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOTE",$_POST["note"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_GENCOD",$_POST["gencod"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOM",$_POST["nom"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_ADRESSE",$_POST["address"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_VILLE",$_POST["ville"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_CP",$_POST["cp"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_PAYS",$_POST["pays_id"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MONNAIE",$_POST["currency"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_TEL",$_POST["tel"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX",$_POST["fax"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL",$_POST["mail"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_WEB",$_POST["web"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOTE",$_POST["note"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_GENCOD",$_POST["gencod"],'chaine',0,'',$conf->entity);
if ($_FILES["logo"]["tmp_name"])
{
if (eregi('([^\\\/:]+)$',$_FILES["logo"]["name"],$reg))
@ -69,7 +69,7 @@ if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
}
if (dol_move_uploaded_file($_FILES["logo"]["tmp_name"],$conf->societe->dir_logos.'/'.$original_file,1) > 0)
{
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO",$original_file);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO",$original_file,'chaine',0,'',$conf->entity);
// Create thumbs of logo
if ($isimage > 0)
@ -80,7 +80,7 @@ if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
if (eregi('([^\\\/:]+)$',$imgThumbSmall,$reg))
{
$imgThumbSmall = $reg[1];
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL",$imgThumbSmall);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL",$imgThumbSmall,'chaine',0,'',$conf->entity);
}
else dol_syslog($imgThumbSmall);
@ -89,7 +89,7 @@ if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
if (eregi('([^\\\/:]+)$',$imgThumbMini,$reg))
{
$imgThumbMini = $reg[1];
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI",$imgThumbMini);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI",$imgThumbMini,'chaine',0,'',$conf->entity);
}
else dol_syslog($imgThumbMini);
}
@ -107,17 +107,17 @@ if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
}
}
dolibarr_set_const($db, "MAIN_INFO_CAPITAL",$_POST["capital"]);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FORME_JURIDIQUE",$_POST["forme_juridique_code"]);
dolibarr_set_const($db, "MAIN_INFO_SIREN",$_POST["siren"]);
dolibarr_set_const($db, "MAIN_INFO_SIRET",$_POST["siret"]);
dolibarr_set_const($db, "MAIN_INFO_APE",$_POST["ape"]);
dolibarr_set_const($db, "MAIN_INFO_RCS",$_POST["rcs"]);
dolibarr_set_const($db, "MAIN_INFO_TVAINTRA",$_POST["tva"]);
dolibarr_set_const($db, "MAIN_INFO_CAPITAL",$_POST["capital"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FORME_JURIDIQUE",$_POST["forme_juridique_code"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SIREN",$_POST["siren"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_SIRET",$_POST["siret"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_APE",$_POST["ape"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_RCS",$_POST["rcs"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_INFO_TVAINTRA",$_POST["tva"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "SOCIETE_FISCAL_MONTH_START",$_POST["fiscalmonthstart"]);
dolibarr_set_const($db, "SOCIETE_FISCAL_MONTH_START",$_POST["fiscalmonthstart"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "FACTURE_TVAOPTION",$_POST["optiontva"]);
dolibarr_set_const($db, "FACTURE_TVAOPTION",$_POST["optiontva"],'chaine',0,'',$conf->entity);
if ($_POST['action'] != 'updateedit' && ! $message)
{
@ -140,7 +140,7 @@ if ($_GET["action"] == 'addthumb')
if (image_format_supported($imgThumbSmall) >= 0 && eregi('([^\\\/:]+)$',$imgThumbSmall,$reg))
{
$imgThumbSmall = $reg[1];
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL",$imgThumbSmall);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL",$imgThumbSmall,'chaine',0,'',$conf->entity);
}
else dol_syslog($imgThumbSmall);
@ -149,7 +149,7 @@ if ($_GET["action"] == 'addthumb')
if (image_format_supported($imgThumbSmall) >= 0 && eregi('([^\\\/:]+)$',$imgThumbMini,$reg))
{
$imgThumbMini = $reg[1];
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI",$imgThumbMini);
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI",$imgThumbMini,'chaine',0,'',$conf->entity);
}
else dol_syslog($imgThumbMini);
@ -173,17 +173,17 @@ if ($_GET["action"] == 'removelogo')
{
$logofile=$conf->societe->dir_logos.'/'.$mysoc->logo;
dol_delete_file($logofile);
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO");
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO",$conf->entity);
$mysoc->logo='';
$logosmallfile=$conf->societe->dir_logos.'/thumbs/'.$mysoc->logo_small;
dol_delete_file($logosmallfile);
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL");
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO_SMALL",$conf->entity);
$mysoc->logo_small='';
$logominifile=$conf->societe->dir_logos.'/thumbs/'.$mysoc->logo_mini;
dol_delete_file($logominifile);
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI");
dolibarr_del_const($db, "MAIN_INFO_SOCIETE_LOGO_MINI",$conf->entity);
$mysoc->logo_mini='';
}

16
htdocs/admin/compta.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -42,7 +43,7 @@ $compta_mode = defined('COMPTA_MODE')?COMPTA_MODE:'RECETTES-DEPENSES';
if ($_POST['action'] == 'setcomptamode')
{
$compta_mode = $_POST['compta_mode'];
if (! dolibarr_set_const($db, 'COMPTA_MODE', $compta_mode)) { print $db->error(); }
if (! dolibarr_set_const($db, 'COMPTA_MODE', $compta_mode,'chaine',0,'',$conf->entity)) { print $db->error(); }
// Note: This setup differs from TAX_MODE.
// TAX_MODE is used with 0=normal, 1=option vat for services is on debit
}
@ -54,7 +55,7 @@ $typeconst=array('yesno','texte','chaine');
if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
{
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : ''));
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : '',$conf->entity));
{
print $db->error();
}
@ -63,7 +64,7 @@ if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
if ($_GET['action'] == 'delete')
{
if (! dolibarr_del_const($db, $_GET['constname']));
if (! dolibarr_del_const($db, $_GET['constname'],$conf->entity));
{
print $db->error();
}
@ -113,9 +114,12 @@ print "</table>\n";
print "<br>\n";
// Cas des autres parametres COMPTA_*
$sql ="SELECT rowid, name, value, type, note";
$sql.=" FROM llx_const";
$sql.=" WHERE name like 'COMPTA_%' and name not in ('COMPTA_MODE')";
$sql = "SELECT rowid, name, value, type, note";
$sql.= " FROM ".MAIN_DB_PREFIX."const";
$sql.= " WHERE name LIKE 'COMPTA_%'";
$sql.= " AND name NOT IN ('COMPTA_MODE')";
$sql.= " AND entity = ".$conf->entity;
$result = $db->query($sql);
if ($result)
{

6
htdocs/admin/comptaexpert.php
View File

@ -45,7 +45,7 @@ $compta_mode = defined('COMPTA_MODE')?COMPTA_MODE:'RECETTES-DEPENSES';
if ($_POST['action'] == 'setcomptamode')
{
$compta_mode = $_POST['compta_mode'];
if (! dolibarr_set_const($db, 'COMPTA_MODE', $compta_mode)) { print $db->error(); }
if (! dolibarr_set_const($db, 'COMPTA_MODE', $compta_mode,'chaine',0,'',$conf->entity)) { print $db->error(); }
}
@ -55,7 +55,7 @@ $typeconst=array('yesno','texte','chaine');
if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
{
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : ''));
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : '',$conf->entity));
{
print $db->error();
}
@ -64,7 +64,7 @@ if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
if ($_GET['action'] == 'delete')
{
if (! dolibarr_del_const($db, $_GET['constname']));
if (! dolibarr_del_const($db, $_GET['constname'],$conf->entity));
{
print $db->error();
}

13
htdocs/admin/confexped.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
/* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -38,25 +39,25 @@ if (!$user->admin)
if ($_GET["action"] == 'activate_sending')
{
dolibarr_set_const($db, "MAIN_SUBMODULE_EXPEDITION", "1");
dolibarr_set_const($db, "MAIN_SUBMODULE_EXPEDITION", "1",'chaine',0,'',$conf->entity);
Header("Location: confexped.php");
exit;
}
else if ($_GET["action"] == 'disable_sending')
{
dolibarr_del_const($db, "MAIN_SUBMODULE_EXPEDITION");
dolibarr_del_const($db, "MAIN_SUBMODULE_EXPEDITION",$conf->entity);
Header("Location: confexped.php");
exit;
}
else if ($_GET["action"] == 'activate_delivery')
{
dolibarr_set_const($db, "MAIN_SUBMODULE_LIVRAISON", "1");
dolibarr_set_const($db, "MAIN_SUBMODULE_LIVRAISON", "1",'chaine',0,'',$conf->entity);
Header("Location: confexped.php");
exit;
}
else if ($_GET["action"] == 'disable_delivery')
{
dolibarr_del_const($db, "MAIN_SUBMODULE_LIVRAISON");
dolibarr_del_const($db, "MAIN_SUBMODULE_LIVRAISON",$conf->entity);
Header("Location: confexped.php");
exit;
}

6
htdocs/admin/const.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -107,12 +108,13 @@ print '</form>';
if ($all==1){
$sql = "SELECT rowid, name, value, note, entity ";
$sql.= "FROM llx_const ";
$sql.= "WHERE entity = 0 OR entity = ".$conf->entity." ";
$sql.= "WHERE entity IN (0,".$conf->entity.") ";
$sql.= "ORDER BY name ASC";
}else{
$sql = "SELECT rowid, name, value, note, entity ";
$sql.= "FROM llx_const ";
$sql.= "WHERE visible = 1 AND (entity = 0 OR entity = ".$conf->entity.") ";
$sql.= "WHERE visible = 1 ";
$sql.= "AND entity IN (0,".$conf->entity.") ";
$sql.= "ORDER BY name ASC";
}
dol_syslog("Const::listConstant sql=".$sql,LOG_DEBUG);

23
htdocs/admin/delais.php
View File

@ -2,6 +2,7 @@
/* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Simon Tosser <simon@kornog-computing.com>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -40,17 +41,17 @@ if (!$user->admin)
if ( (isset($_POST["action"]) && $_POST["action"] == 'update'))
{
//Conversion des jours en secondes
dolibarr_set_const($db, "MAIN_DELAY_ACTIONS_TODO",$_POST["ActionsToDo"]);
dolibarr_set_const($db, "MAIN_DELAY_ORDERS_TO_PROCESS",$_POST["OrdersToProcess"]);
dolibarr_set_const($db, "MAIN_DELAY_PROPALS_TO_CLOSE",$_POST["PropalsToClose"]);
dolibarr_set_const($db, "MAIN_DELAY_PROPALS_TO_BILL",$_POST["PropalsToBill"]);
dolibarr_set_const($db, "MAIN_DELAY_NOT_ACTIVATED_SERVICES",$_POST["BoardNotActivatedServices"]);
dolibarr_set_const($db, "MAIN_DELAY_RUNNING_SERVICES",$_POST["BoardRunningServices"]);
dolibarr_set_const($db, "MAIN_DELAY_SUPPLIER_BILLS_TO_PAY",$_POST["SupplierBillsToPay"]);
dolibarr_set_const($db, "MAIN_DELAY_CUSTOMER_BILLS_UNPAYED",$_POST["CustomerBillsUnpayed"]);
dolibarr_set_const($db, "MAIN_DELAY_TRANSACTIONS_TO_CONCILIATE",$_POST["TransactionsToConciliate"]);
dolibarr_set_const($db, "MAIN_DELAY_CHEQUES_TO_DEPOSIT",$_POST["ChequesToDeposit"]);
dolibarr_set_const($db, "MAIN_DELAY_MEMBERS",$_POST["Members"]);
if ($_POST["ActionsToDo"]) dolibarr_set_const($db, "MAIN_DELAY_ACTIONS_TODO",$_POST["ActionsToDo"],'chaine',0,'',$conf->entity);
if ($_POST["OrdersToProcess"]) dolibarr_set_const($db, "MAIN_DELAY_ORDERS_TO_PROCESS",$_POST["OrdersToProcess"],'chaine',0,'',$conf->entity);
if ($_POST["PropalsToClose"]) dolibarr_set_const($db, "MAIN_DELAY_PROPALS_TO_CLOSE",$_POST["PropalsToClose"],'chaine',0,'',$conf->entity);
if ($_POST["PropalsToBill"]) dolibarr_set_const($db, "MAIN_DELAY_PROPALS_TO_BILL",$_POST["PropalsToBill"],'chaine',0,'',$conf->entity);
if ($_POST["BoardNotActivatedServices"]) dolibarr_set_const($db, "MAIN_DELAY_NOT_ACTIVATED_SERVICES",$_POST["BoardNotActivatedServices"],'chaine',0,'',$conf->entity);
if ($_POST["BoardRunningServices"]) dolibarr_set_const($db, "MAIN_DELAY_RUNNING_SERVICES",$_POST["BoardRunningServices"],'chaine',0,'',$conf->entity);
if ($_POST["SupplierBillsToPay"]) dolibarr_set_const($db, "MAIN_DELAY_SUPPLIER_BILLS_TO_PAY",$_POST["SupplierBillsToPay"],'chaine',0,'',$conf->entity);
if ($_POST["CustomerBillsUnpayed"]) dolibarr_set_const($db, "MAIN_DELAY_CUSTOMER_BILLS_UNPAYED",$_POST["CustomerBillsUnpayed"],'chaine',0,'',$conf->entity);
if ($_POST["TransactionsToConciliate"]) dolibarr_set_const($db, "MAIN_DELAY_TRANSACTIONS_TO_CONCILIATE",$_POST["TransactionsToConciliate"],'chaine',0,'',$conf->entity);
if ($_POST["ChequesToDeposit"]) dolibarr_set_const($db, "MAIN_DELAY_CHEQUES_TO_DEPOSIT",$_POST["ChequesToDeposit"],'chaine',0,'',$conf->entity);
if ($_POST["Members"]) dolibarr_set_const($db, "MAIN_DELAY_MEMBERS",$_POST["Members"],'chaine',0,'',$conf->entity);
}

2
htdocs/admin/dons.php
View File

@ -77,7 +77,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "DON_ADDON_MODEL",$_GET["value"]))
if (dolibarr_set_const($db, "DON_ADDON_MODEL",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->DON_ADDON_MODEL = $_GET["value"];
}

4
htdocs/admin/droitpret.php
View File

@ -46,7 +46,7 @@ $var=True;
if ($_POST["action"] == 'update' || $_POST["action"] == 'add')
{
if (! dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$_POST["consttype"],0,isset($_POST["constnote"])?$_POST["constnote"]:''))
if (! dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$_POST["consttype"],0,isset($_POST["constnote"])?$_POST["constnote"]:'',$conf->entity))
{
print $db->error();
}
@ -80,7 +80,7 @@ print "</tr>\n";
$var=true;
$form = new Form($db);
// Cat<EFBFBD>gorie
// Categorie
$var=!$var;
print '<form action="droitpret.php" method="POST">';
print '<input type="hidden" name="action" value="update">';

4
htdocs/admin/editeur.php
View File

@ -33,11 +33,11 @@ if (!$user->admin)
accessforbidden();
// Action activation d'un sous module du module adh<EFBFBD>rent
// Action activation d'un sous module du module adherent
if ($_POST["action"] == 'set')
{
$name = "EDITEUR_LIVRE_FORMAT_".time();
$result=dolibarr_set_const($db, $name, $_POST["format"]);
$result=dolibarr_set_const($db, $name, $_POST["format"],'chaine',0,'',$conf->entity);
if ($result < 0)
{
print $db->error();

2
htdocs/admin/energie.php
View File

@ -36,7 +36,7 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
dolibarr_set_const($db, "JPGRAPH_DIR",$_POST["url"]);
dolibarr_set_const($db, "JPGRAPH_DIR",$_POST["url"],'chaine',0,'',$conf->entity);
}

4
htdocs/admin/events.php
View File

@ -88,8 +88,8 @@ if ($action == "save")
{
$param='MAIN_LOGEVENTS_'.$arr['id'];
//print "param=".$param." - ".$_POST[$param];
if (! empty($_POST[$param])) dolibarr_set_const($db,$param,$_POST[$param],'chaine',0);
else dolibarr_del_const($db,$param);
if (! empty($_POST[$param])) dolibarr_set_const($db,$param,$_POST[$param],'chaine',0,'',$conf->entity);
else dolibarr_del_const($db,$param,$conf->entity);
}
$db->commit();

27
htdocs/admin/expedition.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -83,7 +83,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='shipping';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -94,7 +94,10 @@ if ($_GET["action"] == 'del')
{
$type='shipping';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -105,7 +108,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "EXPEDITION_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "EXPEDITION_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->EXPEDITION_ADDON_PDF = $_GET["value"];
}
@ -113,9 +116,11 @@ if ($_GET["action"] == 'setdoc')
// On active le modele
$type='shipping';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -139,7 +144,9 @@ if ($_GET["action"] == 'setmethod' || $_GET["action"] == 'setmod')
$class = "methode_expedition_$module";
$expem = new $class($db);
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."expedition_methode WHERE rowid = ".$moduleid;
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."expedition_methode";
$sql.= " WHERE rowid = ".$moduleid;
$resql = $db->query($sql);
if ($resql && ($statut == 1 || $_GET["action"] == 'setmod'))
{
@ -148,6 +155,7 @@ if ($_GET["action"] == 'setmethod' || $_GET["action"] == 'setmod')
$sqlu = "UPDATE ".MAIN_DB_PREFIX."expedition_methode";
$sqlu.= " SET statut=1";
$sqlu.= " WHERE rowid=".$moduleid;
$result=$db->query($sqlu);
if ($result)
{
@ -200,7 +208,7 @@ if ($_GET["action"] == 'setmod')
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "EXPEDITION_ADDON",$_GET["module"]);
dolibarr_set_const($db, "EXPEDITION_ADDON",$_GET["module"],'chaine',0,'',$conf->entity);
}
@ -253,9 +261,12 @@ print_titre($langs->trans("SendingsReceiptModel"));
// Defini tableau def de modele invoice
$type="shipping";
$def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{

12
htdocs/admin/external_rss.php
View File

@ -83,7 +83,7 @@ if ($_POST["action"] == 'add' || $_POST["modify"])
}
else
{
// Ajoute boite box_external_rss dans d<EFBFBD>finition des boites
// Ajoute boite box_external_rss dans definition des boites
$sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes_def (file, note)";
$sql.= " VALUES ('box_external_rss.php','".addslashes($_POST["norss"].' ('.$_POST[$external_rss_title]).")')";
if (! $db->query($sql))
@ -93,8 +93,8 @@ if ($_POST["action"] == 'add' || $_POST["modify"])
}
}
$result1=dolibarr_set_const($db, "EXTERNAL_RSS_TITLE_" . $_POST["norss"],$_POST[$external_rss_title]);
if ($result1) $result2=dolibarr_set_const($db, "EXTERNAL_RSS_URLRSS_" . $_POST["norss"],$_POST[$external_rss_urlrss]);
$result1=dolibarr_set_const($db, "EXTERNAL_RSS_TITLE_" . $_POST["norss"],$_POST[$external_rss_title],'chaine',0,'',$conf->entity);
if ($result1) $result2=dolibarr_set_const($db, "EXTERNAL_RSS_URLRSS_" . $_POST["norss"],$_POST[$external_rss_urlrss],'chaine',0,'',$conf->entity);
if ($result1 && $result2)
{
@ -117,7 +117,7 @@ if ($_POST["delete"])
{
$db->begin();
// Supprime boite box_external_rss de d<EFBFBD>finition des boites
// Supprime boite box_external_rss de definition des boites
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def";
$sql.= " WHERE file ='box_external_rss.php' AND note like '".$_POST["norss"]." %'";
@ -158,8 +158,8 @@ if ($_POST["delete"])
}
$result1=dolibarr_del_const($db,"EXTERNAL_RSS_TITLE_" . $_POST["norss"]);
if ($result1) $result2=dolibarr_del_const($db,"EXTERNAL_RSS_URLRSS_" . $_POST["norss"]);
$result1=dolibarr_del_const($db,"EXTERNAL_RSS_TITLE_" . $_POST["norss"],$conf->entity);
if ($result1) $result2=dolibarr_del_const($db,"EXTERNAL_RSS_URLRSS_" . $_POST["norss"],$conf->entity);
if ($result1 && $result2)
{

76
htdocs/admin/facture.php
View File

@ -1,8 +1,8 @@
<?php
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -52,8 +52,8 @@ if ($_POST["action"] == 'updateMask')
$maskconstcredit=$_POST['maskconstcredit'];
$maskinvoice=$_POST['maskinvoice'];
$maskcredit=$_POST['maskcredit'];
if ($maskconstinvoice) dolibarr_set_const($db,$maskconstinvoice,$maskinvoice);
if ($maskconstcredit) dolibarr_set_const($db,$maskconstcredit,$maskcredit);
if ($maskconstinvoice) dolibarr_set_const($db,$maskconstinvoice,$maskinvoice,'chaine',0,'',$conf->entity);
if ($maskconstcredit) dolibarr_set_const($db,$maskconstcredit,$maskcredit,'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -94,7 +94,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='invoice';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -105,7 +105,10 @@ if ($_GET["action"] == 'del')
{
$type='invoice';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -116,7 +119,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "FACTURE_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "FACTURE_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->FACTURE_ADDON_PDF = $_GET["value"];
}
@ -124,9 +127,11 @@ if ($_GET["action"] == 'setdoc')
// On active le modele
$type='invoice';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del.= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -143,43 +148,43 @@ if ($_GET["action"] == 'setmod')
// \todo Verifier si module numerotation choisi peut etre activ<69>
// par appel methode canBeActivated
dolibarr_set_const($db, "FACTURE_ADDON",$_GET["value"]);
dolibarr_set_const($db, "FACTURE_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setribchq')
{
dolibarr_set_const($db, "FACTURE_RIB_NUMBER",$_POST["rib"]);
dolibarr_set_const($db, "FACTURE_CHQ_NUMBER",$_POST["chq"]);
dolibarr_set_const($db, "FACTURE_RIB_NUMBER",$_POST["rib"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "FACTURE_CHQ_NUMBER",$_POST["chq"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_FACTURE_DRAFT_WATERMARK')
{
dolibarr_set_const($db, "FACTURE_DRAFT_WATERMARK",trim($_POST["FACTURE_DRAFT_WATERMARK"]));
dolibarr_set_const($db, "FACTURE_DRAFT_WATERMARK",trim($_POST["FACTURE_DRAFT_WATERMARK"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_FACTURE_FREE_TEXT')
{
dolibarr_set_const($db, "FACTURE_FREE_TEXT",trim($_POST["FACTURE_FREE_TEXT"]));
dolibarr_set_const($db, "FACTURE_FREE_TEXT",trim($_POST["FACTURE_FREE_TEXT"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setforcedate')
{
dolibarr_set_const($db, "FAC_FORCE_DATE_VALIDATION",$_POST["forcedate"]);
dolibarr_set_const($db, "FAC_FORCE_DATE_VALIDATION",$_POST["forcedate"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_enable_editdelete')
{
dolibarr_set_const($db, "FACTURE_ENABLE_EDITDELETE",$_POST["enable_editdelete"]);
dolibarr_set_const($db, "FACTURE_ENABLE_EDITDELETE",$_POST["enable_editdelete"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_use_bill_contact_as_recipient')
{
dolibarr_set_const($db, "FACTURE_USE_BILL_CONTACT_AS_RECIPIENT",$_POST["use_bill_contact_as_recipient"]);
dolibarr_set_const($db, "FACTURE_USE_BILL_CONTACT_AS_RECIPIENT",$_POST["use_bill_contact_as_recipient"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'update' || $_POST["action"] == 'add')
{
if (! dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$typeconst[$_POST["consttype"]],0,isset($_POST["constnote"])?$_POST["constnote"]:''));
if (! dolibarr_set_const($db, $_POST["constname"],$_POST["constvalue"],$typeconst[$_POST["consttype"]],0,isset($_POST["constnote"])?$_POST["constnote"]:'',$conf->entity));
{
dol_print_error($db);
}
@ -187,20 +192,20 @@ if ($_POST["action"] == 'update' || $_POST["action"] == 'add')
if ($_GET["action"] == 'delete')
{
if (! dolibarr_del_const($db, $_GET["rowid"]));
if (! dolibarr_del_const($db, $_GET["rowid"],$conf->entity));
{
dol_print_error($db);
}
}
// defini les constantes du modele pluton
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "FACTURE_NUM_MATRICE",$_POST["matrice"]);
if ($_POST["action"] == 'updatePrefixFacture') dolibarr_set_const($db, "FACTURE_NUM_PREFIX",$_POST["prefixfacture"]);
if ($_POST["action"] == 'updatePrefixAvoir') dolibarr_set_const($db, "AVOIR_NUM_PREFIX",$_POST["prefixavoir"]);
if ($_POST["action"] == 'setOffsetInvoice') dolibarr_set_const($db, "FACTURE_NUM_DELTA",$_POST["offsetinvoice"]);
if ($_POST["action"] == 'setOffsetCreditNote') dolibarr_set_const($db, "AVOIR_NUM_DELTA",$_POST["offsetcreditnote"]);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "FACTURE_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"]);
if ($_POST["action"] == 'setNumWithInvoice') dolibarr_set_const($db, "AVOIR_NUM_WITH_INVOICE",$_POST["numwithinvoice"]);
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "FACTURE_NUM_MATRICE",$_POST["matrice"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'updatePrefixFacture') dolibarr_set_const($db, "FACTURE_NUM_PREFIX",$_POST["prefixfacture"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'updatePrefixAvoir') dolibarr_set_const($db, "AVOIR_NUM_PREFIX",$_POST["prefixavoir"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setOffsetInvoice') dolibarr_set_const($db, "FACTURE_NUM_DELTA",$_POST["offsetinvoice"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setOffsetCreditNote') dolibarr_set_const($db, "AVOIR_NUM_DELTA",$_POST["offsetcreditnote"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "FACTURE_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setNumWithInvoice') dolibarr_set_const($db, "AVOIR_NUM_WITH_INVOICE",$_POST["numwithinvoice"],'chaine',0,'',$conf->entity);
/*
@ -344,6 +349,7 @@ $def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = 'invoice'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -392,7 +398,7 @@ while (($file = readdir($handle))!==false)
print $module->description;
print '</td>';
// Activ<EFBFBD>
// Active
if (in_array($name, $def))
{
print "<td align=\"center\">\n";
@ -457,7 +463,7 @@ print '</table>';
/*
* Modes de r<EFBFBD>glement
* Modes de reglement
*
*/
print '<br>';
@ -481,8 +487,9 @@ if ($conf->banque->enabled)
{
$sql = "SELECT rowid, label";
$sql.= " FROM ".MAIN_DB_PREFIX."bank_account";
$sql.= " where clos = 0";
$sql.= " and courant = 1";
$sql.= " WHERE clos = 0";
$sql.= " AND courant = 1";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -523,8 +530,9 @@ print '<option value="-1"'.($conf->global->FACTURE_CHQ_NUMBER?' selected="true"'
$sql = "SELECT rowid, label";
$sql.= " FROM ".MAIN_DB_PREFIX."bank_account";
$sql.= " where clos = 0";
$sql.= " and courant = 1";
$sql.= " WHERE clos = 0";
$sql.= " AND courant = 1";
$sql.= " AND entity = ".$conf->entity;
$var=True;
$resql=$db->query($sql);
if ($resql)

6
htdocs/admin/fckeditor.php
View File

@ -68,18 +68,18 @@ foreach($modules as $const => $desc)
{
if ($_GET["action"] == 'activate_'.strtolower($const))
{
dolibarr_set_const($db, "FCKEDITOR_ENABLE_".$const, "1");
dolibarr_set_const($db, "FCKEDITOR_ENABLE_".$const, "1",'chaine',0,'',$conf->entity);
// Si fckeditor est activé dans la description produit/service, on l'active dans les formulaires
if ($const == 'PRODUCTDESC' && $conf->global->PRODUIT_DESC_IN_FORM)
{
dolibarr_set_const($db, "FCKEDITOR_ENABLE_DETAILS", "1");
dolibarr_set_const($db, "FCKEDITOR_ENABLE_DETAILS", "1",'chaine',0,'',$conf->entity);
}
Header("Location: fckeditor.php");
exit;
}
if ($_GET["action"] == 'disable_'.strtolower($const))
{
dolibarr_del_const($db, "FCKEDITOR_ENABLE_".$const);
dolibarr_del_const($db, "FCKEDITOR_ENABLE_".$const,$conf->entity);
Header("Location: fckeditor.php");
exit;
}

50
htdocs/admin/fichinter.php
View File

@ -1,9 +1,9 @@
<?php
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -48,12 +48,12 @@ if ($_POST["action"] == 'updateMask')
{
$maskconst=$_POST['maskconst'];
$maskvalue=$_POST['maskvalue'];
if ($maskconst) dolibarr_set_const($db,$maskconst,$maskvalue);
if ($maskconst) dolibarr_set_const($db,$maskconst,$maskvalue,'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_FICHINTER_DRAFT_WATERMARK')
{
dolibarr_set_const($db, "FICHINTER_DRAFT_WATERMARK",trim($_POST["FICHINTER_DRAFT_WATERMARK"]));
dolibarr_set_const($db, "FICHINTER_DRAFT_WATERMARK",trim($_POST["FICHINTER_DRAFT_WATERMARK"]),'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -94,7 +94,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='ficheinter';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -105,7 +105,10 @@ if ($_GET["action"] == 'del')
{
$type='ficheinter';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -116,19 +119,21 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "FICHEINTER_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "FICHEINTER_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
// La constante qui a <EFBFBD>t<EFBFBD> lue en avant du nouveau set
// on passe donc par une variable pour avoir un affichage coh<EFBFBD>rent
// La constante qui a ete lue en avant du nouveau set
// on passe donc par une variable pour avoir un affichage coherent
$conf->global->FICHEINTER_ADDON_PDF = $_GET["value"];
}
// On active le modele
$type='ficheinter';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -142,17 +147,17 @@ if ($_GET["action"] == 'setdoc')
if ($_GET["action"] == 'setmod')
{
// \todo Verifier si module numerotation choisi peut etre activ<EFBFBD>
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "FICHEINTER_ADDON",$_GET["value"]);
dolibarr_set_const($db, "FICHEINTER_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
// d<EFBFBD>fini les constantes du mod<6F>le arctic
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "FICHEINTER_NUM_MATRICE",$_POST["matrice"]);
if ($_POST["action"] == 'updatePrefix') dolibarr_set_const($db, "FICHEINTER_NUM_PREFIX",$_POST["prefix"]);
if ($_POST["action"] == 'setOffset') dolibarr_set_const($db, "FICHEINTER_NUM_DELTA",$_POST["offset"]);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "FICHEINTER_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"]);
// defini les constantes du modele arctic
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "FICHEINTER_NUM_MATRICE",$_POST["matrice"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'updatePrefix') dolibarr_set_const($db, "FICHEINTER_NUM_PREFIX",$_POST["prefix"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setOffset') dolibarr_set_const($db, "FICHEINTER_NUM_DELTA",$_POST["offset"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "FICHEINTER_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"],'chaine',0,'',$conf->entity);
/*
@ -258,6 +263,7 @@ $def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -307,7 +313,7 @@ while (($file = readdir($handle))!==false)
print $module->description;
print '</td>';
// Activ<EFBFBD>
// Active
if (in_array($name, $def))
{
print "<td align=\"center\">\n";

82
htdocs/admin/fournisseur.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2003-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
*
@ -49,7 +49,7 @@ if ($_POST["action"] == 'updateMask')
{
$maskconstorder=$_POST['maskconstorder'];
$maskorder=$_POST['maskorder'];
if ($maskconstorder) dolibarr_set_const($db,$maskconstorder,$maskorder);
if ($maskconstorder) dolibarr_set_const($db,$maskconstorder,$maskorder,'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -90,7 +90,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='supplier_order';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -101,7 +101,9 @@ if ($_GET["action"] == 'del')
{
$type='supplier_order';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -112,7 +114,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "COMMANDE_SUPPLIER_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "COMMANDE_SUPPLIER_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->COMMANDE_SUPPLIER_ADDON_PDF = $_GET["value"];
}
@ -120,9 +122,11 @@ if ($_GET["action"] == 'setdoc')
// On active le modele
$type='supplier_order';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -136,10 +140,10 @@ if ($_GET["action"] == 'setdoc')
if ($_GET["action"] == 'setmod')
{
// \todo Verifier si module numerotation choisi peut etre activ<EFBFBD>
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "COMMANDE_SUPPLIER_ADDON",$_GET["value"]);
dolibarr_set_const($db, "COMMANDE_SUPPLIER_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'addcat')
@ -148,11 +152,11 @@ if ($_POST["action"] == 'addcat')
$fourn->CreateCategory($user,$_POST["cat"]);
}
// d<EFBFBD>fini les constantes du mod<6F>le orchidee
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_MATRICE",$_POST["matrice"]);
if ($_POST["action"] == 'updatePrefixCommande') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_PREFIX",$_POST["prefixcommande"]);
if ($_POST["action"] == 'setOffset') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_DELTA",$_POST["offset"]);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"]);
// defini les constantes du modele orchidee
if ($_POST["action"] == 'updateMatrice') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_MATRICE",$_POST["matrice"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'updatePrefixCommande') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_PREFIX",$_POST["prefixcommande"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setOffset') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_DELTA",$_POST["offset"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'setNumRestart') dolibarr_set_const($db, "COMMANDE_FOURNISSEUR_NUM_RESTART_BEGIN_YEAR",$_POST["numrestart"],'chaine',0,'',$conf->entity);
/*
@ -272,9 +276,12 @@ print_titre($langs->trans("OrdersModelModule"));
// Defini tableau def de modele
$type='supplier_order';
$def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -321,7 +328,7 @@ while (($file = readdir($handle))!==false)
print $module->description;
print "</td>\n";
// Activ<EFBFBD>
// Active
if (in_array($name, $def))
{
print "<td align=\"center\">\n";
@ -378,50 +385,5 @@ closedir($handle);
print '</table><br/>';
/* Obsolete. Les categories de fournisseurs sont gerees dans la table llx_categories
sur le meme principe que les categories clients et produits
print_titre($langs->trans("Categories"));
$sql = "SELECT rowid, label";
$sql.= " FROM ".MAIN_DB_PREFIX."fournisseur_categorie";
$sql.= " ORDER BY label ASC";
$resql = $db->query($sql);
if ($resql)
{
$num = $db->num_rows($resql);
$i = 0;
print '<form action="fournisseur.php" method="POST"><table class="liste" width="100%">';
print '<input type="hidden" name="action" value="addcat">';
print '<tr class="liste_titre"><td>';
print $langs->trans("Num").'</td><td>'.$langs->trans("Name");
print "</td></tr>\n";
$var=True;
print "<tr $bc[$var]><td>&nbsp;</td>";
print '<td><input type="text" name="cat">&nbsp;';
print '<input type="submit" value="'.$langs->trans("Add").'">';
print "</td></tr>\n";
while ($obj = $db->fetch_object($resql))
{
$var=!$var;
print "<tr $bc[$var]>\n";
print '<td width="10%">'.$obj->rowid.'</td>';
print '<td width="90%"><a href="liste.php?cat='.$obj->rowid.'">'.stripslashes($obj->label).'</a></td>';
print "</tr>\n";
}
print "</table></form>\n";
$db->free($resql);
}
else
{
dol_print_error($db);
}
*/
llxFooter('$Date$ - $Revision$');
?>

32
htdocs/admin/ihm.php
View File

@ -56,26 +56,26 @@ $searchformmodule=array('Module1Name','Module1Name',
if (isset($_POST["action"]) && $_POST["action"] == 'update')
{
dolibarr_set_const($db, "MAIN_LANG_DEFAULT", $_POST["main_lang_default"]);
dolibarr_set_const($db, "MAIN_MULTILANGS", $_POST["main_multilangs"]);
dolibarr_set_const($db, "MAIN_SIZE_LISTE_LIMIT", $_POST["main_size_liste_limit"]);
dolibarr_set_const($db, "MAIN_DISABLE_JAVASCRIPT", $_POST["main_disable_javascript"]);
dolibarr_set_const($db, "MAIN_CONFIRM_AJAX", $_POST["main_confirm_ajax"]);
dolibarr_set_const($db, "MAIN_POPUP_CALENDAR", $_POST["main_popup_calendar"]);
dolibarr_set_const($db, "MAIN_USE_PREVIEW_TABS", $_POST["main_use_preview_tabs"]);
dolibarr_set_const($db, "MAIN_LANG_DEFAULT", $_POST["main_lang_default"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MULTILANGS", $_POST["main_multilangs"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SIZE_LISTE_LIMIT", $_POST["main_size_liste_limit"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_DISABLE_JAVASCRIPT", $_POST["main_disable_javascript"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_CONFIRM_AJAX", $_POST["main_confirm_ajax"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_POPUP_CALENDAR", $_POST["main_popup_calendar"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_USE_PREVIEW_TABS", $_POST["main_use_preview_tabs"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SHOW_BUGTRACK_LINK", $_POST["main_show_bugtrack_link"]);
dolibarr_set_const($db, "MAIN_SHOW_WORKBOARD", $_POST["main_show_workboard"]);
dolibarr_set_const($db, "MAIN_SHOW_BUGTRACK_LINK", $_POST["main_show_bugtrack_link"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SHOW_WORKBOARD", $_POST["main_show_workboard"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_THEME", $_POST["main_theme"]);
dolibarr_set_const($db, "MAIN_THEME", $_POST["main_theme"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SEARCHFORM_CONTACT", $_POST["MAIN_SEARCHFORM_CONTACT"]);
dolibarr_set_const($db, "MAIN_SEARCHFORM_SOCIETE", $_POST["MAIN_SEARCHFORM_SOCIETE"]);
dolibarr_set_const($db, "MAIN_SEARCHFORM_PRODUITSERVICE",$_POST["MAIN_SEARCHFORM_PRODUITSERVICE"]);
dolibarr_set_const($db, "MAIN_SEARCHFORM_ADHERENT",$_POST["MAIN_SEARCHFORM_ADHERENT"]);
dolibarr_set_const($db, "MAIN_SEARCHFORM_CONTACT", $_POST["MAIN_SEARCHFORM_CONTACT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SEARCHFORM_SOCIETE", $_POST["MAIN_SEARCHFORM_SOCIETE"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SEARCHFORM_PRODUITSERVICE",$_POST["MAIN_SEARCHFORM_PRODUITSERVICE"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_SEARCHFORM_ADHERENT",$_POST["MAIN_SEARCHFORM_ADHERENT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr($_POST["main_motd"]));
dolibarr_set_const($db, "MAIN_HOME", dol_htmlcleanlastbr($_POST["main_home"]));
dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr($_POST["main_motd"]),'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_HOME", dol_htmlcleanlastbr($_POST["main_home"]),'chaine',0,'',$conf->entity);
$_SESSION["mainmenu"]=""; // Le gestionnaire de menu a pu changer

24
htdocs/admin/ldap.php
View File

@ -49,18 +49,18 @@ if ($_GET["action"] == 'setvalue' && $user->admin)
{
$error=0;
if (! dolibarr_set_const($db, 'LDAP_SERVER_TYPE',$_POST["type"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_PROTOCOLVERSION',$_POST["version"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_HOST',$_POST["host"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_HOST_SLAVE',$_POST["slave"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_PORT',$_POST["port"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_DN',$_POST["dn"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_ADMIN_DN',$_POST["admin"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_ADMIN_PASS',$_POST["pass"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS',$_POST["usetls"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE',$_POST["activecontact"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE',$_POST["activesynchro"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE',$_POST["activemembers"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_TYPE',$_POST["type"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_PROTOCOLVERSION',$_POST["version"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_HOST',$_POST["host"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_HOST_SLAVE',$_POST["slave"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_PORT',$_POST["port"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_DN',$_POST["dn"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_ADMIN_DN',$_POST["admin"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_ADMIN_PASS',$_POST["pass"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS',$_POST["usetls"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE',$_POST["activecontact"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE',$_POST["activesynchro"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE',$_POST["activemembers"],'chaine',0,'',$conf->entity)) $error++;
if ($error)
{

32
htdocs/admin/ldap_contacts.php
View File

@ -46,24 +46,24 @@ if (!$user->admin)
if ($_GET["action"] == 'setvalue' && $user->admin)
{
$error=0;
if (! dolibarr_set_const($db, 'LDAP_KEY_CONTACTS',$_POST["key"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_KEY_CONTACTS',$_POST["key"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_DN',$_POST["contactdn"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_OBJECT_CLASS',$_POST["objectclass"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_DN',$_POST["contactdn"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_OBJECT_CLASS',$_POST["objectclass"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COMPANY',$_POST["fieldcompany"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_HOMEPHONE',$_POST["fieldhomephone"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ADDRESS',$_POST["fieldaddress"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ZIP',$_POST["fieldzip"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_TOWN',$_POST["fieldtown"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COUNTRY',$_POST["fieldcountry"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COMPANY',$_POST["fieldcompany"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_HOMEPHONE',$_POST["fieldhomephone"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ADDRESS',$_POST["fieldaddress"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ZIP',$_POST["fieldzip"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_TOWN',$_POST["fieldtown"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COUNTRY',$_POST["fieldcountry"],'chaine',0,'',$conf->entity)) $error++;
if ($error)
{

12
htdocs/admin/ldap_groups.php
View File

@ -47,14 +47,14 @@ if (!$user->admin)
if ($_GET["action"] == 'setvalue' && $user->admin)
{
$error=0;
if (! dolibarr_set_const($db, 'LDAP_KEY_GROUPS',$_POST["key"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_KEY_GROUPS',$_POST["key"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_GROUP_DN',$_POST["group"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_GROUP_OBJECT_CLASS',$_POST["objectclass"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_GROUP_DN',$_POST["group"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_GROUP_OBJECT_CLASS',$_POST["objectclass"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"],'chaine',0,'',$conf->entity)) $error++;
if ($error)
{

54
htdocs/admin/ldap_members.php
View File

@ -47,37 +47,37 @@ if (!$user->admin)
if ($_GET["action"] == 'setvalue' && $user->admin)
{
$error=0;
if (! dolibarr_set_const($db, 'LDAP_KEY_MEMBERS',$_POST["key"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_KEY_MEMBERS',$_POST["key"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_DN',$_POST["user"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_OBJECT_CLASS',$_POST["objectclass"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_DN',$_POST["user"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_OBJECT_CLASS',$_POST["objectclass"],'chaine',0,'',$conf->entity)) $error++;
// Members
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN',$_POST["fieldlogin"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN_SAMBA',$_POST["fieldloginsamba"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD',$_POST["fieldpassword"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD_CRYPTED',$_POST["fieldpasswordcrypted"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE_PERSO',$_POST["fieldphoneperso"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ADDRESS',$_POST["fieldaddress"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ZIP',$_POST["fieldzip"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_TOWN',$_POST["fieldtown"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COUNTRY',$_POST["fieldcountry"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_BIRTHDATE',$_POST["fieldbirthdate"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_STATUS',$_POST["fieldstatus"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION', $_POST["fieldendlastsubscription"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN',$_POST["fieldlogin"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN_SAMBA',$_POST["fieldloginsamba"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD',$_POST["fieldpassword"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD_CRYPTED',$_POST["fieldpasswordcrypted"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE_PERSO',$_POST["fieldphoneperso"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ADDRESS',$_POST["fieldaddress"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_ZIP',$_POST["fieldzip"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_TOWN',$_POST["fieldtown"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_COUNTRY',$_POST["fieldcountry"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_BIRTHDATE',$_POST["fieldbirthdate"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_STATUS',$_POST["fieldstatus"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION', $_POST["fieldendlastsubscription"],'chaine',0,'',$conf->entity)) $error++;
// Subscriptions
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE', $_POST["fieldfirstsubscriptiondate"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT',$_POST["fieldfirstsubscriptionamount"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE', $_POST["fieldlastsubscriptiondate"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT', $_POST["fieldlastsubscriptionamount"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE', $_POST["fieldfirstsubscriptiondate"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT',$_POST["fieldfirstsubscriptionamount"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE', $_POST["fieldlastsubscriptiondate"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT', $_POST["fieldlastsubscriptionamount"],'chaine',0,'',$conf->entity)) $error++;
if ($error)
{

34
htdocs/admin/ldap_users.php
View File

@ -47,25 +47,25 @@ if (!$user->admin)
if ($_GET["action"] == 'setvalue' && $user->admin)
{
$error=0;
if (! dolibarr_set_const($db, 'LDAP_KEY_USERS',$_POST["key"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_KEY_USERS',$_POST["key"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_USER_DN',$_POST["user"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_USER_OBJECT_CLASS',$_POST["objectclass"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_USER_DN',$_POST["user"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_USER_OBJECT_CLASS',$_POST["objectclass"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FILTER_CONNECTION',$_POST["filterconnection"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN',$_POST["fieldlogin"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN_SAMBA',$_POST["fieldloginsamba"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD',$_POST["fieldpassword"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD_CRYPTED',$_POST["fieldpasswordcrypted"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_SID',$_POST["fieldsid"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FILTER_CONNECTION',$_POST["filterconnection"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FULLNAME',$_POST["fieldfullname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN',$_POST["fieldlogin"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_LOGIN_SAMBA',$_POST["fieldloginsamba"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD',$_POST["fieldpassword"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PASSWORD_CRYPTED',$_POST["fieldpasswordcrypted"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"],'chaine',0,'',$conf->entity)) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_SID',$_POST["fieldsid"],'chaine',0,'',$conf->entity)) $error++;
if ($error)
{

9
htdocs/admin/limits.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2007-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -44,10 +45,10 @@ if (isset($_POST["action"]) && $_POST["action"] == 'update')
}
else
{
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_UNIT", $_POST["MAIN_MAX_DECIMALS_UNIT"]);
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_TOT", $_POST["MAIN_MAX_DECIMALS_TOT"]);
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_SHOWN", $_POST["MAIN_MAX_DECIMALS_SHOWN"]);
dolibarr_set_const($db, "MAIN_DISABLE_PDF_COMPRESSION", $_POST["MAIN_DISABLE_PDF_COMPRESSION"]);
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_UNIT", $_POST["MAIN_MAX_DECIMALS_UNIT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_TOT", $_POST["MAIN_MAX_DECIMALS_TOT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAX_DECIMALS_SHOWN", $_POST["MAIN_MAX_DECIMALS_SHOWN"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_DISABLE_PDF_COMPRESSION", $_POST["MAIN_DISABLE_PDF_COMPRESSION"],'chaine',0,'',$conf->entity);
Header("Location: ".$_SERVER["PHP_SELF"]."?mainmenu=home&leftmenu=setup");
exit;

26
htdocs/admin/livraison.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -48,7 +48,7 @@ if ($_POST["action"] == 'updateMask')
{
$maskconstdelivery=$_POST['maskconstdelivery'];
$maskdelivery=$_POST['maskdelivery'];
if ($maskconstdelivery) dolibarr_set_const($db,$maskconstdelivery,$maskdelivery);
if ($maskconstdelivery) dolibarr_set_const($db,$maskconstdelivery,$maskdelivery,'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -90,7 +90,7 @@ if ($_GET["action"] == 'specimen')
if ($_GET["action"] == 'set')
{
$type='delivery';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
@ -101,7 +101,10 @@ if ($_GET["action"] == 'del')
{
$type='delivery';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
@ -112,7 +115,7 @@ if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "LIVRAISON_ADDON_PDF",$_GET["value"]))
if (dolibarr_set_const($db, "LIVRAISON_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->LIVRAISON_ADDON_PDF = $_GET["value"];
}
@ -120,9 +123,11 @@ if ($_GET["action"] == 'setdoc')
// On active le modele
$type='delivery';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
@ -136,7 +141,7 @@ if ($_GET["action"] == 'setdoc')
if ($_POST["action"] == 'set_DELIVERY_FREE_TEXT')
{
dolibarr_set_const($db, "DELIVERY_FREE_TEXT",trim($_POST["DELIVERY_FREE_TEXT"]));
dolibarr_set_const($db, "DELIVERY_FREE_TEXT",trim($_POST["DELIVERY_FREE_TEXT"]),'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'setmod')
@ -144,7 +149,7 @@ if ($_GET["action"] == 'setmod')
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "LIVRAISON_ADDON",$_GET["value"]);
dolibarr_set_const($db, "LIVRAISON_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
@ -282,9 +287,12 @@ print_titre($langs->trans("DeliveryOrderModel"));
// Defini tableau def de modele invoice
$type="delivery";
$def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{

2
htdocs/admin/mailing.php
View File

@ -36,7 +36,7 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
$result=dolibarr_set_const($db, "MAILING_EMAIL_FROM",$_POST["email_from"]);
$result=dolibarr_set_const($db, "MAILING_EMAIL_FROM",$_POST["email_from"],'chaine',0,'',$conf->entity);
if ($result >= 0)
{
$mesg='<div class="ok">'.$langs->trans("Success").'</div>';

14
htdocs/admin/mails.php
View File

@ -47,13 +47,13 @@ $substitutionarrayfortest=array(
if (isset($_POST["action"]) && $_POST["action"] == 'update')
{
dolibarr_set_const($db, "MAIN_DISABLE_ALL_MAILS", $_POST["MAIN_DISABLE_ALL_MAILS"]);
dolibarr_set_const($db, "MAIN_MAIL_SENDMODE", $_POST["MAIN_MAIL_SENDMODE"]);
dolibarr_set_const($db, "MAIN_MAIL_SMTP_PORT", $_POST["MAIN_MAIL_SMTP_PORT"]);
dolibarr_set_const($db, "MAIN_MAIL_SMTP_SERVER", $_POST["MAIN_MAIL_SMTP_SERVER"]);
dolibarr_set_const($db, "MAIN_MAIL_SMTPS_ID", $_POST["MAIN_MAIL_SMTPS_ID"]);
dolibarr_set_const($db, "MAIN_MAIL_SMTPS_PW", $_POST["MAIN_MAIL_SMTPS_PW"]);
dolibarr_set_const($db, "MAIN_MAIL_EMAIL_FROM", $_POST["MAIN_MAIL_EMAIL_FROM"]);
dolibarr_set_const($db, "MAIN_DISABLE_ALL_MAILS", $_POST["MAIN_DISABLE_ALL_MAILS"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_SENDMODE", $_POST["MAIN_MAIL_SENDMODE"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_SMTP_PORT", $_POST["MAIN_MAIL_SMTP_PORT"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_SMTP_SERVER", $_POST["MAIN_MAIL_SMTP_SERVER"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_SMTPS_ID", $_POST["MAIN_MAIL_SMTPS_ID"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_SMTPS_PW", $_POST["MAIN_MAIL_SMTPS_PW"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MAIL_EMAIL_FROM", $_POST["MAIN_MAIL_EMAIL_FROM"],'chaine',0,'',$conf->entity);
Header("Location: ".$_SERVER["PHP_SELF"]."?mainmenu=home&leftmenu=setup");
exit;

10
htdocs/admin/mantis.php
View File

@ -52,11 +52,11 @@ if ($actionsave)
$db->begin();
$i+=dolibarr_set_const($db,'PHPMANTIS_URL',trim($_POST["phpmantis_url"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPMANTIS_HOST',trim($_POST["phpmantis_host"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPMANTIS_DBNAME',trim($_POST["phpmantis_dbname"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPMANTIS_USER',trim($_POST["phpmantis_user"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPMANTIS_PASS',trim($_POST["phpmantis_pass"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPMANTIS_URL',trim($_POST["phpmantis_url"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPMANTIS_HOST',trim($_POST["phpmantis_host"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPMANTIS_DBNAME',trim($_POST["phpmantis_dbname"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPMANTIS_USER',trim($_POST["phpmantis_user"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPMANTIS_PASS',trim($_POST["phpmantis_pass"]),'chaine',0,'',$conf->entity);
if ($i >= 5)
{

8
htdocs/admin/menus.php
View File

@ -49,11 +49,11 @@ if (isset($_POST["action"]) && $_POST["action"] == 'update')
{
$_SESSION["mainmenu"]="home"; // Le gestionnaire de menu a pu changer
dolibarr_set_const($db, "MAIN_MENU_BARRETOP", $_POST["main_menu_barretop"]);
dolibarr_set_const($db, "MAIN_MENU_BARRELEFT", $_POST["main_menu_barreleft"]);
dolibarr_set_const($db, "MAIN_MENU_BARRETOP", $_POST["main_menu_barretop"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MENU_BARRELEFT", $_POST["main_menu_barreleft"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MENUFRONT_BARRETOP", $_POST["main_menufront_barretop"]);
dolibarr_set_const($db, "MAIN_MENUFRONT_BARRELEFT",$_POST["main_menufront_barreleft"]);
dolibarr_set_const($db, "MAIN_MENUFRONT_BARRETOP", $_POST["main_menufront_barretop"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "MAIN_MENUFRONT_BARRELEFT",$_POST["main_menufront_barreleft"],'chaine',0,'',$conf->entity);
// Define list of menu handlers to initialize
$listofmenuhandler=array();

50
htdocs/admin/menus/index.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2007 Patrick Raguin <patrick.raguin@gmail.com>
* Copyright (C) 2007-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -58,7 +59,8 @@ if ($_REQUEST["menu_handler"]) $menu_handler=$_REQUEST["menu_handler"];
if (isset($_GET["action"]) && ($_GET["action"] == 'up'))
{
$sql = "SELECT m.rowid, m.position FROM ".MAIN_DB_PREFIX."menu as m";
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET["menuId"];
$result = $db->query($sql);
@ -74,9 +76,12 @@ if (isset($_GET["action"]) && ($_GET["action"] == 'up'))
}
// Menu top
$sql = "SELECT m.rowid, m.position FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.position = ".($precedent['order'] - 1)." AND m.type = 'top'";
$sql.= " AND menu_handler='".$menu_handler_top."'";
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.position = ".($precedent['order'] - 1);
$sql.= " AND m.type = 'top'";
$sql.= " AND m.menu_handler='".$menu_handler_top."'";
$sql.= " AND m.entity = ".$conf->entity;
$result = $db->query($sql);
$num = $db->num_rows($result);
@ -103,7 +108,9 @@ if (isset($_GET["action"]) && ($_GET["action"] == 'up'))
if (isset($_GET["action"]) && $_GET["action"] == 'down')
{
$sql = "SELECT m.rowid, m.position FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".$_GET["menuId"];
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET["menuId"];
$result = $db->query($sql);
$num = $db->num_rows($result);
@ -119,7 +126,9 @@ if (isset($_GET["action"]) && $_GET["action"] == 'down')
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.position = ".($precedent['order'] + 1)." AND type='top'";
$sql.= " WHERE m.position = ".($precedent['order'] + 1);
$sql.= " AND m.type='top'";
$sql.= " AND m.entity = ".$conf->entity;
$result = $db->query($sql);
$num = $db->num_rows($result);
@ -133,9 +142,13 @@ if (isset($_GET["action"]) && $_GET["action"] == 'down')
$i++;
}
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m SET m.position = ".$suivant['order']." WHERE m.rowid = ".$precedent['rowid'].""; // Monte celui select
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m";
$sql.= " SET m.position = ".$suivant['order'];
$sql.= " WHERE m.rowid = ".$precedent['rowid'].""; // Monte celui select
$db->query($sql);
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m SET m.position = ".$precedent['order']." WHERE m.rowid = ".$suivant['rowid'].""; // Descend celui du dessus
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m";
$sql.= " SET m.position = ".$precedent['order'];
$sql.= " WHERE m.rowid = ".$suivant['rowid'].""; // Descend celui du dessus
$db->query($sql);
}
@ -143,16 +156,21 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == 'yes')
{
$db->begin();
$sql = "SELECT c.rowid, c.fk_constraint FROM ".MAIN_DB_PREFIX."menu_const as c WHERE c.fk_menu = ".$_GET['menuId'];
$sql = "SELECT c.rowid, c.fk_constraint";
$sql.= " FROM ".MAIN_DB_PREFIX."menu_const as c";
$sql.= " WHERE c.fk_menu = ".$_GET['menuId'];
$res = $db->query($sql);
if ($res)
{
while ($obj = $db->fetch_object ($res))
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu_const WHERE rowid = ".$obj->rowid;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu_const";
$sql.= " WHERE rowid = ".$obj->rowid;
$db->query($sql);
$sql = "SELECT count(rowid) as countId FROM ".MAIN_DB_PREFIX."menu_const WHERE fk_constraint = ".$obj->fk_constraint;
$sql = "SELECT count(rowid) as countId";
$sql.= " FROM ".MAIN_DB_PREFIX."menu_const";
$sql.= " WHERE fk_constraint = ".$obj->fk_constraint;
$result = $db->query($sql);
$objc = $db->fetch_object($result);
@ -164,7 +182,8 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == 'yes')
}
}
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".$_GET['menuId'];
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu";
$sql.= " WHERE rowid = ".$_GET['menuId'];
$resql=$db->query($sql);
if ($resql)
{
@ -217,7 +236,9 @@ dol_fiche_head($head, 'editor', $langs->trans("Menus"));
// Confirmation de la suppression menu
if ($_GET["action"] == 'delete')
{
$sql = "SELECT m.titre FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".$_GET['menuId'];
$sql = "SELECT m.titre";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET['menuId'];
$result = $db->query($sql);
$obj = $db->fetch_object($result);
@ -272,7 +293,8 @@ if ($conf->use_javascript_ajax)
$sql = "SELECT m.rowid, m.fk_menu, m.titre, m.langs";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE menu_handler='".$menu_handler."'";
$sql.= " WHERE menu_handler = '".$menu_handler."'";
$sql.= " AND entity = ".$conf->entity;
$sql.= " ORDER BY m.position, m.rowid";
$res = $db->query($sql);

2
htdocs/admin/notification.php
View File

@ -38,7 +38,7 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
$result=dolibarr_set_const($db, "NOTIFICATION_EMAIL_FROM",$_POST["email_from"]);
$result=dolibarr_set_const($db, "NOTIFICATION_EMAIL_FROM",$_POST["email_from"],'chaine',0,'',$conf->entity);
if ($result >= 0)
{
$mesg='<div class="ok">'.$langs->trans("Success").'</div>';

16
htdocs/admin/paybox.php
View File

@ -37,14 +37,14 @@ if (!$user->admin)
if ($_POST["action"] == 'setvalue' && $user->admin)
{
//$result=dolibarr_set_const($db, "PAYBOX_IBS_DEVISE",$_POST["PAYBOX_IBS_DEVISE"]);
$result=dolibarr_set_const($db, "PAYBOX_CSS_URL",$_POST["PAYBOX_CSS_URL"]);
$result=dolibarr_set_const($db, "PAYBOX_CREDITOR",$_POST["PAYBOX_CREDITOR"]);
$result=dolibarr_set_const($db, "PAYBOX_CGI_URL_V1",$_POST["PAYBOX_CGI_URL_V1"]);
$result=dolibarr_set_const($db, "PAYBOX_CGI_URL_V2",$_POST["PAYBOX_CGI_URL_V2"]);
$result=dolibarr_set_const($db, "PAYBOX_IBS_SITE",$_POST["PAYBOX_IBS_SITE"]);
$result=dolibarr_set_const($db, "PAYBOX_IBS_RANG",$_POST["PAYBOX_IBS_RANG"]);
$result=dolibarr_set_const($db, "PAYBOX_PBX_IDENTIFIANT",$_POST["PAYBOX_PBX_IDENTIFIANT"]);
//$result=dolibarr_set_const($db, "PAYBOX_IBS_DEVISE",$_POST["PAYBOX_IBS_DEVISE"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_CSS_URL",$_POST["PAYBOX_CSS_URL"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_CREDITOR",$_POST["PAYBOX_CREDITOR"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_CGI_URL_V1",$_POST["PAYBOX_CGI_URL_V1"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_CGI_URL_V2",$_POST["PAYBOX_CGI_URL_V2"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_IBS_SITE",$_POST["PAYBOX_IBS_SITE"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_IBS_RANG",$_POST["PAYBOX_IBS_RANG"],'chaine',0,'',$conf->entity);
$result=dolibarr_set_const($db, "PAYBOX_PBX_IDENTIFIANT",$_POST["PAYBOX_PBX_IDENTIFIANT"],'chaine',0,'',$conf->entity);
if ($result >= 0)
{

18
htdocs/admin/perms.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -37,13 +38,17 @@ if (!$user->admin)
if ($_GET["action"] == 'add')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=1 WHERE id =".$_GET["pid"];
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=1";
$sql.= " WHERE id = ".$_GET["pid"];
$sql.= " AND entity = ".$conf->entity;
$db->query($sql);
}
if ($_GET["action"] == 'remove')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=0 WHERE id =".$_GET["pid"];
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=0";
$sql.= " WHERE id = ".$_GET["pid"];
$sql.= " AND entity = ".$conf->entity;
$db->query($sql);
}
@ -101,10 +106,11 @@ $db->commit();
// Affiche lignes des permissions
$sql ="SELECT r.id, r.libelle, r.module, r.perms, r.subperms, r.bydefault";
$sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql.=" ORDER BY r.module, r.id";
$sql = "SELECT r.id, r.libelle, r.module, r.perms, r.subperms, r.bydefault";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql.= " AND entity = ".$conf->entity;
$sql.= " ORDER BY r.module, r.id";
$result = $db->query($sql);
if ($result)

24
htdocs/admin/phenix.php
View File

@ -47,19 +47,19 @@ if ($actionsave)
$db->begin();
$i+=dolibarr_set_const($db,'PHPPHENIX_URL',trim($_POST["phpphenix_url"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_HOST',trim($_POST["phpphenix_host"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_DBNAME',trim($_POST["phpphenix_dbname"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_USER',trim($_POST["phpphenix_user"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_PASS',trim($_POST["phpphenix_pass"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_COOKIE',trim($_POST["phpphenix_cookie"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_URL',trim($_POST["phpphenix_url"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_HOST',trim($_POST["phpphenix_host"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_DBNAME',trim($_POST["phpphenix_dbname"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_USER',trim($_POST["phpphenix_user"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_PASS',trim($_POST["phpphenix_pass"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_COOKIE',trim($_POST["phpphenix_cookie"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_SYNCRO',trim($_POST["phpphenix_syncro"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_COMPANYCREATE',trim($_POST["phpphenix_companycreate"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_PROPALSTATUS',trim($_POST["phpphenix_propalstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_CONTRACTSTATUS',trim($_POST["phpphenix_contractstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_BILLSTATUS',trim($_POST["phpphenix_billstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_MEMBERSTATUS',trim($_POST["phpphenix_memberstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPPHENIX_SYNCRO',trim($_POST["phpphenix_syncro"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_COMPANYCREATE',trim($_POST["phpphenix_companycreate"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_PROPALSTATUS',trim($_POST["phpphenix_propalstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_CONTRACTSTATUS',trim($_POST["phpphenix_contractstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_BILLSTATUS',trim($_POST["phpphenix_billstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPPHENIX_MEMBERSTATUS',trim($_POST["phpphenix_memberstatus"]),'chaine',0,'',$conf->entity);
if ($i >= 9)
{

36
htdocs/admin/produit.php
View File

@ -1,9 +1,9 @@
<?php
/* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2006-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2007 Auguria SARL <info@auguria.org>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2007 Auguria SARL <info@auguria.org>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -42,11 +42,11 @@ accessforbidden();
if ($_POST["action"] == 'nbprod')
{
dolibarr_set_const($db, "PRODUIT_LIMIT_SIZE", $_POST["value"]);
dolibarr_set_const($db, "PRODUIT_LIMIT_SIZE", $_POST["value"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'multiprix_num')
{
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", $_POST["value"]);
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", $_POST["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'multiprix')
{
@ -63,14 +63,14 @@ if ($_POST["action"] == 'multiprix')
exit;
}
}
dolibarr_set_const($db, "PRODUIT_MULTIPRICES", $_POST["activate_multiprix"]);
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", "6");
dolibarr_set_const($db, "PRODUIT_MULTIPRICES", $_POST["activate_multiprix"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", "6",'chaine',0,'',$conf->entity);
}
else
{
dol_syslog("Table definition for ".MAIN_DB_PREFIX."societe already ok");
dolibarr_set_const($db, "PRODUIT_MULTIPRICES", $_POST["activate_multiprix"]);
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", "6");
dolibarr_set_const($db, "PRODUIT_MULTIPRICES", $_POST["activate_multiprix"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "PRODUIT_MULTIPRICES_LIMIT", "6",'chaine',0,'',$conf->entity);
}
}
else if ($_POST["action"] == 'sousproduits')
@ -91,22 +91,22 @@ else if ($_POST["action"] == 'sousproduits')
}
else
{
dolibarr_set_const($db, "PRODUIT_SOUSPRODUITS", $_POST["activate_sousproduits"]);
dolibarr_set_const($db, "PRODUIT_SOUSPRODUITS", $_POST["activate_sousproduits"],'chaine',0,'',$conf->entity);
}
}
else
{
dol_syslog("Table definition already ok");
dolibarr_set_const($db, "PRODUIT_SOUSPRODUITS", $_POST["activate_sousproduits"]);
dolibarr_set_const($db, "PRODUIT_SOUSPRODUITS", $_POST["activate_sousproduits"],'chaine',0,'',$conf->entity);
}
}
else if ($_POST["action"] == 'viewProdDescInForm')
{
dolibarr_set_const($db, "PRODUIT_DESC_IN_FORM", $_POST["activate_viewProdDescInForm"]);
dolibarr_set_const($db, "PRODUIT_DESC_IN_FORM", $_POST["activate_viewProdDescInForm"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'confirmDeleteProdLineInForm')
{
dolibarr_set_const($db, "PRODUIT_CONFIRM_DELETE_LINE", $_POST["activate_confirmDeleteProdLineInForm"]);
dolibarr_set_const($db, "PRODUIT_CONFIRM_DELETE_LINE", $_POST["activate_confirmDeleteProdLineInForm"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'ProductCanvasAbility')
{
@ -114,11 +114,11 @@ else if ($_POST["action"] == 'ProductCanvasAbility')
if (! empty($dolibarr_smarty_compile)) create_exdir($dolibarr_smarty_compile);
if (! empty($dolibarr_smarty_cache)) create_exdir($dolibarr_smarty_cache);
dolibarr_set_const($db, "MAIN_NEED_SMARTY", $_POST["ProductCanvasAbility"]);
dolibarr_set_const($db, "MAIN_NEED_SMARTY", $_POST["ProductCanvasAbility"],'chaine',0,'',$conf->entity);
}
else if ($_POST["action"] == 'usesearchtoselectproduct')
{
dolibarr_set_const($db, "PRODUIT_USE_SEARCH_TO_SELECT", $_POST["activate_usesearchtoselectproduct"]);
dolibarr_set_const($db, "PRODUIT_USE_SEARCH_TO_SELECT", $_POST["activate_usesearchtoselectproduct"],'chaine',0,'',$conf->entity);
}
else if ($_GET["action"] == 'set')
{
@ -127,12 +127,12 @@ else if ($_GET["action"] == 'set')
if (! empty($dolibarr_smarty_cache)) create_exdir($dolibarr_smarty_cache);
$const = "PRODUIT_SPECIAL_".strtoupper($_GET["spe"]);
if ($_GET["value"]) dolibarr_set_const($db, $const, $_GET["value"]);
else dolibarr_del_const($db, $const);
if ($_GET["value"]) dolibarr_set_const($db, $const, $_GET["value"],'chaine',0,'',$conf->entity);
else dolibarr_del_const($db, $const,$conf->entity);
}
else if ($_POST["action"] == 'useecotaxe')
{
dolibarr_set_const($db, "PRODUIT_USE_ECOTAXE", $_POST["activate_useecotaxe"]);
dolibarr_set_const($db, "PRODUIT_USE_ECOTAXE", $_POST["activate_useecotaxe"],'chaine',0,'',$conf->entity);
}

138
htdocs/admin/propale.php
View File

@ -1,10 +1,10 @@
<?php
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -50,7 +50,7 @@ if ($_POST["action"] == 'updateMask')
{
$maskconstpropal=$_POST['maskconstpropal'];
$maskpropal=$_POST['maskpropal'];
if ($maskconstpropal) dolibarr_set_const($db,$maskconstpropal,$maskpropal);
if ($maskconstpropal) dolibarr_set_const($db,$maskconstpropal,$maskpropal,'chaine',0,'',$conf->entity);
}
if ($_GET["action"] == 'specimen')
@ -90,46 +90,32 @@ if ($_GET["action"] == 'specimen')
if ($_POST["action"] == 'set_PROPALE_DRAFT_WATERMARK')
{
dolibarr_set_const($db, "PROPALE_DRAFT_WATERMARK",trim($_POST["PROPALE_DRAFT_WATERMARK"]));
dolibarr_set_const($db, "PROPALE_DRAFT_WATERMARK",trim($_POST["PROPALE_DRAFT_WATERMARK"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'set_PROPALE_FREE_TEXT')
{
dolibarr_set_const($db, "PROPALE_FREE_TEXT",trim($_POST["PROPALE_FREE_TEXT"]));
dolibarr_set_const($db, "PROPALE_FREE_TEXT",trim($_POST["PROPALE_FREE_TEXT"]),'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setnbprod')
{
dolibarr_set_const($db, "PROPALE_NEW_FORM_NB_PRODUCT",$_POST["value"]);
dolibarr_set_const($db, "PROPALE_NEW_FORM_NB_PRODUCT",$_POST["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setdefaultduration')
{
dolibarr_set_const($db, "PROPALE_VALIDITY_DURATION",$_POST["value"]);
dolibarr_set_const($db, "PROPALE_VALIDITY_DURATION",$_POST["value"],'chaine',0,'',$conf->entity);
}
/*
if ($_POST["action"] == 'setadddeliveryaddress')
{
dolibarr_set_const($db, "PROPALE_ADD_DELIVERY_ADDRESS",$_POST["value"]);
}
*/
/*
if ($_POST["action"] == 'setuseoptionline')
{
dolibarr_set_const($db, "PROPALE_USE_OPTION_LINE",$_POST["value"]);
}
*/
if ($_POST["action"] == 'setclassifiedinvoiced')
{
dolibarr_set_const($db, "PROPALE_CLASSIFIED_INVOICED_WITH_ORDER",$_POST["value"]);
dolibarr_set_const($db, "PROPALE_CLASSIFIED_INVOICED_WITH_ORDER",$_POST["value"],'chaine',0,'',$conf->entity);
}
if ($_POST["action"] == 'setusecustomercontactasrecipient')
{
dolibarr_set_const($db, "PROPALE_USE_CUSTOMER_CONTACT_AS_RECIPIENT",$_POST["value"]);
dolibarr_set_const($db, "PROPALE_USE_CUSTOMER_CONTACT_AS_RECIPIENT",$_POST["value"],'chaine',0,'',$conf->entity);
}
@ -138,55 +124,60 @@ if ($_POST["action"] == 'setusecustomercontactasrecipient')
if ($_GET["action"] == 'set')
{
$type='propal';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type) VALUES ('".$_GET["value"]."','".$type."')";
if ($db->query($sql))
{
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
if ($db->query($sql))
{
}
}
}
if ($_GET["action"] == 'del')
{
$type='propal';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
if ($db->query($sql))
{
$type='propal';
$sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE nom = '".$_GET["value"];
$sql.= " AND type = '".$type."'";
$sql.= " AND entity = ".$conf->entity;
if ($db->query($sql))
{
}
}
}
if ($_GET["action"] == 'setdoc')
{
$db->begin();
if (dolibarr_set_const($db, "PROPALE_ADDON_PDF",$_GET["value"]))
{
$conf->global->PROPALE_ADDON_PDF = $_GET["value"];
}
// On active le modele
$type='propal';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del .= " WHERE nom = '".$_GET["value"]."' AND type = '".$type."'";
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type) VALUES ('".$_GET["value"]."','".$type."')";
$result2=$db->query($sql);
if ($result1 && $result2)
{
$db->commit();
}
else
{
$db->rollback();
}
if (dolibarr_set_const($db, "PROPALE_ADDON_PDF",$_GET["value"],'chaine',0,'',$conf->entity))
{
$conf->global->PROPALE_ADDON_PDF = $_GET["value"];
}
// On active le modele
$type='propal';
$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
$sql_del.= " WHERE nom = '".$_GET["value"];
$sql_del.= " AND type = '".$type."'";
$sql_del.= " AND entity = ".$conf->entity;
$result1=$db->query($sql_del);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
$result2=$db->query($sql);
if ($result1 && $result2)
{
$db->commit();
}
else
{
$db->rollback();
}
}
if ($_GET["action"] == 'setmod')
{
// \todo Verifier si module numerotation choisi peut etre activ<EFBFBD>
// \todo Verifier si module numerotation choisi peut etre active
// par appel methode canBeActivated
dolibarr_set_const($db, "PROPALE_ADDON",$_GET["value"]);
dolibarr_set_const($db, "PROPALE_ADDON",$_GET["value"],'chaine',0,'',$conf->entity);
}
@ -304,6 +295,7 @@ $def = array();
$sql = "SELECT nom";
$sql.= " FROM ".MAIN_DB_PREFIX."document_model";
$sql.= " WHERE type = 'propal'";
$sql.= " AND entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -443,18 +435,6 @@ print '<td align="right"><input type="submit" class="button" value="'.$langs->tr
print '</tr>';
print '</form>';
/*
$var=!$var;
print "<form method=\"post\" action=\"".$_SERVER["PHP_SELF"]."\">";
print "<input type=\"hidden\" name=\"action\" value=\"setadddeliveryaddress\">";
print "<tr ".$bc[$var].">";
print '<td>'.$langs->trans("AddDeliveryAddressAbility").'</td>';
print '<td width="60" align="center">'.$html->selectyesno('value',$conf->global->PROPALE_ADD_DELIVERY_ADDRESS,1).'</td>';
print '<td align="right"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></td>';
print '</tr>';
print '</form>';
*/
$var=! $var;
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
print '<input type="hidden" name="action" value="setusecustomercontactasrecipient">';
@ -467,20 +447,6 @@ print '<input type="submit" class="button" value="'.$langs->trans("Modify").'">'
print "</td></tr>\n";
print '</form>';
/*
$var=! $var;
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
print '<input type="hidden" name="action" value="setuseoptionline">';
print '<tr '.$bc[$var].'><td>';
print $langs->trans("UseOptionLineIfNoQuantity");
print '</td><td width="60" align="center">';
print $html->selectyesno("value",$conf->global->PROPALE_USE_OPTION_LINE,1);
print '</td><td align="right">';
print '<input type="submit" class="button" value="'.$langs->trans("Modify").'">';
print "</td></tr>\n";
print '</form>';
*/
if ($conf->commande->enabled)
{
$var=!$var;

16
htdocs/admin/security.php
View File

@ -45,7 +45,7 @@ $mesg = '';
*/
if ($_GET["action"] == 'setgeneraterule')
{
if (! dolibarr_set_const($db, 'USER_PASSWORD_GENERATED',$_GET["value"]))
if (! dolibarr_set_const($db, 'USER_PASSWORD_GENERATED',$_GET["value"],'chaine',0,'',$conf->entity))
{
dol_print_error($db);
}
@ -60,7 +60,7 @@ if ($_GET["action"] == 'activate_encrypt')
{
$db->begin();
dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1");
dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1",'chaine',0,'',$conf->entity);
$sql = "UPDATE ".MAIN_DB_PREFIX."user as u";
$sql.= " SET u.pass_crypted = MD5(u.pass), u.pass = NULL";
@ -87,7 +87,7 @@ else if ($_GET["action"] == 'disable_encrypt')
//Do not allow "disable encryption" as passwords cannot be decrypted
if ($allow_disable_encryption)
{
dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED");
dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED",$conf->entity);
}
Header("Location: security.php");
exit;
@ -114,7 +114,7 @@ else if ($_GET["action"] == 'disable_encryptdbpassconf')
if ($result > 0)
{
// database value not required
//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED");
//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity);
Header("Location: security.php");
exit;
}
@ -126,26 +126,26 @@ else if ($_GET["action"] == 'disable_encryptdbpassconf')
if ($_GET["action"] == 'activate_pdfsecurity')
{
dolibarr_set_const($db, "PDF_SECURITY_ENCRYPTION", "1");
dolibarr_set_const($db, "PDF_SECURITY_ENCRYPTION", "1",'chaine',0,'',$conf->entity);
Header("Location: security.php");
exit;
}
else if ($_GET["action"] == 'disable_pdfsecurity')
{
dolibarr_del_const($db, "PDF_SECURITY_ENCRYPTION");
dolibarr_del_const($db, "PDF_SECURITY_ENCRYPTION",$conf->entity);
Header("Location: security.php");
exit;
}
if ($_GET["action"] == 'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK')
{
dolibarr_set_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK", '1');
dolibarr_set_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK", '1','chaine',0,'',$conf->entity);
Header("Location: security.php");
exit;
}
else if ($_GET["action"] == 'disable_MAIN_SECURITY_DISABLEFORGETPASSLINK')
{
dolibarr_del_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK");
dolibarr_del_const($db, "MAIN_SECURITY_DISABLEFORGETPASSLINK",$conf->entity);
Header("Location: security.php");
exit;
}

14
htdocs/admin/security_other.php
View File

@ -38,7 +38,7 @@ if (!$user->admin) accessforbidden();
*/
if ($_GET["action"] == 'set_main_upload_doc')
{
if (! dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',$_POST["MAIN_UPLOAD_DOC"]))
if (! dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',$_POST["MAIN_UPLOAD_DOC"],'chaine',0,'',$conf->entity))
{
dol_print_error($db);
}
@ -51,40 +51,40 @@ if ($_GET["action"] == 'set_main_upload_doc')
if ($_GET["action"] == 'activate_captcha')
{
dolibarr_set_const($db, "MAIN_SECURITY_ENABLECAPTCHA", '1');
dolibarr_set_const($db, "MAIN_SECURITY_ENABLECAPTCHA", '1','chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
else if ($_GET["action"] == 'disable_captcha')
{
dolibarr_del_const($db, "MAIN_SECURITY_ENABLECAPTCHA");
dolibarr_del_const($db, "MAIN_SECURITY_ENABLECAPTCHA",$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_SESSION_TIMEOUT')
{
dolibarr_set_const($db, "MAIN_SESSION_TIMEOUT", $_POST["MAIN_SESSION_TIMEOUT"]);
dolibarr_set_const($db, "MAIN_SESSION_TIMEOUT", $_POST["MAIN_SESSION_TIMEOUT"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_UMASK')
{
dolibarr_set_const($db, "MAIN_UMASK", $_POST["MAIN_UMASK"]);
dolibarr_set_const($db, "MAIN_UMASK", $_POST["MAIN_UMASK"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'activate_avscan')
{
dolibarr_set_const($db, "MAIN_USE_AVSCAN", '1');
dolibarr_set_const($db, "MAIN_USE_AVSCAN", '1','chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
else if ($_GET["action"] == 'disable_avscan')
{
dolibarr_del_const($db, "MAIN_USE_AVSCAN");
dolibarr_del_const($db, "MAIN_USE_AVSCAN",$conf->entity);
Header("Location: security_other.php");
exit;
}

12
htdocs/admin/societe.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -40,7 +40,7 @@ accessforbidden();
*/
if ($_GET["action"] == 'setcodeclient')
{
if (dolibarr_set_const($db, "SOCIETE_CODECLIENT_ADDON",$_GET["value"]) > 0)
if (dolibarr_set_const($db, "SOCIETE_CODECLIENT_ADDON",$_GET["value"],'chaine',0,'',$conf->entity) > 0)
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
@ -53,7 +53,7 @@ if ($_GET["action"] == 'setcodeclient')
if ($_GET["action"] == 'setcodecompta')
{
if (dolibarr_set_const($db, "SOCIETE_CODECOMPTA_ADDON",$_GET["value"]) > 0)
if (dolibarr_set_const($db, "SOCIETE_CODECOMPTA_ADDON",$_GET["value"],'chaine',0,'',$conf->entity) > 0)
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
@ -66,7 +66,7 @@ if ($_GET["action"] == 'setcodecompta')
if ($_POST["action"] == 'usesearchtoselectcompany')
{
if (dolibarr_set_const($db, "COMPANY_USE_SEARCH_TO_SELECT", $_POST["activate_usesearchtoselectcompany"]))
if (dolibarr_set_const($db, "COMPANY_USE_SEARCH_TO_SELECT", $_POST["activate_usesearchtoselectcompany"],'chaine',0,'',$conf->entity))
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
@ -80,8 +80,8 @@ if ($_POST["action"] == 'usesearchtoselectcompany')
// define constants for tigre model
if ($_POST["action"] == 'updateMask')
{
dolibarr_set_const($db, "COMPANY_ELEPHANT_MASK_CUSTOMER",$_POST["maskcustomer"]);
dolibarr_set_const($db, "COMPANY_ELEPHANT_MASK_SUPPLIER",$_POST["masksupplier"]);
dolibarr_set_const($db, "COMPANY_ELEPHANT_MASK_CUSTOMER",$_POST["maskcustomer"],'chaine',0,'',$conf->entity);
dolibarr_set_const($db, "COMPANY_ELEPHANT_MASK_SUPPLIER",$_POST["masksupplier"],'chaine',0,'',$conf->entity);
}

31
htdocs/admin/stock.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2008 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -39,18 +40,18 @@ accessforbidden();
*/
if ($_POST["action"] == 'STOCK_USERSTOCK')
{
dolibarr_set_const($db, "STOCK_USERSTOCK", $_POST["STOCK_USERSTOCK"]);
dolibarr_set_const($db, "STOCK_USERSTOCK", $_POST["STOCK_USERSTOCK"],'chaine',0,'',$conf->entity);
//On desactive l'autocreation si l'option "stock personnel" est desactivee
if ($_POST["STOCK_USERSTOCK"] == 0)
{
dolibarr_set_const($db, "STOCK_USERSTOCK_AUTOCREATE", 0);
dolibarr_set_const($db, "STOCK_USERSTOCK_AUTOCREATE", 0,'chaine',0,'',$conf->entity);
}
Header("Location: stock.php");
exit;
}
elseif ($_POST["action"] == 'STOCK_USERSTOCK_AUTOCREATE')
{
dolibarr_set_const($db, "STOCK_USERSTOCK_AUTOCREATE", $_POST["STOCK_USERSTOCK_AUTOCREATE"]);
dolibarr_set_const($db, "STOCK_USERSTOCK_AUTOCREATE", $_POST["STOCK_USERSTOCK_AUTOCREATE"],'chaine',0,'',$conf->entity);
Header("Location: stock.php");
exit;
}
@ -61,12 +62,12 @@ if ($_POST["action"] == 'STOCK_CALCULATE_ON_BILL'
{
$count=0;
$db->begin();
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_BILL", '');
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_VALIDATE_ORDER", '');
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SHIPMENT", '');
if ($_POST["action"] == 'STOCK_CALCULATE_ON_BILL') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_BILL", $_POST["STOCK_CALCULATE_ON_BILL"]);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_VALIDATE_ORDER') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_VALIDATE_ORDER", $_POST["STOCK_CALCULATE_ON_VALIDATE_ORDER"]);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SHIPMENT') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SHIPMENT", $_POST["STOCK_CALCULATE_ON_SHIPMENT"]);
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_BILL", '','chaine',0,'',$conf->entity);
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_VALIDATE_ORDER", '','chaine',0,'',$conf->entity);
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SHIPMENT", '','chaine',0,'',$conf->entity);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_BILL') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_BILL", $_POST["STOCK_CALCULATE_ON_BILL"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_VALIDATE_ORDER') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_VALIDATE_ORDER", $_POST["STOCK_CALCULATE_ON_VALIDATE_ORDER"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SHIPMENT') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SHIPMENT", $_POST["STOCK_CALCULATE_ON_SHIPMENT"],'chaine',0,'',$conf->entity);
if ($count == 4)
{
$db->commit();
@ -85,10 +86,10 @@ if ($_POST["action"] == 'STOCK_CALCULATE_ON_SUPPLIER_BILL'
{
$count=0;
$db->begin();
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_BILL", '');
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER", '');
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SUPPLIER_BILL') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_BILL", $_POST["STOCK_CALCULATE_ON_SUPPLIER_BILL"]);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER", $_POST["STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER"]);
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_BILL", '','chaine',0,'',$conf->entity);
$count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER", '','chaine',0,'',$conf->entity);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SUPPLIER_BILL') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_BILL", $_POST["STOCK_CALCULATE_ON_SUPPLIER_BILL"],'chaine',0,'',$conf->entity);
if ($_POST["action"] == 'STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER') $count+=dolibarr_set_const($db, "STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER", $_POST["STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER"],'chaine',0,'',$conf->entity);
if ($count == 3)
{
$db->commit();

10
htdocs/admin/syslog.php
View File

@ -39,7 +39,7 @@ $langs->load("other");
*/
if (! empty($_POST["action"]) && $_POST["action"] == 'setlevel')
{
dolibarr_set_const($db,"SYSLOG_LEVEL",$_POST["level"]);
dolibarr_set_const($db,"SYSLOG_LEVEL",$_POST["level"],'chaine',0,'',$conf->entity);
dol_syslog("admin/syslog: level ".$_POST["level"]);
}
@ -53,8 +53,8 @@ if (! empty($_POST["action"]) && $_POST["action"] == 'set')
// Only LOG_USER supported on Windows
if (! empty($_SERVER["WINDIR"])) $_POST["facility"]='LOG_USER';
dolibarr_del_const($db,"SYSLOG_FILE");
dolibarr_set_const($db,"SYSLOG_FACILITY",$_POST["facility"]);
dolibarr_del_const($db,"SYSLOG_FILE",$conf->entity);
dolibarr_set_const($db,"SYSLOG_FACILITY",$_POST["facility"],'chaine',0,'',$conf->entity);
dol_syslog("admin/syslog: facility ".$_POST["facility"]);
}
else
@ -70,8 +70,8 @@ if (! empty($_POST["action"]) && $_POST["action"] == 'set')
if ($file)
{
fclose($file);
dolibarr_del_const($db,"SYSLOG_FACILITY");
dolibarr_set_const($db,"SYSLOG_FILE",$_POST["filename"]);
dolibarr_del_const($db,"SYSLOG_FACILITY",$conf->entity);
dolibarr_set_const($db,"SYSLOG_FILE",$_POST["filename"],'chaine',0,'',$conf->entity);
dol_syslog("admin/syslog: file ".$_POST["filename"]);
}
else

7
htdocs/admin/taxes.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -47,12 +48,12 @@ $tax_mode = defined('TAX_MODE')?TAX_MODE:0;
if ($_POST['action'] == 'settaxmode')
{
$tax_mode = $_POST['tax_mode'];
if (! dolibarr_set_const($db, 'TAX_MODE', $tax_mode)) { print $db->error(); }
if (! dolibarr_set_const($db, 'TAX_MODE', $tax_mode,'chaine',0,'',$conf->entity)) { print $db->error(); }
}
if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
{
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : ''));
if (! dolibarr_set_const($db, $_POST['constname'], $_POST['constvalue'], $typeconst[$_POST['consttype']], 0, isset($_POST['constnote']) ? $_POST['constnote'] : '',$conf->entity));
{
print $db->error();
}
@ -60,7 +61,7 @@ if ($_POST['action'] == 'update' || $_POST['action'] == 'add')
if ($_GET['action'] == 'delete')
{
if (! dolibarr_del_const($db, $_GET['constname']));
if (! dolibarr_del_const($db, $_GET['constname'],$conf->entity));
{
print $db->error();
}

2
htdocs/admin/tools/export.php
View File

@ -83,7 +83,7 @@ if ($what == 'mysql')
$mysqldump=$_POST["mysqldump"];
if ($mysqldump)
{
dolibarr_set_const($db, 'SYSTEMTOOLS_MYSQLDUMP', $mysqldump, $type='chaine');
dolibarr_set_const($db, 'SYSTEMTOOLS_MYSQLDUMP', $mysqldump,'chaine',0,'',$conf->entity);
}
create_exdir(DOL_DATA_ROOT.'/admin/temp');

6
htdocs/admin/tools/listevents.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -56,7 +57,8 @@ $pagenext = $page + 1;
// Purge audit events
if ($_POST['action'] == 'confirm_purge' && $_POST['confirm'] == 'yes' && $user->admin)
{
$sql="DELETE FROM ".MAIN_DB_PREFIX."events";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."events";
$sql.= " WHERE entity = ".$conf->entity;
$resql = $db->query($sql);
if (! $resql)
{
@ -82,7 +84,7 @@ $sql.= " e.fk_user, e.description,";
$sql.= " u.login";
$sql.= " FROM ".MAIN_DB_PREFIX."events as e";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid = e.fk_user";
$sql.= " WHERE 1=1";
$sql.= " WHERE e.entity = ".$conf->entity;
if ($_GET["search_code"]) { $usefilter++; $sql.=" AND e.type like '%".$_GET["search_code"]."%'"; }
if ($_GET["search_ip"]) { $usefilter++; $sql.=" AND e.ip like '%".$_GET["search_ip"]."%'"; }
if ($_GET["search_user"]) { $usefilter++; $sql.=" AND u.login like '%".$_GET["search_user"]."%'"; }

26
htdocs/admin/webcalendar.php
View File

@ -50,19 +50,19 @@ if ($actionsave)
$db->begin();
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_URL',trim($_POST["phpwebcalendar_url"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_HOST',trim($_POST["phpwebcalendar_host"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_DBNAME',trim($_POST["phpwebcalendar_dbname"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_USER',trim($_POST["phpwebcalendar_user"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PASS',trim($_POST["phpwebcalendar_pass"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PASSWORD_VCALEXPORT',trim($_POST["PHPWEBCALENDAR_PASSWORD_VCALEXPORT"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_URL',trim($_POST["phpwebcalendar_url"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_HOST',trim($_POST["phpwebcalendar_host"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_DBNAME',trim($_POST["phpwebcalendar_dbname"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_USER',trim($_POST["phpwebcalendar_user"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PASS',trim($_POST["phpwebcalendar_pass"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PASSWORD_VCALEXPORT',trim($_POST["PHPWEBCALENDAR_PASSWORD_VCALEXPORT"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_SYNCRO',trim($_POST["phpwebcalendar_syncro"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_COMPANYCREATE',trim($_POST["phpwebcalendar_companycreate"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PROPALSTATUS',trim($_POST["phpwebcalendar_propalstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_CONTRACTSTATUS',trim($_POST["phpwebcalendar_contractstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_BILLSTATUS',trim($_POST["phpwebcalendar_billstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_MEMBERSTATUS',trim($_POST["phpwebcalendar_memberstatus"]),'chaine',0);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_SYNCRO',trim($_POST["phpwebcalendar_syncro"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_COMPANYCREATE',trim($_POST["phpwebcalendar_companycreate"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_PROPALSTATUS',trim($_POST["phpwebcalendar_propalstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_CONTRACTSTATUS',trim($_POST["phpwebcalendar_contractstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_BILLSTATUS',trim($_POST["phpwebcalendar_billstatus"]),'chaine',0,'',$conf->entity);
$i+=dolibarr_set_const($db,'PHPWEBCALENDAR_MEMBERSTATUS',trim($_POST["phpwebcalendar_memberstatus"]),'chaine',0,'',$conf->entity);
if ($i >= 9)
{
@ -96,7 +96,7 @@ elseif ($actiontest)
if ($webcal->localdb->connected == 1 && $webcal->localdb->database_selected == 1)
{
// V<EFBFBD>rifie si bonne base
// Verifie si bonne base
$sql="SELECT cal_value FROM webcal_config WHERE cal_setting='application_name'";
$resql=$webcal->localdb->query($sql);
if ($resql) {

6
htdocs/ajaxbox.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
/* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2007-2009 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
@ -30,6 +30,10 @@ if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// Retrieve the entity in the cookie
$entityCookieName = "DOLENTITYID_dolibarr";
if (isset($_COOKIE[$entityCookieName])) $_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
require('master.inc.php');
require_once(DOL_DOCUMENT_ROOT."/boxes.php");

16
htdocs/boxes.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -69,6 +70,7 @@ class InfoBox
$sql.= " d.file, d.note";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as d";
$sql.= " WHERE b.box_id = d.rowid";
$sql.= " AND d.entity = ".$conf->entity;
$sql.= " AND b.position = ".$zone;
$sql.= " AND b.fk_user = ".$user->id;
$sql.= " ORDER BY b.box_order";
@ -116,6 +118,7 @@ class InfoBox
$sql.= " d.file, d.note";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as d";
$sql.= " WHERE b.box_id = d.rowid";
$sql.= " AND d.entity = ".$conf->entity;
$sql.= " AND b.position = ".$zone;
$sql.= " AND b.fk_user = 0";
$sql.= " ORDER BY b.box_order";
@ -170,6 +173,8 @@ class InfoBox
*/
function saveboxorder($zone,$boxorder,$userid=0)
{
global $conf;
require_once(DOL_DOCUMENT_ROOT."/lib/functions2.lib.php");
dol_syslog("InfoBoxes::saveboxorder zone=".$zone." user=".$userid);
@ -183,16 +188,19 @@ class InfoBox
// Sauve parametre indiquant que le user a une
$confuserzone='MAIN_BOXES_'.$zone;
$tab[$confuserzone]=1;
if (dol_set_user_param($this->db, $user, $tab) < 0)
if (dol_set_user_param($this->db, $conf, $user, $tab) < 0)
{
$this->error=$this->db->lasterror();
$this->db->rollback();
return -3;
}
$sql ="DELETE FROM ".MAIN_DB_PREFIX."boxes";
$sql.=" WHERE fk_user = ".$userid;
$sql.=" AND position = ".$zone;
$sql = "DELETE ".MAIN_DB_PREFIX."boxes";
$sql.= " FROM ".MAIN_DB_PREFIX."boxes, ".MAIN_DB_PREFIX."boxes_def";
$sql.= " WHERE ".MAIN_DB_PREFIX."boxes.box_id = ".MAIN_DB_PREFIX."boxes_def.rowid";
$sql.= " AND ".MAIN_DB_PREFIX."boxes_def.entity = ".$conf->entity;
$sql.= " AND ".MAIN_DB_PREFIX."boxes.fk_user = ".$userid;
$sql.= " AND ".MAIN_DB_PREFIX."boxes.position = ".$zone;
dol_syslog("InfoBox::saveboxorder sql=".$sql);
$result = $this->db->query($sql);

6
htdocs/categories/categorie.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2001-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2005 Brice Davoleau <brice.davoleau@gmail.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007 Patrick Raguin <patrick.raguin@gmail.com>
*
@ -34,6 +34,7 @@ $langs->load("categories");
$mesg=isset($_GET["mesg"])?'<div class="ok">'.$_GET["mesg"].'</div>':'';
$dbtablename = '';
if ($_REQUEST["socid"])
{
if ($_REQUEST["typeid"] == 1) { $type = 'fournisseur'; $socid = isset($_REQUEST["socid"])?$_REQUEST["socid"]:''; }
@ -43,11 +44,12 @@ if ($_REQUEST["socid"])
else if ($_REQUEST["id"] || $_REQUEST["ref"])
{
$type = 'produit';
$dbtablename = 'product';
}
// Security check
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, $type, $objectid);
$result = restrictedArea($user, $type, $objectid, $dbtablename);

7
htdocs/client.class.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -39,7 +40,7 @@ class Client extends Societe
/**
* \brief Constructeur de la classe
* \param DB handler accès base de données
* \param DB handler acces base de donnees
* \param id id societe (0 par defaut)
*/
function Client($DB, $id=0)
@ -100,7 +101,9 @@ class Client extends Societe
$clause = "AND";
}
$sql.= " ".$clause." s.client in (1,2)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " GROUP BY s.client";
$resql=$this->db->query($sql);
if ($resql)
{

24
htdocs/comm/action/listactions.php
View File

@ -109,9 +109,8 @@ $sql.= " ua.login as loginauthor, ua.rowid as useridauthor,";
$sql.= " ut.login as logintodo, ut.rowid as useridtodo,";
$sql.= " ud.login as logindone, ud.rowid as useriddone,";
$sql.= " sp.name, sp.firstname";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm as c,";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
$sql.= " ".MAIN_DB_PREFIX."actioncomm as a";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
@ -119,22 +118,11 @@ $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ua ON a.fk_user_author = ua.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ut ON a.fk_user_action = ut.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ud ON a.fk_user_done = ud.rowid";
$sql.= " WHERE c.id = a.fk_action";
if ($_GET["type"])
{
$sql .= " AND c.id = ".$_GET["type"];
}
if ($_REQUEST["time"] == "today")
{
$sql .= " AND date_format(a.datep, '%d%m%Y') = ".strftime("%d%m%Y",time());
}
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($_GET["type"]) $sql.= " AND c.id = ".$_GET["type"];
if ($_REQUEST["time"] == "today") $sql.= " AND date_format(a.datep, '%d%m%Y') = ".strftime("%d%m%Y",time());
if ($status == 'done') { $sql.= " AND a.percent = 100"; }
if ($status == 'todo') { $sql.= " AND a.percent < 100"; }
if ($filtera > 0 || $filtert > 0 || $filterd > 0)

28
htdocs/comm/clients.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2001-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -53,23 +54,24 @@ $search_code=isset($_GET["search_code"])?$_GET["search_code"]:$_POST["search_cod
llxHeader();
$sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm, s.code_client";
if (!$user->rights->societe->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.fk_stcomm = st.id AND s.client=1";
$sql = "SELECT s.rowid, s.nom, s.ville, st.libelle as stcomm, s.prefix_comm, s.code_client";
$sql.= ", ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND s.client=1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($socid) $sql .= " AND s.rowid = ".$socid;
if ($user->societe_id) $sql .= " AND s.rowid = " .$user->societe_id;
if (!$user->rights->societe->client->voir) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($search_nom) $sql .= " AND s.nom like '%".addslashes(strtolower($search_nom))."%'";
if ($search_ville) $sql .= " AND s.ville like '%".addslashes(strtolower($search_ville))."%'";
if ($search_code) $sql .= " AND s.code_client like '%".addslashes(strtolower($search_code))."%'";
if ($search_nom) $sql.= " AND s.nom like '%".addslashes(strtolower($search_nom))."%'";
if ($search_ville) $sql.= " AND s.ville like '%".addslashes(strtolower($search_ville))."%'";
if ($search_code) $sql.= " AND s.code_client like '%".addslashes(strtolower($search_code))."%'";
if ($socname)
{
$sql .= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
$sql.= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
$sortfield = "s.nom";
$sortorder = "ASC";
}

40
htdocs/comm/contact.php
View File

@ -74,56 +74,52 @@ if ($type == "f")
*/
$sql = "SELECT s.rowid, s.nom, st.libelle as stcomm";
$sql .= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,";
$sql.= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone";
$sql.= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
$sql .= " ".MAIN_DB_PREFIX."socpeople as p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc";
$sql .= " WHERE s.fk_stcomm = st.id";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($type == "c") $sql .= " AND s.client = 1";
if ($type == "p") $sql .= " AND s.client = 2";
if ($type == "f") $sql .= " AND s.fournisseur = 1";
$sql.= " ".MAIN_DB_PREFIX."socpeople as p";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND p.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($type == "c") $sql.= " AND s.client = 1";
if ($type == "p") $sql.= " AND s.client = 2";
if ($type == "f") $sql.= " AND s.fournisseur = 1";
if ($socid) $sql.= " AND s.rowid = ".$socid;
if (strlen($stcomm))
{
$sql .= " AND s.fk_stcomm=$stcomm";
$sql.= " AND s.fk_stcomm=$stcomm";
}
if (strlen($begin)) // filtre sur la premiere lettre du nom
{
$sql .= " AND upper(p.name) like '$begin%'";
$sql.= " AND upper(p.name) like '$begin%'";
}
if (trim($_GET["search_nom"]))
{
$sql .= " AND p.name like '%".trim($_GET["search_nom"])."%'";
$sql.= " AND p.name like '%".trim($_GET["search_nom"])."%'";
}
if (trim($_GET["search_prenom"]))
{
$sql .= " AND p.firstname like '%".trim($_GET["search_prenom"])."%'";
$sql.= " AND p.firstname like '%".trim($_GET["search_prenom"])."%'";
}
if (trim($_GET["search_societe"]))
{
$sql .= " AND s.nom like '%".trim($_GET["search_societe"])."%'";
$sql.= " AND s.nom like '%".trim($_GET["search_societe"])."%'";
}
if ($_GET["contactname"]) // acces a partir du module de recherche
{
$sql .= " AND ( p.name like '%".strtolower($_GET[contactname])."%' OR lower(p.firstname) like '%".strtolower($_GET[contactname])."%') ";
$sql.= " AND ( p.name like '%".strtolower($_GET[contactname])."%' OR lower(p.firstname) like '%".strtolower($_GET[contactname])."%') ";
$sortfield = "p.name";
$sortorder = "ASC";
}
if ($socid) {
$sql .= " AND s.rowid = ".$socid;
}
$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($limit+1, $offset);
$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit($limit+1, $offset);
$resql = $db->query($sql);
if ($resql)

4
htdocs/comm/fiche.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2008 Raphael Bertrand (Resultic) <raphael.bertrand@resultic.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -47,7 +47,7 @@ if (!empty($conf->global->MAIN_MODULE_CHRONODOCS)) $langs->load("chronodocs");
// Security check
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe',$socid,'');
$result = restrictedArea($user,'societe',$socid,'');
$sortorder=$_GET["sortorder"];
$sortfield=$_GET["sortfield"];

117
htdocs/comm/index.php
View File

@ -39,7 +39,7 @@ accessforbidden();
$langs->load("commercial");
$langs->load("orders");
// S<EFBFBD>curit<EFBFBD> acc<63>s clien
// Securite acces client
$socid='';
if ($_GET["socid"]) { $socid=$_GET["socid"]; }
if ($user->societe_id > 0)
@ -139,16 +139,15 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire)
if ($conf->propal->enabled && $user->rights->propale->lire)
{
$sql = "SELECT p.rowid, p.ref, p.total_ht, s.rowid as socid, s.nom, s.client";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.rowid";
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_statut = 0";
$sql.= " AND p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$resql=$db->query($sql);
if ($resql)
{
@ -204,15 +203,14 @@ if ($conf->commande->enabled && $user->rights->commande->lire)
{
$langs->load("orders");
$sql = "SELECT c.rowid, c.ref, c.total_ttc, s.rowid as socid, s.nom, s.client";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 0";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
$sql .= " AND c.fk_soc = ".$socid;
}
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND c.fk_statut = 0";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND c.fk_soc = ".$socid;
$resql = $db->query($sql);
if ($resql)
@ -268,18 +266,16 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
{
$sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.total_ht, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE p.fk_soc = s.rowid";
//$sql .= " AND p.fk_statut > 1";
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " ORDER BY p.datec DESC";
$sql .= $db->plimit($NBMAX, 0);
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
//$sql.= " AND p.fk_statut > 1";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY p.datec DESC";
$sql.= $db->plimit($NBMAX, 0);
if ( $db->query($sql) )
{
@ -338,18 +334,12 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
if ($user->rights->societe->lire)
{
$sql = "SELECT s.rowid,s.nom,s.client,s.tms";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client in (1,2)";
if ($socid)
{
$sql .= " AND s.rowid = $socid";
}
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client IN (1,2)";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = $socid";
$sql .= " ORDER BY s.tms DESC";
$sql .= $db->plimit($max, 0);
@ -419,20 +409,17 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire && 0) // \todo A REF
$langs->load("contracts");
$sql = "SELECT s.nom, s.rowid, c.statut, c.rowid as contratid, p.ref, c.mise_en_service as datemes, c.fin_validite as datefin, c.date_cloture as dateclo";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."product as p";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE c.fk_soc = s.rowid and c.fk_product = p.rowid";
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
$sql .= " ORDER BY c.tms DESC";
$sql .= $db->plimit(5, 0);
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."contrat as c";
$sql.= ", ".MAIN_DB_PREFIX."product as p";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.fk_product = p.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY c.tms DESC";
$sql.= $db->plimit(5, 0);
if ( $db->query($sql) )
{
@ -474,13 +461,15 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
$langs->load("propal");
$sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.total as total_ttc, p.total_ht, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE p.fk_soc = s.rowid AND p.fk_statut = 1";
if ($socid) $sql .= " AND s.rowid = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " ORDER BY p.rowid DESC";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.fk_statut = 1";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY p.rowid DESC";
$result=$db->query($sql);
if ($result)

29
htdocs/comm/propal.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -731,7 +731,7 @@ if ($_POST['action'] == 'updateligne' && $user->rights->propale->creer && $_POST
$vat_rate=$_POST['tva_tx'];
$vat_rate=eregi_replace('\*','',$vat_rate);
// On v<EFBFBD>rifie que le prix minimum est respect<63>
// On verifie que le prix minimum est respecte
$productid = $_POST['productid'] ;
if ($productid)
{
@ -1992,47 +1992,48 @@ else
if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'propaldet as pd ON p.rowid=pd.fk_propal';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON p.fk_user_author = u.rowid';
$sql.= ' WHERE p.fk_soc = s.rowid';
$sql.= ' AND s.entity = '.$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
if (!empty($_GET['search_ref']))
{
$sql .= " AND p.ref LIKE '%".addslashes($_GET['search_ref'])."%'";
$sql.= " AND p.ref LIKE '%".addslashes($_GET['search_ref'])."%'";
}
if (!empty($_GET['search_societe']))
{
$sql .= " AND s.nom LIKE '%".addslashes($_GET['search_societe'])."%'";
$sql.= " AND s.nom LIKE '%".addslashes($_GET['search_societe'])."%'";
}
if (!empty($_GET['search_montant_ht']))
{
$sql .= " AND p.total_ht='".addslashes($_GET['search_montant_ht'])."'";
$sql.= " AND p.total_ht='".addslashes($_GET['search_montant_ht'])."'";
}
if ($sall) $sql.= " AND (s.nom like '%".addslashes($sall)."%' OR p.note like '%".addslashes($sall)."%' OR pd.description like '%".addslashes($sall)."%')";
if ($socid) $sql .= ' AND s.rowid = '.$socid;
if ($socid) $sql.= ' AND s.rowid = '.$socid;
if ($viewstatut <> '')
{
$sql .= ' AND p.fk_statut in ('.$viewstatut.')';
$sql.= ' AND p.fk_statut in ('.$viewstatut.')';
}
if ($month > 0)
{
if ($year > 0)
$sql .= " AND date_format(p.datep, '%Y-%m') = '$year-$month'";
$sql.= " AND date_format(p.datep, '%Y-%m') = '$year-$month'";
else
$sql .= " AND date_format(p.datep, '%m') = '$month'";
$sql.= " AND date_format(p.datep, '%m') = '$month'";
}
if ($year > 0)
{
$sql .= " AND date_format(p.datep, '%Y') = $year";
$sql.= " AND date_format(p.datep, '%Y') = $year";
}
if (strlen($_POST['sf_ref']) > 0)
{
$sql .= " AND p.ref like '%".addslashes($_POST["sf_ref"]) . "%'";
$sql.= " AND p.ref like '%".addslashes($_POST["sf_ref"]) . "%'";
}
$sql .= ' ORDER BY '.$sortfield.' '.$sortorder.', p.ref DESC';
$sql .= $db->plimit($limit + 1,$offset);
$sql.= ' ORDER BY '.$sortfield.' '.$sortorder.', p.ref DESC';
$sql.= $db->plimit($limit + 1,$offset);
$result=$db->query($sql);
if ($result)

15
htdocs/comm/propal/apercu.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Éric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -29,9 +29,7 @@
require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT.'/propal.class.php');
require_once(DOL_DOCUMENT_ROOT."/lib/propal.lib.php");
if ($conf->projet->enabled) {
require_once(DOL_DOCUMENT_ROOT."/project.class.php");
}
if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/project.class.php");
$langs->load('propal');
$langs->load("bills");
@ -76,8 +74,10 @@ if ($_GET["propalid"] > 0)
*/
$sql = 'SELECT s.nom, s.rowid, p.price, p.fk_projet, p.remise, p.tva, p.total, p.ref, p.fk_statut, '.$db->pdate('p.datep').' as dp, p.note,';
$sql.= ' p.fk_user_author, p.fk_user_valid, p.fk_user_cloture, p.datec, p.date_valid, p.date_cloture';
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'propal as p';
$sql.= ' WHERE p.fk_soc = s.rowid AND p.rowid = '.$propal->id;
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql.= ', '.MAIN_DB_PREFIX.'propal as p';
$sql.= ' WHERE p.fk_soc = s.rowid'
$sql.= ' AND p.rowid = '.$propal->id;
$result = $db->query($sql);
@ -239,11 +239,8 @@ elseif (file_exists($fileimagebis))
}
}
print '</div>';
$db->close();
llxFooter('$Date$ - $Revision$');

105
htdocs/comm/propal/note.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -108,16 +108,16 @@ if ($_GET['propalid'])
{
$head = propal_prepare_head($propal);
dol_fiche_head($head, 'note', $langs->trans('Proposal'));
print '<table class="border" width="100%">';
print '<table class="border" width="100%">';
print '<tr><td width="25%">'.$langs->trans('Ref').'</td><td colspan="3">'.$propal->ref.'</td></tr>';
// Soci<63>t<EFBFBD>
print '<tr><td>'.$langs->trans('Company').'</td><td colspan="3">'.$societe->getNomUrl(1).'</td></tr>';
print '<tr><td width="25%">'.$langs->trans('Ref').'</td><td colspan="3">'.$propal->ref.'</td></tr>';
// Societe
print '<tr><td>'.$langs->trans('Company').'</td><td colspan="3">'.$societe->getNomUrl(1).'</td></tr>';
// Ligne info remises tiers
print '<tr><td>'.$langs->trans('Discounts').'</td><td colspan="3">';
print '<tr><td>'.$langs->trans('Discounts').'</td><td colspan="3">';
if ($societe->remise_client) print $langs->trans("CompanyHasRelativeDiscount",$societe->remise_client);
else print $langs->trans("CompanyHasNoRelativeDiscount");
$absolute_discount=$societe->getAvailableDiscounts();
@ -128,64 +128,64 @@ if ($_GET['propalid'])
print '</td></tr>';
// Date
print '<tr><td>'.$langs->trans('Date').'</td><td colspan="3">';
print dol_print_date($propal->date,'daytext');
print '</td>';
print '</tr>';
print '<tr><td>'.$langs->trans('Date').'</td><td colspan="3">';
print dol_print_date($propal->date,'daytext');
print '</td>';
print '</tr>';
// Date fin propal
print '<tr>';
print '<td>'.$langs->trans('DateEndPropal').'</td><td colspan="3">';
if ($propal->fin_validite)
{
print dol_print_date($propal->fin_validite,'daytext');
if ($propal->statut == 1 && $propal->fin_validite < ($now - $conf->propal->cloture->warning_delay)) print img_warning($langs->trans("Late"));
}
else
{
print $langs->trans("Unknown");
}
print '</td>';
print '</tr>';
// Date fin propal
print '<tr>';
print '<td>'.$langs->trans('DateEndPropal').'</td><td colspan="3">';
if ($propal->fin_validite)
{
print dol_print_date($propal->fin_validite,'daytext');
if ($propal->statut == 1 && $propal->fin_validite < ($now - $conf->propal->cloture->warning_delay)) print img_warning($langs->trans("Late"));
}
else
{
print $langs->trans("Unknown");
}
print '</td>';
print '</tr>';
// Note publique
print '<tr><td valign="top">'.$langs->trans("NotePublic").' :</td>';
print '<tr><td valign="top">'.$langs->trans("NotePublic").' :</td>';
print '<td valign="top" colspan="3">';
if ($_GET["action"] == 'edit')
{
print '<form method="post" action="note.php?propalid='.$propal->id.'">';
print '<input type="hidden" name="action" value="update_public">';
print '<textarea name="note_public" cols="80" rows="8">'.$propal->note_public."</textarea><br>";
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print '</form>';
}
else
{
print ($propal->note_public?nl2br($propal->note_public):"&nbsp;");
}
if ($_GET["action"] == 'edit')
{
print '<form method="post" action="note.php?propalid='.$propal->id.'">';
print '<input type="hidden" name="action" value="update_public">';
print '<textarea name="note_public" cols="80" rows="8">'.$propal->note_public."</textarea><br>";
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print '</form>';
}
else
{
print ($propal->note_public?nl2br($propal->note_public):"&nbsp;");
}
print "</td></tr>";
// Note priv<EFBFBD>e
// Note privee
if (! $user->societe_id)
{
print '<tr><td valign="top">'.$langs->trans("NotePrivate").' :</td>';
print '<tr><td valign="top">'.$langs->trans("NotePrivate").' :</td>';
print '<td valign="top" colspan="3">';
if ($_GET["action"] == 'edit')
{
print '<form method="post" action="note.php?propalid='.$propal->id.'">';
print '<input type="hidden" name="action" value="update">';
print '<textarea name="note" cols="80" rows="8">'.$propal->note."</textarea><br>";
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print '</form>';
}
if ($_GET["action"] == 'edit')
{
print '<form method="post" action="note.php?propalid='.$propal->id.'">';
print '<input type="hidden" name="action" value="update">';
print '<textarea name="note" cols="80" rows="8">'.$propal->note."</textarea><br>";
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print '</form>';
}
else
{
print ($propal->note?nl2br($propal->note):"&nbsp;");
print ($propal->note?nl2br($propal->note):"&nbsp;");
}
print "</td></tr>";
}
print "</table>";
print "</table>";
print '</div>';
@ -200,8 +200,9 @@ if ($_GET['propalid'])
}
print '</div>';
}
}
}
}
$db->close();
llxFooter('$Date$ - $Revision: 1.15 ');
?>

13
htdocs/comm/propal/stats/index.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -77,7 +78,7 @@ $px = new DolGraph();
$mesg = $px->isGraphKo();
if (! $mesg)
{
$px->SetData($data);
$px->SetData($data);
$px->SetPrecisionY(0);
$i=$startyear;
while ($i <= $endyear)
@ -85,11 +86,11 @@ if (! $mesg)
$legend[]=$i;
$i++;
}
$px->SetLegend($legend);
$px->SetMaxValue($px->GetCeilMaxValue());
$px->SetLegend($legend);
$px->SetMaxValue($px->GetCeilMaxValue());
$px->SetMinValue(min(0,$px->GetFloorMinValue()));
$px->SetWidth($WIDTH);
$px->SetHeight($HEIGHT);
$px->SetWidth($WIDTH);
$px->SetHeight($HEIGHT);
$px->SetYLabel($langs->trans("NbOfProposals"));
$px->SetShading(3);
$px->SetHorizTickIncrement(1);
@ -97,7 +98,7 @@ if (! $mesg)
$px->mode='depth';
$px->SetTitle($langs->trans("NumberOfProposalsByMonth"));
$px->draw($filenamenb);
$px->draw($filenamenb);
}
// Build graphic amount of object

42
htdocs/comm/propal/stats/propalestats.class.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2005 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2005 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -52,16 +53,20 @@ class PropaleStats extends Stats
*/
function PropaleStats($DB, $socid=0)
{
global $user;
global $user, $conf;
$this->db = $DB;
$object=new Propal($this->db);
$this->table_element=$object->table_element;
$this->from = MAIN_DB_PREFIX.$object->table_element." as p";
$this->from.= ", ".MAIN_DB_PREFIX."societe as s";
$this->field='total';
$this->socid = $socid;
$this->where.= " fk_statut > 0";
$this->where.= " AND p.fk_soc = s.rowid AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if($this->socid)
{
@ -79,12 +84,11 @@ class PropaleStats extends Stats
global $user;
$sql = "SELECT date_format(p.datep,'%m') as dm, count(*)";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as p";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE date_format(p.datep,'%Y') = ".$year;
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(p.datep,'%Y') = ".$year;
$sql.= " AND ".$this->where;
$sql .= " GROUP BY dm DESC";
$sql.= " GROUP BY dm DESC";
return $this->_getNbByMonth($year, $sql);
}
@ -98,9 +102,8 @@ class PropaleStats extends Stats
global $user;
$sql = "SELECT date_format(p.datep,'%Y') as dm, count(*)";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as p";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -115,9 +118,8 @@ class PropaleStats extends Stats
global $user;
$sql = "SELECT date_format(p.datep,'%m') as dm, sum(p.".$this->field.")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as p";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(p.datep,'%Y') = ".$year;
$sql.= " AND ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -133,9 +135,8 @@ class PropaleStats extends Stats
global $user;
$sql = "SELECT date_format(p.datep,'%m') as dm, avg(p.".$this->field.")";
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as p";
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(p.datep,'%Y') = ".$year;
$sql.= " AND ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -153,9 +154,8 @@ class PropaleStats extends Stats
global $user;
$sql = "SELECT date_format(p.datep,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as p";
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE ".$this->where;
$sql.= " GROUP BY year DESC";

36
htdocs/comm/prospect/index.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2006 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -70,12 +70,13 @@ if ($conf->propal->enabled)
$sql = "SELECT count(*) as cc, st.libelle, st.id";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st ";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st ";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.fk_stcomm = st.id AND s.client=2";
$sql.= " WHERE s.fk_stcomm = st.id AND s.client=2";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " GROUP BY st.id";
$sql .= " ORDER BY st.id";
$sql.= " GROUP BY st.id";
$sql.= " ORDER BY st.id";
$resql=$db->query($sql);
if ($resql)
@ -111,9 +112,10 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
{
$sql = "SELECT p.rowid, p.ref, p.price, s.nom";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s";
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE p.fk_statut = 0 and p.fk_soc = s.rowid";
$sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$resql=$db->query($sql);
@ -168,13 +170,14 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
{
$sql = "SELECT s.nom, s.rowid as socid, p.rowid as propalid, p.total as total_ttc, p.ref,".$db->pdate("p.datep")." as dp, c.label as statut, c.id as statutid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE p.fk_soc = s.rowid AND p.fk_statut = c.id AND p.fk_statut = 1";
$sql.= " WHERE p.fk_soc = s.rowid AND p.fk_statut = c.id AND p.fk_statut = 1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql .= " AND s.rowid = ".$socid;
$sql .= " ORDER BY p.rowid DESC";
$sql .= $db->plimit(5, 0);
$sql.= " ORDER BY p.rowid DESC";
$sql.= $db->plimit(5, 0);
$resql=$db->query($sql);
if ($resql)
@ -216,17 +219,18 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
}
/*
* Soci<EFBFBD>t<EFBFBD>s <EFBFBD> contacter
* Societes a contacter
*
*/
$sql = "SELECT s.nom, s.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.fk_stcomm = 1";
$sql.= " WHERE s.fk_stcomm = 1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " ORDER BY s.tms ASC";
$sql .= $db->plimit(15, 0);
$sql.= " ORDER BY s.tms ASC";
$sql.= $db->plimit(15, 0);
if ( $db->query($sql) )
{

29
htdocs/comm/prospect/prospects.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -165,25 +166,20 @@ if ($search_sale) $sql .= ", sc.fk_soc, sc.fk_user";
if ($search_categ) $sql .= ", cs.fk_categorie, cs.fk_societe";
$sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st";
// We'll need this table joined to the select in order to filter by sale
if ($search_sale) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if ($search_sale) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
// We'll need this table joined to the select in order to filter by categ
if ($search_categ) $sql .= ", ".MAIN_DB_PREFIX."categorie_societe as cs";
if ($search_categ) $sql.= ", ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d on (d.rowid = s.fk_departement)";
$sql.= " WHERE s.fk_stcomm = st.id AND s.client = 2";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND s.client = 2";
$sql.= " AND s.entity = ".$conf->entity;
if ($user->societe_id) $sql.= " AND s.rowid = " .$user->societe_id;
// Join for the needed table to filter by sale
if ($search_sale) $sql .= " AND s.rowid = sc.fk_soc";
if ($search_sale) $sql.= " AND s.rowid = sc.fk_soc";
// Join for the needed table to filter by categ
if ($search_categ) $sql .= " AND s.rowid = cs.fk_societe";
if (isset($stcomm) && $stcomm != '')
{
$sql .= " AND s.fk_stcomm=".$stcomm;
}
if ($user->societe_id)
{
$sql .= " AND s.rowid = " .$user->societe_id;
}
if ($search_categ) $sql.= " AND s.rowid = cs.fk_societe";
if (isset($stcomm) && $stcomm != '') $sql.= " AND s.fk_stcomm=".$stcomm;
if ($_GET["search_nom"]) $sql .= " AND s.nom like '%".addslashes(strtolower($_GET["search_nom"]))."%'";
if ($_GET["search_ville"]) $sql .= " AND s.ville like '%".addslashes(strtolower($_GET["search_ville"]))."%'";
@ -287,8 +283,9 @@ if ($resql)
print '<option value="">'.$langs->trans('All').'</option>';
$sql_usr = "SELECT u.rowid, u.name, u.firstname, u.login";
$sql_usr .= " FROM ".MAIN_DB_PREFIX."user as u";
$sql_usr .= " ORDER BY u.name ASC ";
$sql_usr.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql_usr.= " WHERE u.entity IN (0,".$conf->entity.")";
$sql_usr.= " ORDER BY u.name ASC ";
$resql_usr = $db->query($sql_usr);
if ($resql_usr)

33
htdocs/commande/apercu.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Éric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2006 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -31,9 +31,11 @@
require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT."/lib/order.lib.php");
require_once(DOL_DOCUMENT_ROOT.'/commande/commande.class.php');
if ($conf->propal->enabled) require_once(DOL_DOCUMENT_ROOT.'/propal.class.php');
if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/project.class.php");
if (!$user->rights->commande->lire)
accessforbidden();
if (!$user->rights->commande->lire) accessforbidden();
$langs->load('orders');
$langs->load('propal');
@ -41,24 +43,12 @@ $langs->load("bills");
$langs->load('compta');
$langs->load('sendings');
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
require_once(DOL_DOCUMENT_ROOT.'/commande/commande.class.php');
require_once(DOL_DOCUMENT_ROOT.'/propal.class.php');
if ($conf->projet->enabled)
{
require_once(DOL_DOCUMENT_ROOT."/project.class.php");
}
/*
* Sécurité accés client
*/
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
llxHeader();
@ -88,7 +78,8 @@ if ($_GET["id"] > 0) {
*/
$sql = 'SELECT s.nom, s.rowid, c.amount_ht, c.fk_projet, c.remise, c.tva, c.total_ttc, c.ref, c.fk_statut, '.$db->pdate('c.date_commande').' as dp, c.note,';
$sql.= ' c.fk_user_author, c.fk_user_valid, c.fk_user_cloture, c.date_creation, c.date_valid, c.date_cloture';
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande as c';
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql.= ', '.MAIN_DB_PREFIX.'commande as c';
$sql.= ' WHERE c.fk_soc = s.rowid';
$sql.= ' AND c.rowid = '.$commande->id;
if ($socid) $sql .= ' AND s.rowid = '.$socid;

24
htdocs/commande/commande.class.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2003-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -1858,18 +1858,22 @@ class Commande extends CommonObject
$now=gmmktime();
$this->nbtodo=$this->nbtodolate=0;
$clause = "WHERE";
$clause = " WHERE";
$sql = 'SELECT c.rowid, c.date_creation as datec';
$sql.= ' FROM '.MAIN_DB_PREFIX.'commande as c';
$sql = "SELECT c.rowid, c.date_creation as datec";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id)
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc";
$sql.= " WHERE sc.fk_user = " .$user->id;
$clause = "AND";
$clause = " AND";
}
$sql.= ' '.$clause.' (c.fk_statut BETWEEN 1 AND 2 or (c.fk_statut = 3 AND c.facture = 0))';
if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id;
$sql.= $clause." c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND (c.fk_statut BETWEEN 1 AND 2 or (c.fk_statut = 3 AND c.facture = 0))";
if ($user->societe_id) $sql.=" AND c.fk_soc = ".$user->societe_id;
$resql=$this->db->query($sql);
if ($resql)
{
@ -2154,15 +2158,19 @@ class Commande extends CommonObject
global $conf, $user;
$this->nb=array();
$clause = "WHERE";
$sql = "SELECT count(co.rowid) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as co";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$user->societe_id)
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
$sql.= " WHERE sc.fk_user = " .$user->id;
$clause = "AND";
}
$sql.= " ".$clause." s.entity = ".$conf->entity;
$resql=$this->db->query($sql);
if ($resql)
{

7
htdocs/commande/contact.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2005 Patrick Rouillon <patrick@rouillon.net>
* Copyright (C) 2005-2009 Destailleur Laurent <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -35,11 +36,11 @@ $langs->load("orders");
$langs->load("sendings");
$langs->load("companies");
$commandeid = isset($_GET["id"])?$_GET["id"]:'';
$comid = isset($_GET["id"])?$_GET["id"]:'';
// Security check
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'commande', $commandeid);
$result = restrictedArea($user, 'commande', $comid,'');
/*

15
htdocs/commande/document.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2003-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -31,8 +31,7 @@ require_once(DOL_DOCUMENT_ROOT.'/lib/order.lib.php');
require_once(DOL_DOCUMENT_ROOT."/lib/files.lib.php");
require_once(DOL_DOCUMENT_ROOT."/html.formfile.class.php");
if (!$user->rights->commande->lire)
accessforbidden();
if (!$user->rights->commande->lire) accessforbidden();
$langs->load('companies');
//$langs->load("bills");
@ -42,12 +41,10 @@ $id=empty($_GET['id']) ? 0 : intVal($_GET['id']);
$action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action'];
// Security check
if ($user->societe_id > 0)
{
unset($_GET["action"]);
$action='';
$socid = $user->societe_id;
}
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
// Get parameters
$page=$_GET["page"];

11
htdocs/commande/fiche.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2003-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -39,6 +39,8 @@ if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT.'/project.class.php')
if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT.'/lib/project.lib.php');
if ($conf->propal->enabled) require_once(DOL_DOCUMENT_ROOT.'/propal.class.php');
if (!$user->rights->commande->lire) accessforbidden();
$langs->load('orders');
$langs->load('sendings');
$langs->load('companies');
@ -47,14 +49,11 @@ $langs->load('propal');
$langs->load('deliveries');
$langs->load('products');
if (!$user->rights->commande->lire) accessforbidden();
// Security check
$socid=0;
$contratid = isset($_GET["id"])?$_GET["id"]:'';
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$contratid,'commande');
$result=restrictedArea($user,'commande',$comid,'');
$usehm=$conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE;

59
htdocs/commande/index.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -77,12 +78,14 @@ print "</form></table><br>\n";
* Commandes brouillons
*/
$sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 0";
if ($socid) $sql .= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " AND c.fk_statut = 0";
if ($socid) $sql.= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ( $db->query($sql) )
{
@ -113,13 +116,15 @@ if ( $db->query($sql) )
* Commandes à traiter
*/
$sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .=" FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 1";
if ($socid) $sql .= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " ORDER BY c.rowid DESC";
$sql.=" FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " AND c.fk_statut = 1";
if ($socid) $sql.= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " ORDER BY c.rowid DESC";
if ( $db->query($sql) )
{
@ -175,13 +180,15 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
* Commandes en cours
*/
$sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 2 ";
if ($socid) $sql .= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql .= " ORDER BY c.rowid DESC";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " AND c.fk_statut = 2 ";
if ($socid) $sql.= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " ORDER BY c.rowid DESC";
if ( $db->query($sql) )
{
@ -239,12 +246,14 @@ $max=5;
$sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom, s.rowid as socid,";
$sql.= " ".$db->pdate("date_cloture")." as datec";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid and c.fk_statut > 2";
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " AND c.fk_statut > 2";
if ($socid) $sql .= " AND c.fk_soc = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " ORDER BY c.tms DESC";
$sql.= $db->plimit($max, 0);

11
htdocs/commande/info.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2005-2006 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2006 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -29,11 +29,16 @@ require_once(DOL_DOCUMENT_ROOT."/lib/functions2.lib.php");
require_once(DOL_DOCUMENT_ROOT."/commande/commande.class.php");
require_once(DOL_DOCUMENT_ROOT."/lib/order.lib.php");
if (!$user->rights->commande->lire) accessforbidden();
$langs->load("orders");
$langs->load("sendings");
if (!$user->rights->commande->lire)
accessforbidden();
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
/*

49
htdocs/commande/liste.php
View File

@ -1,8 +1,8 @@
<?php
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -71,39 +71,34 @@ $offset = $limit * $_GET['page'] ;
$sql = 'SELECT s.nom, s.rowid as socid, c.rowid, c.ref, c.total_ht, c.ref_client,';
$sql.= ' '.$db->pdate('c.date_commande').' as date_commande, c.fk_statut, c.facture as facturee';
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande as c';
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql.= ', '.MAIN_DB_PREFIX.'commande as c';
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ' WHERE c.fk_soc = s.rowid';
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
$sql.= ' AND s.entity = '.$conf->entity;
if ($socid) $sql.= ' AND s.rowid = '.$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($sref)
{
$sql .= " AND c.ref like '%".addslashes($sref)."%'";
$sql.= " AND c.ref like '%".addslashes($sref)."%'";
}
if ($sall)
{
$sql .= " AND (c.ref like '%".addslashes($sall)."%' OR c.note like '%".addslashes($sall)."%')";
}
if ($socid)
{
$sql .= ' AND s.rowid = '.$socid;
$sql.= " AND (c.ref like '%".addslashes($sall)."%' OR c.note like '%".addslashes($sall)."%')";
}
if ($viewstatut <> '')
{
if ($viewstatut < 4 && $viewstatut > -2)
{
$sql .= ' AND c.fk_statut ='.$viewstatut; // brouillon, valid<EFBFBD>e, en cours, annul<75>e
$sql.= ' AND c.fk_statut ='.$viewstatut; // brouillon, validee, en cours, annulee
if ($viewstatut == 3)
{
$sql .= ' AND c.facture = 0'; // <EFBFBD> facturer
$sql.= ' AND c.facture = 0'; // a facturer
}
}
if ($viewstatut == 4)
{
$sql .= ' AND c.facture = 1'; // factur<75>e
$sql.= ' AND c.facture = 1'; // factur<75>e
}
if ($viewstatut == -2)
{
@ -112,27 +107,27 @@ if ($viewstatut <> '')
}
if ($_GET['month'] > 0)
{
$sql .= " AND date_format(c.date_commande, '%Y-%m') = '$year-$month'";
$sql.= " AND date_format(c.date_commande, '%Y-%m') = '$year-$month'";
}
if ($_GET['year'] > 0)
{
$sql .= " AND date_format(c.date_commande, '%Y') = $year";
$sql.= " AND date_format(c.date_commande, '%Y') = $year";
}
if (strlen($_POST['sf_ref']) > 0)
{
$sql .= " AND c.ref like '%".addslashes($_POST['sf_ref']) . "%'";
$sql.= " AND c.ref like '%".addslashes($_POST['sf_ref']) . "%'";
}
if (!empty($snom))
{
$sql .= ' AND s.nom like \'%'.addslashes($snom).'%\'';
$sql.= ' AND s.nom like \'%'.addslashes($snom).'%\'';
}
if (!empty($sref_client))
{
$sql .= ' AND c.ref_client like \'%'.addslashes($sref_client).'%\'';
$sql.= ' AND c.ref_client like \'%'.addslashes($sref_client).'%\'';
}
$sql .= ' ORDER BY '.$sortfield.' '.$sortorder;
$sql .= $db->plimit($limit + 1,$offset);
$sql.= ' ORDER BY '.$sortfield.' '.$sortorder;
$sql.= $db->plimit($limit + 1,$offset);
$resql = $db->query($sql);

16
htdocs/commande/note.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -30,19 +30,17 @@ require_once(DOL_DOCUMENT_ROOT.'/lib/order.lib.php');
$socid=isset($_GET["socid"])?$_GET["socid"]:isset($_POST["socid"])?$_POST["socid"]:"";
if (!$user->rights->commande->lire)
accessforbidden();
if (!$user->rights->commande->lire) accessforbidden();
$langs->load("companies");
$langs->load("bills");
$langs->load("orders");
// Sécurité accés
if ($user->societe_id > 0)
{
unset($_GET["action"]);
$socid = $user->societe_id;
}
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
$id = $_GET['id'];

25
htdocs/commande/stats/commandestats.class.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2005 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2005 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -53,7 +54,7 @@ class CommandeStats extends Stats
*/
function CommandeStats($DB, $socid=0, $mode)
{
global $user;
global $user, $conf;
$this->db = $DB;
@ -62,17 +63,20 @@ class CommandeStats extends Stats
if ($mode == 'customer')
{
$object=new Commande($this->db);
$this->table_element=$object->table_element;
$this->from = MAIN_DB_PREFIX.$object->table_element." as c";
$this->from.= ", ".MAIN_DB_PREFIX."societe as s";
$this->field='total_ht';
$this->where.= " c.fk_statut > 0";
}
if ($mode == 'supplier')
{
$object=new CommandeFournisseur($this->db);
$this->table_element=$object->table_element;
$this->from = MAIN_DB_PREFIX.$object->table_element." as c";
$this->from.= ", ".MAIN_DB_PREFIX."societe as s";
$this->field='total_ht';
$this->where.= " c.fk_statut >= 3 AND c.date_commande IS NOT NULL";
}
$this->where.= " AND c.fk_soc = s.rowid AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$this->socid) $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if($this->socid)
@ -92,7 +96,7 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT date_format(c.date_commande,'%m') as dm, count(*) nb";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(c.date_commande,'%Y') = ".$year;
$sql.= " AND ".$this->where;
@ -111,7 +115,7 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT date_format(c.date_commande,'%Y') as dm, count(*), sum(c.".$this->field.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -129,7 +133,7 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT date_format(c.date_commande,'%m') as dm, sum(c.".$this->field.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(c.date_commande,'%Y') = ".$year;
$sql.= " AND ".$this->where;
@ -148,7 +152,7 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT date_format(c.date_commande,'%m') as dm, avg(c.".$this->field.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE date_format(c.date_commande,'%Y') = ".$year;
$sql.= " AND ".$this->where;
@ -167,8 +171,7 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT date_format(c.date_commande,'%Y') as year, count(*) as nb, sum(c.".$this->field.") as total, avg(".$this->field.") as avg";
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql.= " FROM ".$this->from;
if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE ".$this->where;
$sql.= " GROUP BY year DESC";

1
htdocs/commande/stats/month.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by

15
htdocs/commonobject.class.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2006-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -45,7 +46,7 @@ class CommonObject
dol_syslog("CommonObject::add_contact $fk_socpeople, $type_contact, $source");
// V<EFBFBD>rification parametres
// Verification parametres
if ($fk_socpeople <= 0)
{
$this->error=$langs->trans("ErrorWrongValueForParameter","1");
@ -162,8 +163,8 @@ class CommonObject
}
/**
* \brief R<EFBFBD>cup<EFBFBD>re les lignes de contact de l'objet
* \param statut Statut des lignes detail <EFBFBD> r<EFBFBD>cup<EFBFBD>rer
* \brief Recupere les lignes de contact de l'objet
* \param statut Statut des lignes detail a recuperer
* \param source Source du contact external (llx_socpeople) ou internal (llx_user)
* \return array Tableau des rowid des contacts
*/
@ -412,10 +413,11 @@ class CommonObject
$sql = "SELECT MAX(".$fieldid.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
if ($this->table_optional) $sql.= ", ".MAIN_DB_PREFIX.$this->table_optional;
$sql.= " WHERE ".$fieldid." < '".addslashes($this->ref)."'";
if (isset($filter)) $sql.=" AND ".$filter;
//print $sql;
//print $sql."<br>";
$result = $this->db->query($sql) ;
if (! $result)
{
@ -428,11 +430,12 @@ class CommonObject
$sql = "SELECT MIN(".$fieldid.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
if ($this->table_optional) $sql.= ", ".MAIN_DB_PREFIX.$this->table_optional;
$sql.= " WHERE ".$fieldid." > '".addslashes($this->ref)."'";
if (isset($filter)) $sql.=" AND ".$filter;
// Rem: Bug in some mysql version: SELECT rowid FROM llx_socpeople WHERE rowid > 1 when one row in database with rowid=1, returns 1 instead of null
//print $sql;
//print $sql."<br>";
$result = $this->db->query($sql) ;
if (! $result)
{
@ -447,7 +450,7 @@ class CommonObject
/**
* \brief On r<EFBFBD>cup<EFBFBD>re les id de liste_contact
* \brief On recupere les id de liste_contact
* \param source Source du contact external (llx_socpeople) ou internal (llx_user)
* \return array
*/

8
htdocs/compta/bank/account.class.php
View File

@ -3,6 +3,7 @@
* Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Christophe Combelles <ccomb@free.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -699,8 +700,11 @@ class Account extends CommonObject
$this->nbtodo=$this->nbtodolate=0;
$sql = "SELECT b.rowid, b.datev as datefin";
$sql.= " FROM ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba";
$sql.= " WHERE b.rappro=0 AND b.fk_account = ba.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
$sql.= ", ".MAIN_DB_PREFIX."bank_account as ba";
$sql.= " WHERE b.rappro=0";
$sql.= " AND b.fk_account = ba.rowid";
$sql.= " AND ba.entity = ".$conf->entity;
$sql.= " AND (ba.rappro = 1 AND ba.courant != 2)"; // Compte rapprochable
if ($filteraccountid) $sql.=" AND ba.rowid = ".$filteraccountid;

18
htdocs/compta/charges/index.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -28,8 +29,8 @@ require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT."/compta/tva/tva.class.php");
// Security check
if (!$user->admin && !$user->rights->tax->charges->lire)
accessforbidden();
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', '', '', 'charges');
$year=$_GET["year"];
$filtre=$_GET["filtre"];
@ -61,9 +62,11 @@ print "</tr>\n";
$sql = "SELECT c.id, c.libelle as lib, s.fk_type as type,";
$sql.=" count(s.rowid) as nb, sum(s.amount) as total, sum(pc.amount) as totalpaye";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c, ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementcharge as pc ON pc.fk_charge = s.rowid";
$sql.= " WHERE s.fk_type = c.id";
$sql.= " AND s.entity = ".$conf->entity;
if ($year > 0)
{
$sql .= " AND (";
@ -122,15 +125,16 @@ if (empty($_GET["mode"]) || $_GET["mode"] != 'sconly')
print_titre($langs->trans("VATPayments"));
$sql = "SELECT rowid, amount, label, ".$db->pdate("f.datev")." as dm";
$sql .= " FROM ".MAIN_DB_PREFIX."tva as f ";
$sql = "SELECT f.rowid, f.amount, f.label, ".$db->pdate("f.datev")." as dm";
$sql.= " FROM ".MAIN_DB_PREFIX."tva as f ";
$sql.= " WHERE f.entity = ".$conf->entity;
if ($year > 0)
{
// Si period renseigné on l'utilise comme critere de date, sinon on prend date échéance,
// ceci afin d'etre compatible avec les cas ou la période n'etait pas obligatoire
$sql .= " WHERE date_format(f.datev, '%Y') = ".$year;
$sql.= " AND date_format(f.datev, '%Y') = ".$year;
}
$sql .= " ORDER BY dm DESC";
$sql.= " ORDER BY dm DESC";
$result = $db->query($sql);
if ($result)

33
htdocs/compta/clients.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -73,7 +74,8 @@ if ($action == 'note')
if ($mode == 'search') {
if ($mode-search == 'soc') {
$sql = "SELECT s.rowid FROM ".MAIN_DB_PREFIX."societe as s ";
$sql .= " WHERE lower(s.nom) like '%".addslashes(strtolower($socname))."%'";
$sql.= " WHERE lower(s.nom) like '%".addslashes(strtolower($socname))."%'";
$sql.= " AND s.entity = ".$conf->entity;
}
if ( $db->query($sql) ) {
@ -93,51 +95,52 @@ if ($mode == 'search') {
*/
$sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea";
$sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta ";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.fk_stcomm = st.id AND s.client=1";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta ";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id AND s.client=1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (strlen($stcomm))
{
$sql .= " AND s.fk_stcomm=$stcomm";
$sql.= " AND s.fk_stcomm=$stcomm";
}
if ($socname)
{
$sql .= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
$sql.= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
$sortfield = "s.nom";
$sortorder = "ASC";
}
if ($_GET["search_nom"])
{
$sql .= " AND s.nom like '%".addslashes(strtolower($_GET["search_nom"]))."%'";
$sql.= " AND s.nom like '%".addslashes(strtolower($_GET["search_nom"]))."%'";
}
if ($_GET["search_compta"])
{
$sql .= " AND s.code_compta like '%".addslashes($_GET["search_compta"])."%'";
$sql.= " AND s.code_compta like '%".addslashes($_GET["search_compta"])."%'";
}
if ($_GET["search_code_client"])
{
$sql .= " AND s.code_client like '%".addslashes($_GET["search_code_client"])."%'";
$sql.= " AND s.code_client like '%".addslashes($_GET["search_code_client"])."%'";
}
if (strlen($begin))
{
$sql .= " AND s.nom like '".addslashes($begin)."'";
$sql.= " AND s.nom like '".addslashes($begin)."'";
}
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
$sql.= " AND s.rowid = ".$socid;
}
$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);
$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);
$result = $db->query($sql);
if ($result)

18
htdocs/compta/commande/fiche.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2003-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -32,20 +32,22 @@ require_once(DOL_DOCUMENT_ROOT."/lib/sendings.lib.php");
if ($conf->propal->enabled) require_once(DOL_DOCUMENT_ROOT."/propal.class.php");
if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/project.class.php");
if (! $user->rights->commande->lire) accessforbidden();
$langs->load("orders");
$langs->load("companies");
$langs->load("bills");
$langs->load('deliveries');
$langs->load('sendings');
if (! $user->rights->commande->lire) accessforbidden();
$id=empty($_GET['id']) ? 0 : intVal($_GET['id']);
$action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action'];
// Sécurité accès client
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
/*

50
htdocs/compta/commande/liste.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2006 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2006 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -31,7 +31,12 @@
require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT."/html.formfile.class.php");
if (!$user->rights->commande->lire) accessforbidden();
$langs->load('companies');
// Security check
$orderid = isset($_GET["orderid"])?$_GET["orderid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'commande',$orderid,'');
$begin=$_GET["begin"];
$sortorder=$_GET["sortorder"];
@ -42,20 +47,10 @@ if (! $sortorder) $sortorder="DESC";
$limit = $conf->liste_limit;
$offset = $limit * $_GET["page"] ;
// Security check
$orderid = isset($_GET["orderid"])?$_GET["orderid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'commande',$orderid,'');
$langs->load('companies');
$html = new Form($db);
$formfile = new FormFile($db);
/*
* View
*/
@ -67,37 +62,36 @@ llxHeader();
$sql = "SELECT s.nom, s.rowid as socid,";
$sql.= " c.rowid, c.ref, c.total_ht,".$db->pdate("c.date_commande")." as date_commande,";
$sql.= " c.fk_statut, c.facture";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE c.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."commande as c";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($_GET["month"] > 0)
{
$sql .= " AND date_format(c.date_commande, '%Y-%m') = '".$_GET["year"]."-".$_GET["month"]."'";
$sql.= " AND date_format(c.date_commande, '%Y-%m') = '".$_GET["year"]."-".$_GET["month"]."'";
}
if ($_GET["year"] > 0)
{
$sql .= " AND date_format(c.date_commande, '%Y') = '".$_GET["year"]."'";
$sql.= " AND date_format(c.date_commande, '%Y') = '".$_GET["year"]."'";
}
if (isset($_GET["status"]))
{
$sql .= " AND fk_statut = ".$_GET["status"];
$sql.= " AND fk_statut = ".$_GET["status"];
}
if (isset($_GET["afacturer"]) && $_GET['afacturer'] == 1)
{
$sql .= " AND fk_statut >=1 AND c.facture = 0";
$sql.= " AND fk_statut >=1 AND c.facture = 0";
}
if (strlen($_POST["sf_ref"]) > 0)
{
$sql .= " AND c.ref like '%".$_POST["sf_ref"] . "%'";
$sql.= " AND c.ref like '%".$_POST["sf_ref"] . "%'";
}
$sql .= " ORDER BY $sortfield $sortorder";
$sql .= $db->plimit($limit + 1,$offset);
$sql.= " ORDER BY $sortfield $sortorder";
$sql.= $db->plimit($limit + 1,$offset);
$resql = $db->query($sql);
if ($resql)

2
htdocs/compta/deplacement/fiche.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -31,7 +32,6 @@ $id=isset($_GET["id"])?$_GET["id"]:$_POST["id"];
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement', $id,'');
$mesg = '';

26
htdocs/compta/deplacement/index.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2006 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -33,6 +33,7 @@ $langs->load("users");
$langs->load("trips");
// Security check
$socid = $_GET["socid"]?$_GET["socid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement','','');
@ -54,28 +55,19 @@ $offset = $limit * $page ;
$pageprev = $page - 1;
$pagenext = $page + 1;
// Sécurité accés client
$socid = $_GET["socid"];
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
$sql = "SELECT s.nom, s.rowid as socid,"; // Ou
$sql.= " d.rowid, d.type, ".$db->pdate("d.dated")." as dd, d.km, "; // Comment
$sql.= " u.name, u.firstname"; // Qui
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u, ".MAIN_DB_PREFIX."deplacement as d";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql.= ", ".MAIN_DB_PREFIX."deplacement as d";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on d.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE d.fk_user = u.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
$sql .= " AND s.rowid = ".$socid;
}
$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit( $limit + 1 ,$offset);
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit( $limit + 1 ,$offset);
//print $sql;
$resql=$db->query($sql);

13
htdocs/compta/facture.php
View File

@ -56,7 +56,7 @@ $projetid=isset($_GET['projetid'])?$_GET['projetid']:0;
// Security check
$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid'];
$facid = isset($_GET["id"])?$_GET["id"]:'';
$facid = isset($_GET["facid"])?$_GET["facid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'facture', $facid,'');
@ -3638,18 +3638,15 @@ else
$sql.= ' f.paye as paye, f.fk_statut,';
$sql.= ' s.nom, s.rowid as socid';
if (! $sall) $sql.= ' ,sum(pf.amount) as am';
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user";
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ', '.MAIN_DB_PREFIX.'facture as f';
if (! $sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiement_facture as pf ON pf.fk_facture = f.rowid';
if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'facturedet as fd ON fd.fk_facture = f.rowid';
$sql.= ' WHERE f.fk_soc = s.rowid';
if (!$user->rights->societe->client->voir && !$socid) //restriction
{
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
}
if ($socid) $sql .= ' AND s.rowid = '.$socid;
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= ' AND s.rowid = '.$socid;
if ($_GET['filtre'])
{
$filtrearr = split(',', $_GET['filtre']);

17
htdocs/compta/facture/fiche-rec.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2002-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -32,8 +33,11 @@ require_once(DOL_DOCUMENT_ROOT."/product.class.php");
if (!$user->rights->facture->lire)
accessforbidden();
// Security check
$facid=isset($_GET["facid"])?$_GET["facid"]:$_POST["facid"];
$action=isset($_GET["action"])?$_GET["action"]:$_POST["action"];
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'facture', $facid,'facture_rec');
if ($page == -1)
{
@ -49,14 +53,6 @@ if ($sortfield == "")
$sortfield="f.datef";
// Sécurité accés client
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
/*
* Actions
*/
@ -165,7 +161,9 @@ if ($_GET["action"] == 'create')
print '<tr><td colspan="3">';
$sql = "SELECT l.fk_product, l.description, l.price, l.qty, l.rowid, l.tva_taux, l.remise_percent, l.subprice";
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as l WHERE l.fk_facture = $facture->id ORDER BY l.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."facturedet as l";
$sql.= " WHERE l.fk_facture = ".$facture->id;
$sql.= " ORDER BY l.rowid";
$result = $db->query($sql);
if ($result)
@ -409,6 +407,7 @@ else
$sql = "SELECT s.nom, s.rowid as socid, f.titre, f.total, f.rowid as facid";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_rec as f";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if ($socid)
$sql .= " AND s.rowid = ".$socid;

2
htdocs/compta/facture/impayees.php
View File

@ -2,6 +2,7 @@
/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -170,6 +171,7 @@ if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PRE
$sql.= ",".MAIN_DB_PREFIX."facture as f";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture ";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.type in (0,1) AND f.fk_statut = 1";
$sql.= " AND f.paye = 0";
if ($option == 'late')

18
htdocs/compta/facture/stats/facturestats.class.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (c) 2005-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -51,22 +52,25 @@ class FactureStats extends Stats
*/
function FactureStats($DB, $socid=0, $mode)
{
global $conf;
$this->db = $DB;
if ($mode == 'customer')
{
$object=new Facture($this->db);
$this->table_element=$object->table_element;
$this->from = MAIN_DB_PREFIX.$object->table_element." as p, ".MAIN_DB_PREFIX."societe as s";
$this->field='total';
}
if ($mode == 'supplier')
{
$object=new FactureFournisseur($this->db);
$this->table_element=$object->table_element;
$this->from = MAIN_DB_PREFIX.$object->table_element." as p, ".MAIN_DB_PREFIX."societe as s";
$this->field='total_ht';
}
$this->socid = $socid;
$this->where =" fk_statut > 0";
$this->where.= " AND p.fk_soc = s.rowid AND s.entity = ".$conf->entity;
if ($mode == 'customer') $this->where.=" AND (fk_statut != 3 OR close_code != 'replaced')"; // Exclude replaced invoices
if ($this->socid)
{
@ -83,7 +87,7 @@ class FactureStats extends Stats
function getNbByYear()
{
$sql = "SELECT YEAR(datef) as dm, count(*)";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " FROM ".$this->from;
$sql.= " GROUP BY dm DESC";
$sql.= " WHERE ".$this->where;
@ -99,7 +103,7 @@ class FactureStats extends Stats
function getNbByMonth($year)
{
$sql = "SELECT MONTH(datef) as dm, count(*)";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " FROM ".$this->from;
$sql.= " WHERE YEAR(datef) = ".$year;
$sql.= " AND ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -118,7 +122,7 @@ class FactureStats extends Stats
function getAmountByMonth($year)
{
$sql = "SELECT date_format(datef,'%m') as dm, sum(".$this->field.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " FROM ".$this->from;
$sql.= " WHERE date_format(datef,'%Y') = ".$year;
$sql.= " AND ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -136,7 +140,7 @@ class FactureStats extends Stats
function getAverageByMonth($year)
{
$sql = "SELECT date_format(datef,'%m') as dm, avg(".$this->field.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " FROM ".$this->from;
$sql.= " WHERE date_format(datef,'%Y') = ".$year;
$sql.= " AND ".$this->where;
$sql.= " GROUP BY dm DESC";
@ -151,7 +155,7 @@ class FactureStats extends Stats
function getAllByYear()
{
$sql = "SELECT date_format(datef,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql.= " FROM ".$this->from;
$sql.= " WHERE ".$this->where;
$sql.= " GROUP BY year DESC";

65
htdocs/compta/index.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2008 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -138,11 +138,12 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
{
$sql = "SELECT f.facnumber, f.rowid, f.total_ttc, f.type,";
$sql.= " s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
@ -211,11 +212,12 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
{
$sql = "SELECT f.facnumber, f.rowid, f.total_ttc, f.type,";
$sql.= " s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
@ -288,11 +290,11 @@ if ($conf->societe->enabled && $user->rights->societe->lire)
$max=3;
$sql = "SELECT s.nom, s.rowid, ".$db->pdate("s.datec")." as dc";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.client = 1";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client = 1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id > 0)
{
$sql .= " AND s.rowid = ".$user->societe_id;
@ -351,11 +353,11 @@ if ($conf->fournisseur->enabled && $user->rights->societe->lire)
$max=3;
$sql = "SELECT s.nom, s.rowid, ".$db->pdate("s.datec")." as dc";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql .= " WHERE s.fournisseur = 1";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id > 0)
{
$sql .= " AND s.rowid = ".$user->societe_id;
@ -487,14 +489,15 @@ if ($conf->facture->enabled && $conf->commande->enabled && $user->rights->comman
$sql = "SELECT sum(f.total) as tot_fht, sum(f.total_ttc) as tot_fttc,";
$sql.= " s.nom, s.rowid as socid,";
$sql.= " p.rowid, p.ref, p.facture, p.fk_statut, p.total_ht, p.total_ttc";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."societe AS s";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ", ".MAIN_DB_PREFIX."commande AS p";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."co_fa AS co_fa ON co_fa.fk_commande = p.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture AS f ON co_fa.fk_facture = f.rowid";
$sql.= " WHERE p.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid)
{
$sql.= " AND p.fk_soc = ".$socid;
@ -588,12 +591,13 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
$sql.= $db->pdate("f.date_lim_reglement")." as datelimite,";
$sql.= " sum(pf.amount) as am,";
$sql.= " s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = 1";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql .= " AND f.fk_soc = ".$socid;
$sql.= " GROUP BY f.rowid, f.facnumber, f.fk_statut, f.total, f.total_ttc, s.nom, s.rowid";
$sql.= " ORDER BY f.datef ASC, f.facnumber ASC";
@ -686,13 +690,14 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
$sql = "SELECT ff.rowid, ff.facnumber, ff.fk_statut, ff.fk_statut, ff.libelle, ff.total_ht, ff.total_ttc,";
$sql.= " sum(pf.amount) as am,";
$sql.= " s.nom, s.rowid as socid";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user ";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk_user ";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = ff.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND ff.paye=0 AND ff.fk_statut = 1";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql .= " AND ff.fk_soc = ".$socid;
$sql.= " GROUP BY ff.rowid, ff.facnumber, ff.fk_statut, ff.total, ff.total_ttc, s.nom, s.rowid";

8
htdocs/compta/paiement/cheque/remisecheque.class.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2007-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -379,9 +380,14 @@ class RemiseCheque extends CommonObject
$now=gmmktime();
$this->nbtodo=$this->nbtodolate=0;
$sql = "SELECT b.rowid, b.datev as datefin";
$sql.= " FROM ".MAIN_DB_PREFIX."bank as b";
$sql.= " WHERE b.fk_type = 'CHQ' AND b.fk_bordereau = 0";
$sql.= ", ".MAIN_DB_PREFIX."bank_account as ba";
$sql.= " WHERE b.fk_account = ba.rowid";
$sql.= " AND ba.entity = ".$conf->entity;
$sql.= " AND b.fk_type = 'CHQ'";
$sql.= " AND b.fk_bordereau = 0";
$sql.= " AND b.amount > 0";
$resql=$this->db->query($sql);

22
htdocs/compta/paiement/fiche.php
View File

@ -1,7 +1,8 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Ocebo <marc@ocebo.com>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -36,6 +37,13 @@ $langs->load('bills');
$langs->load('banks');
$langs->load('companies');
// Security check
$id=isset($_GET["id"])?$_GET["id"]:$_POST["id"];
$action=isset($_GET["action"])?$_GET["action"]:$_POST["action"];
if ($user->societe_id) $socid=$user->societe_id;
// TODO ajouter règle pour restreindre acces paiement
//$result = restrictedArea($user, 'facture', $id,'');
$mesg='';
@ -202,9 +210,11 @@ print '</table>';
*/
$allow_delete = 1 ;
$sql = 'SELECT f.rowid as facid, f.facnumber, f.type, f.total_ttc, f.paye, f.fk_statut, pf.amount, s.nom, s.rowid as socid';
$sql .= ' FROM '.MAIN_DB_PREFIX.'paiement_facture as pf,'.MAIN_DB_PREFIX.'facture as f,'.MAIN_DB_PREFIX.'societe as s';
$sql .= ' WHERE pf.fk_facture = f.rowid AND f.fk_soc = s.rowid';
$sql .= ' AND pf.fk_paiement = '.$paiement->id;
$sql.= ' FROM '.MAIN_DB_PREFIX.'paiement_facture as pf,'.MAIN_DB_PREFIX.'facture as f,'.MAIN_DB_PREFIX.'societe as s';
$sql.= ' WHERE pf.fk_facture = f.rowid';
$sql.= ' AND f.fk_soc = s.rowid';
$sql.= ' AND s.entity = '.$conf->entity;
$sql.= ' AND pf.fk_paiement = '.$paiement->id;
$resql=$db->query($sql);
if ($resql)
{

6
htdocs/compta/paiement/liste.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2001-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -74,6 +75,7 @@ if (!$user->rights->societe->client->voir && !$socid)
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
}
$sql.= " WHERE p.fk_paiement = c.id";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid)
{
$sql.= " AND sc.fk_user = " .$user->id;
@ -99,7 +101,9 @@ if ($_GET["orphelins"]) // Option for debugging purpose only
$sql.= " ".MAIN_DB_PREFIX."c_paiement as c";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid";
$sql.= " WHERE p.fk_paiement = c.id AND pf.rowid IS NULL";
$sql.= " WHERE p.fk_paiement = c.id";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND pf.rowid IS NULL";
}
$sql.= " ORDER BY ".$sortfield." ".$sortorder;
//$sql.= ", facnumber ASC";

Some files were not shown because too many files have changed in this diff Show More