lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

code syntax user directory

Browse Source
This commit is contained in:
Frédéric FRANCE 2021-02-26 13:18:40 +01:00
parent 0d7a2c1d81
commit b970f4eca6
No known key found for this signature in database
GPG Key ID: 06809324E4B2ABC1
25 changed files with 1866 additions and 1738 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
htdocs/user/admin/group_extrafields.php
View File

@ -38,13 +38,17 @@ $form = new Form($db);
// List of supported format
$tmptype2label = ExtraFields::$type2label;
$type2label = array('');
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
foreach ($tmptype2label as $key => $val) {
$type2label[$key] = $langs->transnoentitiesnoconv($val);
}
$action = GETPOST('action', 'aZ09');
$attrname = GETPOST('attrname', 'alpha');
$elementtype = 'usergroup'; //Must be the $table_element of the class that manage extrafield
if (!$user->admin) accessforbidden();
if (!$user->admin) {
accessforbidden();
}
/*
@ -79,8 +83,7 @@ print dol_get_fiche_end();
// Buttons
if ($action != 'create' && $action != 'edit')
{
if ($action != 'create' && $action != 'edit') {
print '<div class="tabsAction">';
print "<a class=\"butAction\" href=\"".$_SERVER["PHP_SELF"]."?action=create#newattrib\">".$langs->trans("NewAttribute")."</a>";
print "</div>";
@ -93,8 +96,7 @@ if ($action != 'create' && $action != 'edit')
/* */
/* ************************************************************************** */
if ($action == 'create')
{
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -106,8 +108,7 @@ if ($action == 'create')
/* Edition of an optional field */
/* */
/* ************************************************************************** */
if ($action == 'edit' && !empty($attrname))
{
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

17
htdocs/user/admin/user_extrafields.php
View File

@ -37,13 +37,17 @@ $form = new Form($db);
// List of supported format
$tmptype2label = ExtraFields::$type2label;
$type2label = array('');
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
foreach ($tmptype2label as $key => $val) {
$type2label[$key] = $langs->transnoentitiesnoconv($val);
}
$action = GETPOST('action', 'aZ09');
$attrname = GETPOST('attrname', 'alpha');
$elementtype = 'user'; //Must be the $table_element of the class that manage extrafield
if (!$user->admin) accessforbidden();
if (!$user->admin) {
accessforbidden();
}
/*
@ -78,8 +82,7 @@ print dol_get_fiche_end();
// Buttons
if ($action != 'create' && $action != 'edit')
{
if ($action != 'create' && $action != 'edit') {
print '<div class="tabsAction">';
print "<a class=\"butAction\" href=\"".$_SERVER["PHP_SELF"]."?action=create#newattrib\">".$langs->trans("NewAttribute")."</a>";
print "</div>";
@ -92,8 +95,7 @@ if ($action != 'create' && $action != 'edit')
/* */
/* ************************************************************************** */
if ($action == 'create')
{
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -105,8 +107,7 @@ if ($action == 'create')
/* Editing an optional field */
/* */
/* ************************************************************************** */
if ($action == 'edit' && !empty($attrname))
{
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

26
htdocs/user/agenda_extsites.php
View File

@ -41,7 +41,9 @@ $actiontest = GETPOST('test', 'alpha');
$actionsave = GETPOST('save', 'alpha');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'useragenda'; // To manage different context of search
if (empty($conf->global->AGENDA_EXT_NB)) $conf->global->AGENDA_EXT_NB = 5;
if (empty($conf->global->AGENDA_EXT_NB)) {
$conf->global->AGENDA_EXT_NB = 5;
}
$MAXAGENDA = $conf->global->AGENDA_EXT_NB;
// List of available colors
@ -55,14 +57,17 @@ $object->getrights();
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
// If user is not user that read and no permission to read other users, we stop
if (($object->id != $user->id) && (!$user->rights->user->user->lire))
accessforbidden();
if (($object->id != $user->id) && (!$user->rights->user->user->lire)) {
accessforbidden();
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('usercard', 'useragenda', 'globalcard'));
@ -73,7 +78,9 @@ $hookmanager->initHooks(array('usercard', 'useragenda', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($actionsave) {
@ -168,7 +175,11 @@ print '<span class="opacitymedium">'.$langs->trans("AgendaExtSitesDesc")."</span
print "<br>\n";
$selectedvalue = $conf->global->AGENDA_DISABLE_EXT;
if ($selectedvalue == 1) $selectedvalue = 0; else $selectedvalue = 1;
if ($selectedvalue == 1) {
$selectedvalue = 0;
} else {
$selectedvalue = 1;
}
print '<div class="div-table-responsive">';
@ -183,8 +194,7 @@ print '<td class="right">'.$langs->trans("Color").'</td>';
print "</tr>";
$i = 1;
while ($i <= $MAXAGENDA)
{
while ($i <= $MAXAGENDA) {
$key = $i;
$name = 'AGENDA_EXT_NAME_'.$id.'_'.$key;
$src = 'AGENDA_EXT_SRC_'.$id.'_'.$key;

221
htdocs/user/bank.php
View File

@ -32,9 +32,15 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/bank.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/user/class/userbankaccount.class.php';
if (!empty($conf->holiday->enabled)) require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php';
if (!empty($conf->expensereport->enabled)) require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
if (!empty($conf->salaries->enabled)) require_once DOL_DOCUMENT_ROOT.'/salaries/class/paymentsalary.class.php';
if (!empty($conf->holiday->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php';
}
if (!empty($conf->expensereport->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
}
if (!empty($conf->salaries->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/salaries/class/paymentsalary.class.php';
}
// Load translation files required by page
$langs->loadLangs(array('companies', 'commercial', 'banks', 'bills', 'trips', 'holiday', 'salaries'));
@ -47,35 +53,44 @@ $cancel = GETPOST('cancel', 'alpha');
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
// Ok if user->rights->salaries->read or user->rights->hrm->read
//$result = restrictedArea($user, 'salaries|hrm', $id, 'user&user', $feature2);
$ok = false;
if ($user->id == $id) $ok = true; // A user can always read its own card
if (!empty($user->rights->salaries->read)) $ok = true;
if (!empty($user->rights->hrm->read)) $ok = true;
if (!empty($user->rights->expensereport->lire) && ($user->id == $object->id || $user->rights->expensereport->readall)) $ok = true;
if (!$ok)
{
if ($user->id == $id) {
$ok = true; // A user can always read its own card
}
if (!empty($user->rights->salaries->read)) {
$ok = true;
}
if (!empty($user->rights->hrm->read)) {
$ok = true;
}
if (!empty($user->rights->expensereport->lire) && ($user->id == $object->id || $user->rights->expensereport->readall)) {
$ok = true;
}
if (!$ok) {
accessforbidden();
}
$object = new User($db);
if ($id > 0 || !empty($ref))
{
if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref, '', 1);
$object->getrights();
}
$account = new UserBankAccount($db);
if (!$bankid)
{
if (!$bankid) {
$account->fetch(0, '', $id);
} else {
$account->fetch($bankid);
}
if (empty($account->userid)) $account->userid = $object->id;
if (empty($account->userid)) {
$account->userid = $object->id;
}
$permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty($user->rights->hrm->employee->write) || !empty($user->rights->user->creer));
@ -84,8 +99,7 @@ $permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty(
* Actions
*/
if ($action == 'add' && !$cancel)
{
if ($action == 'add' && !$cancel) {
$account->userid = $object->id;
$account->bank = GETPOST('bank', 'alpha');
@ -103,8 +117,7 @@ if ($action == 'add' && !$cancel)
$result = $account->create($user);
if (!$result)
{
if (!$result) {
setEventMessages($account->error, $account->errors, 'errors');
$action = 'edit'; // Force chargement page edition
} else {
@ -113,52 +126,51 @@ if ($action == 'add' && !$cancel)
}
}
if ($action == 'update' && !$cancel)
{
if ($action == 'update' && !$cancel) {
$account->userid = $object->id;
/*
if ($action == 'update' && !$cancel)
{
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
if ($action == 'update' && !$cancel)
{
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
if ($canedituser) // Case we can edit all field
{
$error = 0;
if ($canedituser) // Case we can edit all field
{
$error = 0;
if (!$error)
{
$objectuser->fetch($id);
if (!$error)
{
$objectuser->fetch($id);
$objectuser->oldcopy = clone $objectuser;
$objectuser->oldcopy = clone $objectuser;
$db->begin();
$db->begin();
$objectuser->default_range = GETPOST('default_range');
$objectuser->default_c_exp_tax_cat = GETPOST('default_c_exp_tax_cat');
$objectuser->default_range = GETPOST('default_range');
$objectuser->default_c_exp_tax_cat = GETPOST('default_c_exp_tax_cat');
if (!$error) {
$ret = $objectuser->update($user);
if ($ret < 0) {
$error++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessages($langs->trans("ErrorLoginAlreadyExists", $objectuser->login), null, 'errors');
} else {
setEventMessages($objectuser->error, $objectuser->errors, 'errors');
}
}
}
if (!$error) {
$ret = $objectuser->update($user);
if ($ret < 0) {
$error++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessages($langs->trans("ErrorLoginAlreadyExists", $objectuser->login), null, 'errors');
} else {
setEventMessages($objectuser->error, $objectuser->errors, 'errors');
}
}
}
if (!$error && !count($objectuser->errors)) {
setEventMessages($langs->trans("UserModified"), null, 'mesgs');
$db->commit();
} else {
$db->rollback();
}
}
}
}*/
if (!$error && !count($objectuser->errors)) {
setEventMessages($langs->trans("UserModified"), null, 'mesgs');
$db->commit();
} else {
$db->rollback();
}
}
}
}*/
$account->bank = GETPOST('bank', 'alpha');
$account->label = GETPOST('label', 'alpha');
@ -188,28 +200,36 @@ if ($action == 'update' && !$cancel)
if ($action == 'setpersonal_email') {
$object->personal_email = (string) GETPOST('personal_email', 'alphanohtml');
$result = $object->update($user);
if ($result < 0) setEventMessages($object->error, $object->errors, 'errors');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
}
// update personal mobile
if ($action == 'setpersonal_mobile') {
$object->personal_mobile = (string) GETPOST('personal_mobile', 'alphanohtml');
$result = $object->update($user);
if ($result < 0) setEventMessages($object->error, $object->errors, 'errors');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
}
// update default_c_exp_tax_cat
if ($action == 'setdefault_c_exp_tax_cat') {
$object->default_c_exp_tax_cat = GETPOST('default_c_exp_tax_cat', 'int');
$result = $object->update($user);
if ($result < 0) setEventMessages($object->error, $object->errors, 'errors');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
}
// update default range
if ($action == 'setdefault_range') {
$object->default_range = GETPOST('default_range', 'int');
$result = $object->update($user);
if ($result < 0) setEventMessages($object->error, $object->errors, 'errors');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
}
@ -226,16 +246,14 @@ llxHeader(null, $langs->trans("BankAccounts"));
$head = user_prepare_head($object);
if ($id && $bankid && $action == 'edit' && $user->rights->user->user->creer)
{
if ($id && $bankid && $action == 'edit' && $user->rights->user->user->creer) {
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="post">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="update">';
print '<input type="hidden" name="id" value="'.GETPOST("id", 'int').'">';
print '<input type="hidden" name="bankid" value="'.$bankid.'">';
}
if ($id && $action == 'create' && $user->rights->user->user->creer)
{
if ($id && $action == 'create' && $user->rights->user->user->creer) {
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="post">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="add">';
@ -244,8 +262,7 @@ if ($id && $action == 'create' && $user->rights->user->user->creer)
// View
if ($action != 'edit' && $action != 'create') // If not bank account yet, $account may be empty
{
if ($action != 'edit' && $action != 'create') { // If not bank account yet, $account may be empty
$title = $langs->trans("User");
print dol_get_fiche_head($head, 'bank', $title, -1, 'user');
@ -283,8 +300,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
print '</td>';
print '</tr>';
if (!empty($conf->global->MAIN_USE_EXPENSE_IK))
{
if (!empty($conf->global->MAIN_USE_EXPENSE_IK)) {
print '<tr class="nowrap">';
print '<td>';
print $form->editfieldkey("DefaultCategoryCar", 'default_c_exp_tax_cat', $object->default_c_exp_tax_cat, $object, $user->rights->user->user->creer);
@ -338,8 +354,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
// Latest payments of salaries
if (!empty($conf->salaries->enabled) &&
$user->rights->salaries->read && (in_array($object->id, $childids) || $object->id == $user->id)
)
{
) {
$salary = new PaymentSalary($db);
$sql = "SELECT ps.rowid, ps.datesp, ps.dateep, ps.amount";
@ -349,20 +364,18 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
$sql .= " ORDER BY ps.datesp DESC";
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastSalaries", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/salaries/list.php?search_user='.$object->login.'">'.$langs->trans("AllSalaries").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
print '<td colspan="4"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastSalaries", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/salaries/list.php?search_user='.$object->login.'">'.$langs->trans("AllSalaries").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
$i = 0;
while ($i < $num && $i < $MAXLIST)
{
while ($i < $num && $i < $MAXLIST) {
$objp = $db->fetch_object($resql);
print '<tr class="oddeven">';
@ -381,7 +394,9 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
}
$db->free($resql);
if ($num <= 0) print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
if ($num <= 0) {
print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
}
print "</table>";
} else {
dol_print_error($db);
@ -393,8 +408,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
*/
if (!empty($conf->holiday->enabled) &&
($user->rights->holiday->readall || ($user->rights->holiday->read && $object->id == $user->id))
)
{
) {
$holiday = new Holiday($db);
$sql = "SELECT h.rowid, h.statut as status, h.fk_type, h.date_debut, h.date_fin, h.halfday";
@ -404,20 +418,18 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
$sql .= " ORDER BY h.date_debut DESC";
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table class="nobordernopadding centpercent"><tr><td>'.$langs->trans("LastHolidays", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/holiday/list.php?id='.$object->id.'">'.$langs->trans("AllHolidays").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
print '<td colspan="4"><table class="nobordernopadding centpercent"><tr><td>'.$langs->trans("LastHolidays", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/holiday/list.php?id='.$object->id.'">'.$langs->trans("AllHolidays").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
$i = 0;
while ($i < $num && $i < $MAXLIST)
{
while ($i < $num && $i < $MAXLIST) {
$objp = $db->fetch_object($resql);
$holiday->id = $objp->rowid;
@ -436,7 +448,9 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
}
$db->free($resql);
if ($num <= 0) print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
if ($num <= 0) {
print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
}
print "</table>";
} else {
dol_print_error($db);
@ -448,8 +462,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
*/
if (!empty($conf->expensereport->enabled) &&
($user->rights->expensereport->readall || ($user->rights->expensereport->lire && $object->id == $user->id))
)
{
) {
$exp = new ExpenseReport($db);
$sql = "SELECT e.rowid, e.ref, e.fk_statut as status, e.date_debut, e.total_ttc";
@ -459,20 +472,18 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
$sql .= " ORDER BY e.date_debut DESC";
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table class="nobordernopadding centpercent"><tr><td>'.$langs->trans("LastExpenseReports", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/expensereport/list.php?id='.$object->id.'">'.$langs->trans("AllExpenseReports").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
print '<td colspan="4"><table class="nobordernopadding centpercent"><tr><td>'.$langs->trans("LastExpenseReports", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/expensereport/list.php?id='.$object->id.'">'.$langs->trans("AllExpenseReports").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '</tr></table></td>';
print '</tr>';
$i = 0;
while ($i < $num && $i < $MAXLIST)
{
while ($i < $num && $i < $MAXLIST) {
$objp = $db->fetch_object($resql);
$exp->id = $objp->rowid;
@ -490,7 +501,9 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
}
$db->free($resql);
if ($num <= 0) print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
if ($num <= 0) {
print '<td colspan="4" class="opacitymedium">'.$langs->trans("None").'</a>';
}
print "</table>";
} else {
dol_print_error($db);
@ -589,8 +602,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
}
if ($account->id == 0)
{
if ($account->id == 0) {
$colspan = 6;
print '<tr><td colspan="'.$colspan.'" class="opacitymedium">'.$langs->trans("NoBANRecord").'</td></tr>';
}
@ -600,8 +612,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
}
// Edit
if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->user->creer)
{
if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->user->creer) {
$title = $langs->trans("User");
print dol_get_fiche_head($head, 'bank', $title, 0, 'user');
@ -679,9 +690,13 @@ if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->us
print '</div>';
}
if ($id && $action == 'edit' && $user->rights->user->user->creer) print '</form>';
if ($id && $action == 'edit' && $user->rights->user->user->creer) {
print '</form>';
}
if ($id && $action == 'create' && $user->rights->user->user->creer) print '</form>';
if ($id && $action == 'create' && $user->rights->user->user->creer) {
print '</form>';
}
// End of page
llxFooter();

846
htdocs/user/card.php
View File

File diff suppressed because it is too large Load Diff

40
htdocs/user/class/userbankaccount.class.php
View File

@ -96,10 +96,8 @@ class UserBankAccount extends Account
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rib (fk_user, datec)";
$sql .= " VALUES (".$this->userid.", '".$this->db->idate($now)."')";
$resql = $this->db->query($sql);
if ($resql)
{
if ($this->db->affected_rows($resql))
{
if ($resql) {
if ($this->db->affected_rows($resql)) {
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."user_rib");
return $this->update($user);
@ -121,8 +119,7 @@ class UserBankAccount extends Account
{
global $conf;
if (!$this->id)
{
if (!$this->id) {
$this->create();
}
@ -138,14 +135,15 @@ class UserBankAccount extends Account
$sql .= ",proprio = '".$this->db->escape($this->proprio)."'";
$sql .= ",owner_address = '".$this->db->escape($this->owner_address)."'";
if (trim($this->label) != '')
if (trim($this->label) != '') {
$sql .= ",label = '".$this->db->escape($this->label)."'";
else $sql .= ",label = NULL";
} else {
$sql .= ",label = NULL";
}
$sql .= " WHERE rowid = ".$this->id;
$result = $this->db->query($sql);
if ($result)
{
if ($result) {
return 1;
} else {
dol_print_error($this->db);
@ -163,20 +161,26 @@ class UserBankAccount extends Account
*/
public function fetch($id, $ref = '', $userid = 0)
{
if (empty($id) && empty($ref) && empty($userid)) return -1;
if (empty($id) && empty($ref) && empty($userid)) {
return -1;
}
$sql = "SELECT rowid, fk_user, entity, bank, number, code_banque, code_guichet, cle_rib, bic, iban_prefix as iban, domiciliation, proprio,";
$sql .= " owner_address, label, datec, tms as datem";
$sql .= " FROM ".MAIN_DB_PREFIX."user_rib";
if ($id) $sql .= " WHERE rowid = ".$id;
if ($ref) $sql .= " WHERE label = '".$this->db->escape($ref)."'";
if ($userid) $sql .= " WHERE fk_user = ".((int) $userid);
if ($id) {
$sql .= " WHERE rowid = ".$id;
}
if ($ref) {
$sql .= " WHERE label = '".$this->db->escape($ref)."'";
}
if ($userid) {
$sql .= " WHERE fk_user = ".((int) $userid);
}
$resql = $this->db->query($sql);
if ($resql)
{
if ($this->db->num_rows($resql))
{
if ($resql) {
if ($this->db->num_rows($resql)) {
$obj = $this->db->fetch_object($resql);
$this->id = $obj->rowid;

269
htdocs/user/class/usergroup.class.php
View File

@ -28,7 +28,9 @@
*/
require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php';
if (!empty($conf->ldap->enabled)) require_once DOL_DOCUMENT_ROOT."/core/class/ldap.class.php";
if (!empty($conf->ldap->enabled)) {
require_once DOL_DOCUMENT_ROOT."/core/class/ldap.class.php";
}
/**
@ -154,8 +156,7 @@ class UserGroup extends CommonObject
global $conf;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
if (!empty($groupname))
{
if (!empty($groupname)) {
$result = $this->fetchCommon(0, '', ' AND nom = \''.$this->db->escape($groupname).'\'');
} else {
$result = $this->fetchCommon($id);
@ -163,10 +164,8 @@ class UserGroup extends CommonObject
$this->name = $this->nom; // For compatibility with field name
if ($result)
{
if ($load_members)
{
if ($result) {
if ($load_members) {
$this->members = $this->listUsersForGroup();
}
@ -196,8 +195,7 @@ class UserGroup extends CommonObject
$sql .= " ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql .= " WHERE ug.fk_usergroup = g.rowid";
$sql .= " AND ug.fk_user = ".$userid;
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity)
{
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity) {
$sql .= " AND g.entity IS NOT NULL";
} else {
$sql .= " AND g.entity IN (0,".$conf->entity.")";
@ -206,12 +204,9 @@ class UserGroup extends CommonObject
dol_syslog(get_class($this)."::listGroupsForUser", LOG_DEBUG);
$result = $this->db->query($sql);
if ($result)
{
while ($obj = $this->db->fetch_object($result))
{
if (!array_key_exists($obj->rowid, $ret))
{
if ($result) {
while ($obj = $this->db->fetch_object($result)) {
if (!array_key_exists($obj->rowid, $ret)) {
$newgroup = new UserGroup($this->db);
$newgroup->fetch($obj->rowid, '', $load_members);
$ret[$obj->rowid] = $newgroup;
@ -243,37 +238,43 @@ class UserGroup extends CommonObject
$ret = array();
$sql = "SELECT u.rowid";
if (!empty($this->id)) $sql .= ", ug.entity as usergroup_entity";
if (!empty($this->id)) {
$sql .= ", ug.entity as usergroup_entity";
}
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
if (!empty($this->id)) $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
if (!empty($this->id)) {
$sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
}
$sql .= " WHERE 1 = 1";
if (!empty($this->id)) $sql .= " AND ug.fk_user = u.rowid";
if (!empty($this->id)) $sql .= " AND ug.fk_usergroup = ".$this->id;
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity)
{
if (!empty($this->id)) {
$sql .= " AND ug.fk_user = u.rowid";
}
if (!empty($this->id)) {
$sql .= " AND ug.fk_usergroup = ".$this->id;
}
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity) {
$sql .= " AND u.entity IS NOT NULL";
} else {
$sql .= " AND u.entity IN (0,".$conf->entity.")";
}
if (!empty($excludefilter)) $sql .= ' AND ('.$excludefilter.')';
if (!empty($excludefilter)) {
$sql .= ' AND ('.$excludefilter.')';
}
dol_syslog(get_class($this)."::listUsersForGroup", LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql)
{
while ($obj = $this->db->fetch_object($resql))
{
if (!array_key_exists($obj->rowid, $ret))
{
if ($mode != 1)
{
if ($resql) {
while ($obj = $this->db->fetch_object($resql)) {
if (!array_key_exists($obj->rowid, $ret)) {
if ($mode != 1) {
$newuser = new User($this->db);
$newuser->fetch($obj->rowid);
$ret[$obj->rowid] = $newuser;
} else $ret[$obj->rowid] = $obj->rowid;
} else {
$ret[$obj->rowid] = $obj->rowid;
}
}
if ($mode != 1 && !empty($obj->usergroup_entity))
{
if ($mode != 1 && !empty($obj->usergroup_entity)) {
$ret[$obj->rowid]->usergroup_entity[] = $obj->usergroup_entity;
}
}
@ -308,8 +309,7 @@ class UserGroup extends CommonObject
$this->db->begin();
if (!empty($rid))
{
if (!empty($rid)) {
$module = $perms = $subperms = '';
// Si on a demande ajout d'un droit en particulier, on recupere
@ -335,25 +335,27 @@ class UserGroup extends CommonObject
// Where pour la liste des droits a ajouter
$whereforadd = "id=".((int) $rid);
// Find also rights that are herited to add them too
if ($subperms) $whereforadd .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND (subperms='lire' OR subperms='read'))";
elseif ($perms) $whereforadd .= " OR (module='".$this->db->escape($module)."' AND (perms='lire' OR perms='read') AND subperms IS NULL)";
if ($subperms) {
$whereforadd .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND (subperms='lire' OR subperms='read'))";
} elseif ($perms) {
$whereforadd .= " OR (module='".$this->db->escape($module)."' AND (perms='lire' OR perms='read') AND subperms IS NULL)";
}
} else {
// Where pour la liste des droits a ajouter
if (!empty($allmodule))
{
if ($allmodule == 'allmodules')
{
if (!empty($allmodule)) {
if ($allmodule == 'allmodules') {
$whereforadd = 'allmodules';
} else {
$whereforadd = "module='".$this->db->escape($allmodule)."'";
if (!empty($allperms)) $whereforadd .= " AND perms='".$this->db->escape($allperms)."'";
if (!empty($allperms)) {
$whereforadd .= " AND perms='".$this->db->escape($allperms)."'";
}
}
}
}
// Add permission of the list $whereforadd
if (!empty($whereforadd))
{
if (!empty($whereforadd)) {
//print "$module-$perms-$subperms";
$sql = "SELECT id";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
@ -363,19 +365,21 @@ class UserGroup extends CommonObject
}
$result = $this->db->query($sql);
if ($result)
{
if ($result) {
$num = $this->db->num_rows($result);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$obj = $this->db->fetch_object($result);
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=".$nid." AND entity = ".$entity;
if (!$this->db->query($sql)) $error++;
if (!$this->db->query($sql)) {
$error++;
}
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (entity, fk_usergroup, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")";
if (!$this->db->query($sql)) $error++;
if (!$this->db->query($sql)) {
$error++;
}
$i++;
}
@ -384,14 +388,15 @@ class UserGroup extends CommonObject
dol_print_error($this->db);
}
if (!$error)
{
if (!$error) {
$langs->load("other");
$this->context = array('audit'=>$langs->trans("PermissionsAdd").($rid ? ' (id='.$rid.')' : ''));
// Call trigger
$result = $this->call_trigger('USERGROUP_MODIFY', $user);
if ($result < 0) { $error++; }
if ($result < 0) {
$error++;
}
// End call triggers
}
}
@ -426,8 +431,7 @@ class UserGroup extends CommonObject
$this->db->begin();
if (!empty($rid))
{
if (!empty($rid)) {
$module = $perms = $subperms = '';
// Si on a demande supression d'un droit en particulier, on recupere
@ -453,29 +457,32 @@ class UserGroup extends CommonObject
// Where pour la liste des droits a supprimer
$wherefordel = "id=".$this->db->escape($rid);
// Suppression des droits induits
if ($subperms == 'lire' || $subperms == 'read') $wherefordel .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND subperms IS NOT NULL)";
if ($perms == 'lire' || $perms == 'read') $wherefordel .= " OR (module='".$this->db->escape($module)."')";
if ($subperms == 'lire' || $subperms == 'read') {
$wherefordel .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND subperms IS NOT NULL)";
}
if ($perms == 'lire' || $perms == 'read') {
$wherefordel .= " OR (module='".$this->db->escape($module)."')";
}
// Pour compatibilite, si lowid = 0, on est en mode suppression de tout
// TODO A virer quand sera gere par l'appelant
//if (substr($rid,-1,1) == 0) $wherefordel="module='$module'";
} else {
// Add permission of the list $wherefordel
if (!empty($allmodule))
{
if ($allmodule == 'allmodules')
{
if (!empty($allmodule)) {
if ($allmodule == 'allmodules') {
$wherefordel = 'allmodules';
} else {
$wherefordel = "module='".$this->db->escape($allmodule)."'";
if (!empty($allperms)) $wherefordel .= " AND perms='".$this->db->escape($allperms)."'";
if (!empty($allperms)) {
$wherefordel .= " AND perms='".$this->db->escape($allperms)."'";
}
}
}
}
// Suppression des droits de la liste wherefordel
if (!empty($wherefordel))
{
if (!empty($wherefordel)) {
//print "$module-$perms-$subperms";
$sql = "SELECT id";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
@ -485,12 +492,10 @@ class UserGroup extends CommonObject
}
$result = $this->db->query($sql);
if ($result)
{
if ($result) {
$num = $this->db->num_rows($result);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$nid = 0;
$obj = $this->db->fetch_object($result);
@ -501,7 +506,9 @@ class UserGroup extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights";
$sql .= " WHERE fk_usergroup = $this->id AND fk_id=".$nid;
$sql .= " AND entity = ".$entity;
if (!$this->db->query($sql)) $error++;
if (!$this->db->query($sql)) {
$error++;
}
$i++;
}
@ -510,14 +517,15 @@ class UserGroup extends CommonObject
dol_print_error($this->db);
}
if (!$error)
{
if (!$error) {
$langs->load("other");
$this->context = array('audit'=>$langs->trans("PermissionsDelete").($rid ? ' (id='.$rid.')' : ''));
// Call trigger
$result = $this->call_trigger('USERGROUP_MODIFY', $user);
if ($result < 0) { $error++; }
if ($result < 0) {
$error++;
}
// End call triggers
}
}
@ -542,14 +550,12 @@ class UserGroup extends CommonObject
{
global $conf;
if ($moduletag && isset($this->_tab_loaded[$moduletag]) && $this->_tab_loaded[$moduletag])
{
if ($moduletag && isset($this->_tab_loaded[$moduletag]) && $this->_tab_loaded[$moduletag]) {
// Rights for this module are already loaded, so we leave
return;
}
if (!empty($this->all_permissions_are_loaded))
{
if (!empty($this->all_permissions_are_loaded)) {
// We already loaded all rights for this group, so we leave
return;
}
@ -564,16 +570,16 @@ class UserGroup extends CommonObject
$sql .= " AND u.entity = ".$conf->entity;
$sql .= " AND u.fk_usergroup = ".$this->id;
$sql .= " AND r.perms IS NOT NULL";
if ($moduletag) $sql .= " AND r.module = '".$this->db->escape($moduletag)."'";
if ($moduletag) {
$sql .= " AND r.module = '".$this->db->escape($moduletag)."'";
}
dol_syslog(get_class($this).'::getrights', LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql)
{
if ($resql) {
$num = $this->db->num_rows($resql);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$obj = $this->db->fetch_object($resql);
if ($obj) {
@ -581,17 +587,25 @@ class UserGroup extends CommonObject
$perms = $obj->perms;
$subperms = $obj->subperms;
if ($perms)
{
if (!isset($this->rights)) $this->rights = new stdClass(); // For avoid error
if (!isset($this->rights->$module) || !is_object($this->rights->$module)) $this->rights->$module = new stdClass();
if ($subperms)
{
if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) $this->rights->$module->$perms = new stdClass();
if (empty($this->rights->$module->$perms->$subperms)) $this->nb_rights++;
if ($perms) {
if (!isset($this->rights)) {
$this->rights = new stdClass(); // For avoid error
}
if (!isset($this->rights->$module) || !is_object($this->rights->$module)) {
$this->rights->$module = new stdClass();
}
if ($subperms) {
if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) {
$this->rights->$module->$perms = new stdClass();
}
if (empty($this->rights->$module->$perms->$subperms)) {
$this->nb_rights++;
}
$this->rights->$module->$perms->$subperms = 1;
} else {
if (empty($this->rights->$module->$perms)) $this->nb_rights++;
if (empty($this->rights->$module->$perms)) {
$this->nb_rights++;
}
$this->rights->$module->$perms = 1;
}
}
@ -602,8 +616,7 @@ class UserGroup extends CommonObject
$this->db->free($resql);
}
if ($moduletag == '')
{
if ($moduletag == '') {
// Si module etait non defini, alors on a tout charge, on peut donc considerer
// que les droits sont en cache (car tous charges) pour cet instance de group
$this->all_permissions_are_loaded = 1;
@ -641,7 +654,9 @@ class UserGroup extends CommonObject
$this->nom = $this->name; // Field for 'name' is called 'nom' in database
}
if (!isset($this->entity)) $this->entity = $conf->entity; // If not defined, we use default value
if (!isset($this->entity)) {
$this->entity = $conf->entity; // If not defined, we use default value
}
return $this->createCommon($user, $notrigger);
}
@ -708,7 +723,9 @@ class UserGroup extends CommonObject
global $dolibarr_main_authentication, $dolibarr_main_demo;
global $menumanager;
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && $withpicto) $withpicto = 0;
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && $withpicto) {
$withpicto = 0;
}
$result = ''; $label = '';
@ -720,19 +737,20 @@ class UserGroup extends CommonObject
$url = DOL_URL_ROOT.'/user/group/card.php?id='.$this->id;
if ($option != 'nolink')
{
if ($option != 'nolink') {
// Add param to save lastsearch_values or not
$add_save_lastsearch_values = ($save_lastsearch_value == 1 ? 1 : 0);
if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) $add_save_lastsearch_values = 1;
if ($add_save_lastsearch_values) $url .= '&save_lastsearch_values=1';
if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) {
$add_save_lastsearch_values = 1;
}
if ($add_save_lastsearch_values) {
$url .= '&save_lastsearch_values=1';
}
}
$linkclose = "";
if (empty($notooltip))
{
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER))
{
if (empty($notooltip)) {
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) {
$langs->load("users");
$label = $langs->trans("ShowGroup");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1, 1).'"';
@ -753,16 +771,23 @@ class UserGroup extends CommonObject
$linkend = '</a>';
$result = $linkstart;
if ($withpicto) $result .= img_object(($notooltip ? '' : $label), ($this->picto ? $this->picto : 'generic'), ($notooltip ? (($withpicto != 2) ? 'class="paddingright"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1);
if ($withpicto != 2) $result .= $this->name;
if ($withpicto) {
$result .= img_object(($notooltip ? '' : $label), ($this->picto ? $this->picto : 'generic'), ($notooltip ? (($withpicto != 2) ? 'class="paddingright"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1);
}
if ($withpicto != 2) {
$result .= $this->name;
}
$result .= $linkend;
global $action;
$hookmanager->initHooks(array('groupdao'));
$parameters = array('id'=>$this->id, 'getnomurl'=>$result);
$reshook = $hookmanager->executeHooks('getNomUrl', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook > 0) $result = $hookmanager->resPrint;
else $result .= $hookmanager->resPrint;
if ($reshook > 0) {
$result = $hookmanager->resPrint;
} else {
$result .= $hookmanager->resPrint;
}
return $result;
}
@ -783,9 +808,15 @@ class UserGroup extends CommonObject
// phpcs:enable
global $conf;
$dn = '';
if ($mode == 0) $dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS].",".$conf->global->LDAP_GROUP_DN;
if ($mode == 1) $dn = $conf->global->LDAP_GROUP_DN;
if ($mode == 2) $dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS];
if ($mode == 0) {
$dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS].",".$conf->global->LDAP_GROUP_DN;
}
if ($mode == 1) {
$dn = $conf->global->LDAP_GROUP_DN;
}
if ($mode == 2) {
$dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS];
}
return $dn;
}
@ -808,14 +839,16 @@ class UserGroup extends CommonObject
$info["objectclass"] = explode(',', $conf->global->LDAP_GROUP_OBJECT_CLASS);
// Champs
if ($this->name && !empty($conf->global->LDAP_GROUP_FIELD_FULLNAME)) $info[$conf->global->LDAP_GROUP_FIELD_FULLNAME] = $this->name;
if ($this->name && !empty($conf->global->LDAP_GROUP_FIELD_FULLNAME)) {
$info[$conf->global->LDAP_GROUP_FIELD_FULLNAME] = $this->name;
}
//if ($this->name && ! empty($conf->global->LDAP_GROUP_FIELD_NAME)) $info[$conf->global->LDAP_GROUP_FIELD_NAME] = $this->name;
if ($this->note && !empty($conf->global->LDAP_GROUP_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_GROUP_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note, 2);
if (!empty($conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS))
{
if ($this->note && !empty($conf->global->LDAP_GROUP_FIELD_DESCRIPTION)) {
$info[$conf->global->LDAP_GROUP_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note, 2);
}
if (!empty($conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS)) {
$valueofldapfield = array();
foreach ($this->members as $key=>$val) // This is array of users for group into dolibarr database.
{
foreach ($this->members as $key => $val) { // This is array of users for group into dolibarr database.
$muser = new User($this->db);
$muser->fetch($val->id);
$info2 = $muser->_load_ldap_info();
@ -875,10 +908,8 @@ class UserGroup extends CommonObject
$langs->load("user");
// Positionne le modele sur le nom du modele a utiliser
if (!dol_strlen($modele))
{
if (!empty($conf->global->USERGROUP_ADDON_PDF))
{
if (!dol_strlen($modele)) {
if (!empty($conf->global->USERGROUP_ADDON_PDF)) {
$modele = $conf->global->USERGROUP_ADDON_PDF;
} else {
$modele = 'grass';

40
htdocs/user/clicktodial.php
View File

@ -33,7 +33,9 @@ $id = (int) GETPOST('id', 'int');
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
@ -47,7 +49,9 @@ $hookmanager->initHooks(array('usercard', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($action == 'update' && !GETPOST('cancel', 'alpha')) {
@ -76,8 +80,7 @@ $form = new Form($db);
llxHeader("", "ClickToDial");
if ($id > 0)
{
if ($id > 0) {
$object = new User($db);
$object->fetch($id, '', '', 1);
$object->getrights();
@ -107,17 +110,14 @@ if ($id > 0)
print '<div class="underbanner clearboth"></div>';
// Edit mode
if ($action == 'edit')
{
if ($action == 'edit') {
print '<table class="border centpercent">';
if ($user->admin)
{
if ($user->admin) {
print '<tr><td class="titlefield fieldrequired">ClickToDial URL</td>';
print '<td class="valeur">';
print '<input name="url" value="'.(!empty($object->clicktodial_url) ? $object->clicktodial_url : '').'" size="92">';
if (empty($conf->global->CLICKTODIAL_URL) && empty($object->clicktodial_url))
{
if (empty($conf->global->CLICKTODIAL_URL) && empty($object->clicktodial_url)) {
$langs->load("errors");
print '<font class="error">'.$langs->trans("ErrorModuleSetupNotComplete", $langs->transnoentitiesnoconv("ClickToDial")).'</font>';
} else {
@ -147,14 +147,14 @@ if ($id > 0)
{
print '<table class="border centpercent tableforfield">';
if (!empty($user->admin))
{
if (!empty($user->admin)) {
print '<tr><td class="titlefield">ClickToDial URL</td>';
print '<td class="valeur">';
$url = $conf->global->CLICKTODIAL_URL;
if (!empty($object->clicktodial_url)) $url = $object->clicktodial_url;
if (empty($url))
{
if (!empty($object->clicktodial_url)) {
$url = $object->clicktodial_url;
}
if (empty($url)) {
$langs->load("errors");
print '<font class="error">'.$langs->trans("ErrorModuleSetupNotComplete", $langs->transnoentitiesnoconv("ClickToDial")).'</font>';
} else {
@ -181,8 +181,7 @@ if ($id > 0)
print dol_get_fiche_end();
if ($action == 'edit')
{
if ($action == 'edit') {
print '<br>';
print '<div class="center"><input class="button button-save" type="submit" value="'.$langs->trans("Save").'">';
print '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
@ -194,12 +193,11 @@ if ($id > 0)
print '</form>';
/*
* Barre d'actions
*/
* Barre d'actions
*/
print '<div class="tabsAction">';
if (!empty($user->admin) && $action <> 'edit')
{
if (!empty($user->admin) && $action <> 'edit') {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit">'.$langs->trans("Modify").'</a>';
}

43
htdocs/user/document.php
View File

@ -47,14 +47,12 @@ $canedituser = (!empty($user->admin) || $user->rights->user->user->creer);
$candisableuser = (!empty($user->admin) || $user->rights->user->user->supprimer);
$canreadgroup = $canreaduser;
$caneditgroup = $canedituser;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreadgroup = (!empty($user->admin) || $user->rights->user->group_advance->read);
$caneditgroup = (!empty($user->admin) || $user->rights->user->group_advance->write);
}
// Define value to know what current user can do on properties of edited user
if ($id)
{
if ($id) {
// $user est le user qui edite, $id est l'id de l'utilisateur edite
$caneditfield = ((($user->id == $id) && $user->rights->user->self->creer)
|| (($user->id != $id) && $user->rights->user->user->creer));
@ -64,28 +62,37 @@ if ($id)
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = 'user';
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
if ($user->id <> $id && !$canreaduser) accessforbidden();
if ($user->id <> $id && !$canreaduser) {
accessforbidden();
}
// Get parameters
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (empty($page) || $page == -1) { $page = 0; }
if (empty($page) || $page == -1) {
$page = 0;
}
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (!$sortorder) $sortorder = "ASC";
if (!$sortfield) $sortfield = "position_name";
if (!$sortorder) {
$sortorder = "ASC";
}
if (!$sortfield) {
$sortfield = "position_name";
}
$object = new User($db);
if ($id > 0 || !empty($ref))
{
if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref, '', 1);
$object->getrights();
//$upload_dir = $conf->user->multidir_output[$object->entity] . "/" . $object->id ;
@ -103,7 +110,9 @@ $hookmanager->initHooks(array('usercard', 'userdoc', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
@ -118,12 +127,13 @@ $form = new Form($db);
llxHeader('', $langs->trans("UserCard").' - '.$langs->trans("Files"));
if ($object->id)
{
if ($object->id) {
/*
* Affichage onglets
*/
if (!empty($conf->notification->enabled)) $langs->load("mails");
if (!empty($conf->notification->enabled)) {
$langs->load("mails");
}
$head = user_prepare_head($object);
$form = new Form($db);
@ -143,8 +153,7 @@ if ($object->id)
// Build file list
$filearray = dol_dir_list($upload_dir, "files", 0, '', '(\.meta|_preview.*\.png)$', $sortfield, (strtolower($sortorder) == 'desc' ?SORT_DESC:SORT_ASC), 1);
$totalsize = 0;
foreach ($filearray as $key => $file)
{
foreach ($filearray as $key => $file) {
$totalsize += $file['size'];
}

173
htdocs/user/group/card.php
View File

@ -38,8 +38,7 @@ $candisableperms = ($user->admin || $user->rights->user->user->supprimer);
$feature2 = 'user';
// Advanced permissions
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreadperms = ($user->admin || $user->rights->user->group_advance->read);
$caneditperms = ($user->admin || $user->rights->user->group_advance->write);
$candisableperms = ($user->admin || $user->rights->user->group_advance->delete);
@ -62,8 +61,7 @@ $userid = GETPOST('user', 'int');
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', $feature2);
// Users/Groups management only in master entity if transverse mode
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)
{
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
accessforbidden();
}
@ -87,29 +85,31 @@ $hookmanager->initHooks(array('groupcard', 'globalcard'));
$parameters = array('id' => $id, 'userid' => $userid, 'caneditperms' => $caneditperms);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
$backurlforlist = DOL_URL_ROOT.'/user/group/list.php';
if (empty($backtopage) || ($cancel && empty($id))) {
if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) {
if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) $backtopage = $backurlforlist;
else $backtopage = dol_buildpath('/user/group/card.php', 1).'?id='.($id > 0 ? $id : '__ID__');
if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) {
$backtopage = $backurlforlist;
} else {
$backtopage = dol_buildpath('/user/group/card.php', 1).'?id='.($id > 0 ? $id : '__ID__');
}
}
}
if ($cancel)
{
if ($cancel) {
header("Location: ".$backtopage);
exit;
}
// Action remove group
if ($action == 'confirm_delete' && $confirm == "yes")
{
if ($caneditperms)
{
if ($action == 'confirm_delete' && $confirm == "yes") {
if ($caneditperms) {
$object->fetch($id);
$object->delete($user);
header("Location: ".DOL_URL_ROOT."/user/group/list.php?restore_lastsearch_values=1");
@ -121,10 +121,8 @@ if (empty($reshook)) {
}
// Action add group
if ($action == 'add')
{
if ($caneditperms)
{
if ($action == 'add') {
if ($caneditperms) {
if (!GETPOST("nom", "nohtml")) {
setEventMessages($langs->trans("NameNotDefined"), null, 'errors');
$action = "create"; // Go back to create page
@ -134,17 +132,21 @@ if (empty($reshook)) {
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost(null, $object);
if ($ret < 0) $error++;
if ($ret < 0) {
$error++;
}
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $object->entity = 0;
else $object->entity = $_POST["entity"];
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$object->entity = 0;
} else {
$object->entity = $_POST["entity"];
}
$db->begin();
$id = $object->create();
if ($id > 0)
{
if ($id > 0) {
$db->commit();
header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
@ -164,22 +166,22 @@ if (empty($reshook)) {
}
// Add/Remove user into group
if ($action == 'adduser' || $action == 'removeuser')
{
if ($caneditperms)
{
if ($userid > 0)
{
if ($action == 'adduser' || $action == 'removeuser') {
if ($caneditperms) {
if ($userid > 0) {
$object->fetch($id);
$object->oldcopy = clone $object;
$edituser = new User($db);
$edituser->fetch($userid);
if ($action == 'adduser') $result = $edituser->SetInGroup($object->id, $object->entity);
if ($action == 'removeuser') $result = $edituser->RemoveFromGroup($object->id, $object->entity);
if ($action == 'adduser') {
$result = $edituser->SetInGroup($object->id, $object->entity);
}
if ($action == 'removeuser') {
$result = $edituser->RemoveFromGroup($object->id, $object->entity);
}
if ($result > 0)
{
if ($result > 0) {
header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
exit;
} else {
@ -193,10 +195,8 @@ if (empty($reshook)) {
}
if ($action == 'update')
{
if ($caneditperms)
{
if ($action == 'update') {
if ($caneditperms) {
$db->begin();
$object->fetch($id);
@ -208,15 +208,19 @@ if (empty($reshook)) {
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost(null, $object);
if ($ret < 0) $error++;
if ($ret < 0) {
$error++;
}
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $object->entity = 0;
else $object->entity = $_POST["entity"];
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$object->entity = 0;
} else {
$object->entity = $_POST["entity"];
}
$ret = $object->update();
if ($ret >= 0 && !count($object->errors))
{
if ($ret >= 0 && !count($object->errors)) {
setEventMessages($langs->trans("GroupModified"), null, 'mesgs');
$db->commit();
} else {
@ -247,8 +251,7 @@ $fuserstatic = new User($db);
$form = new Form($db);
$formfile = new FormFile($db);
if ($action == 'create')
{
if ($action == 'create') {
print load_fiche_titre($langs->trans("NewGroup"), '', 'object_group');
print dol_set_focus('#nom');
@ -263,10 +266,8 @@ if ($action == 'create')
print '<table class="border centpercent tableforfieldcreate">';
// Multicompany
if (!empty($conf->multicompany->enabled) && is_object($mc))
{
if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity)
{
if (!empty($conf->multicompany->enabled) && is_object($mc)) {
if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity) {
print "<tr>".'<td class="tdtop">'.$langs->trans("Entity").'</td>';
print "<td>".$mc->select_entities($conf->entity);
print "</td></tr>\n";
@ -292,17 +293,13 @@ if ($action == 'create')
print '</div>';
print "</form>";
}
/* ************************************************************************** */
/* */
/* Visu et edition */
/* */
/* ************************************************************************** */
else {
if ($id)
{
} else {
/* ************************************************************************** */
/* */
/* Visu et edition */
/* */
/* ************************************************************************** */
if ($id) {
$res = $object->fetch_optionals();
$head = group_prepare_head($object);
@ -311,8 +308,7 @@ else {
/*
* Confirmation suppression
*/
if ($action == 'delete')
{
if ($action == 'delete') {
print $form->formconfirm($_SERVER['PHP_SELF']."?id=".$object->id, $langs->trans("DeleteAGroup"), $langs->trans("ConfirmDeleteGroup", $object->name), "confirm_delete", '', 0, 1);
}
@ -320,8 +316,7 @@ else {
* Fiche en mode visu
*/
if ($action != 'edit')
{
if ($action != 'edit') {
print dol_get_fiche_head($head, 'group', $title, -1, 'group');
$linkback = '<a href="'.DOL_URL_ROOT.'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
@ -335,20 +330,17 @@ else {
print '<table class="border centpercent tableforfield">';
// Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)
if (!empty($conf->mutlicompany->enabled))
{
if (!empty($conf->mutlicompany->enabled)) {
print '<tr><td class="titlefield">'.$langs->trans("Name").'</td>';
print '<td class="valeur">'.dol_escape_htmltag($object->name);
if (empty($object->entity))
{
if (empty($object->entity)) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
}
print "</td></tr>\n";
}
// Multicompany
if (!empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity)
{
if (!empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity) {
$mc->getInfo($object->entity);
print "<tr>".'<td class="titlefield">'.$langs->trans("Entity").'</td>';
print '<td class="valeur">'.dol_escape_htmltag($mc->label);
@ -381,15 +373,15 @@ else {
$parameters = array();
$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if ($caneditperms)
{
if ($caneditperms) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit&amp;token='.newToken().'">'.$langs->trans("Modify").'</a>';
}
if ($candisableperms)
{
if ($candisableperms) {
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;id='.$object->id.'&amp;token='.newToken().'">'.$langs->trans("DeleteGroup").'</a>';
}
@ -402,10 +394,8 @@ else {
// On selectionne les users qui ne sont pas deja dans le groupe
$exclude = array();
if (!empty($object->members))
{
foreach ($object->members as $useringroup)
{
if (!empty($object->members)) {
foreach ($object->members as $useringroup) {
$exclude[] = $useringroup->id;
}
}
@ -415,10 +405,8 @@ else {
$reshook = $hookmanager->executeHooks('formAddUserToGroup', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
if (empty($reshook))
{
if ($caneditperms)
{
if (empty($reshook)) {
if ($caneditperms) {
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="POST">'."\n";
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="adduser">';
@ -447,10 +435,8 @@ else {
print '<td class="liste_titre right" width="5">&nbsp;</td>';
print "</tr>\n";
if (!empty($object->members))
{
foreach ($object->members as $useringroup)
{
if (!empty($object->members)) {
foreach ($object->members as $useringroup) {
print '<tr class="oddeven">';
print '<td>';
print $useringroup->getNomUrl(-1, '', 0, 0, 24, 0, 'login');
@ -484,8 +470,8 @@ else {
print '<div class="fichecenter"><div class="fichehalfleft">';
/*
* Documents generes
*/
* Documents generes
*/
$filename = dol_sanitizeFileName($object->ref);
$filedir = $conf->usergroup->dir_output."/".dol_sanitizeFileName($object->ref);
@ -510,11 +496,10 @@ else {
}
/*
* Fiche en mode edition
*/
* Fiche en mode edition
*/
if ($action == 'edit' && $caneditperms)
{
if ($action == 'edit' && $caneditperms) {
print '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="updategroup" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="update">';
@ -526,10 +511,8 @@ else {
print '<table class="border centpercent tableforfieldedit">'."\n";
// Multicompany
if (!empty($conf->multicompany->enabled) && is_object($mc))
{
if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity)
{
if (!empty($conf->multicompany->enabled) && is_object($mc)) {
if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && !$user->entity) {
print "<tr>".'<td class="tdtop">'.$langs->trans("Entity").'</td>';
print "<td>".$mc->select_entities($object->entity);
print "</td></tr>\n";

41
htdocs/user/group/ldap.php
View File

@ -34,14 +34,12 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
$langs->loadLangs(array('companies', 'ldap', 'users', 'admin'));
// Users/Groups management only in master entity if transverse mode
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)
{
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
accessforbidden();
}
$canreadperms = true;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreadperms = ($user->admin || $user->rights->user->group_advance->read);
}
@ -49,7 +47,9 @@ $id = GETPOST('id', 'int');
$action = GETPOST('action', 'aZ09');
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$object = new Usergroup($db);
$object->fetch($id);
@ -60,13 +60,11 @@ $object->getrights();
* Actions
*/
if ($action == 'dolibarr2ldap')
{
if ($action == 'dolibarr2ldap') {
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0)
{
if ($result > 0) {
$info = $object->_load_ldap_info();
// Get a gid number for objectclass PosixGroup
@ -80,8 +78,7 @@ if ($action == 'dolibarr2ldap')
$result = $ldap->update($dn, $info, $user, $olddn);
}
if ($result >= 0)
{
if ($result >= 0) {
setEventMessages($langs->trans("GroupSynchronized"), null, 'mesgs');
} else {
setEventMessages($ldap->error, $ldap->errors, 'errors');
@ -111,12 +108,10 @@ print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent">';
// Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)
if (!empty($conf->mutlicompany->enabled))
{
if (!empty($conf->mutlicompany->enabled)) {
print '<tr><td class="titlefield">'.$langs->trans("Name").'</td>';
print '<td class="valeur">'.$object->name;
if (!$object->entity)
{
if (!$object->entity) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
}
print "</td></tr>\n";
@ -153,14 +148,15 @@ print dol_get_fiche_end();
print '<div class="tabsAction">';
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap')
{
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') print "<br>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
print "<br>\n";
}
@ -177,8 +173,7 @@ print '</tr>';
// Lecture LDAP
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0)
{
if ($result > 0) {
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info, 1);
$search = "(".$object->_load_ldap_dn($info, 2).")";
@ -188,10 +183,8 @@ if ($result > 0)
//var_dump($records);
// Show tree
if (((!is_numeric($records)) || $records != 0) && (!isset($records['count']) || $records['count'] > 0))
{
if (!is_array($records))
{
if (((!is_numeric($records)) || $records != 0) && (!isset($records['count']) || $records['count'] > 0)) {
if (!is_array($records)) {
print '<tr class="oddeven"><td colspan="2"><font class="error">'.$langs->trans("ErrorFailedToReadLDAP").'</font></td></tr>';
} else {
$result = show_ldap_content($records, 0, $records['count'], true);

86
htdocs/user/group/list.php
View File

@ -28,15 +28,14 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!$user->rights->user->group_advance->read && !$user->admin)
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
if (!$user->rights->user->group_advance->read && !$user->admin) {
accessforbidden();
}
}
// Users/Groups management only in master entity if transverse mode
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)
{
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
accessforbidden();
}
@ -50,8 +49,7 @@ $optioncss = GETPOST('optioncss', 'alpha');
// Defini si peux lire/modifier utilisateurs et permisssions
$caneditperms = ($user->admin || $user->rights->user->user->creer);
// Advanced permissions
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$caneditperms = ($user->admin || $user->rights->user->group_advance->write);
}
@ -60,13 +58,19 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
$sortorder = GETPOST('sortorder', 'aZ09comma');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (empty($page) || $page == -1) { $page = 0; }
if (empty($page) || $page == -1) {
$page = 0;
}
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (!$sortfield) $sortfield = "g.nom";
if (!$sortorder) $sortorder = "ASC";
if (!$sortfield) {
$sortfield = "g.nom";
}
if (!$sortorder) {
$sortorder = "ASC";
}
// List of fields to search into when doing a "search in all"
$fieldstosearchall = array(
@ -79,21 +83,25 @@ $fieldstosearchall = array(
* Actions
*/
if (GETPOST('cancel', 'alpha')) { $action = 'list'; $massaction = ''; }
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction = ''; }
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
}
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') {
$massaction = '';
}
$parameters = array();
$reshook = $hookmanager->executeHooks('doActions', $parameters); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook))
{
if (empty($reshook)) {
// Selection of new fields
include DOL_DOCUMENT_ROOT.'/core/actions_changeselectedfields.inc.php';
// Purge search criteria
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) // All test are required to be compatible with all browsers
{
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All test are required to be compatible with all browsers
$search_label = "";
$search_date_creation = "";
$search_date_update = "";
@ -113,20 +121,22 @@ $sql = "SELECT g.rowid, g.nom as name, g.note, g.entity, g.datec, COUNT(DISTINCT
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_usergroup = g.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_rights as ugr ON ugr.fk_usergroup = g.rowid";
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && !$user->entity)))
{
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && !$user->entity))) {
$sql .= " WHERE g.entity IS NOT NULL";
} else {
$sql .= " WHERE g.entity IN (0,".$conf->entity.")";
}
if (!empty($search_group)) natural_search(array("g.nom", "g.note"), $search_group);
if ($sall) $sql .= natural_search(array("g.nom", "g.note"), $sall);
if (!empty($search_group)) {
natural_search(array("g.nom", "g.note"), $search_group);
}
if ($sall) {
$sql .= natural_search(array("g.nom", "g.note"), $sall);
}
$sql .= " GROUP BY g.rowid, g.nom, g.note, g.entity, g.datec";
$sql .= $db->order($sortfield, $sortorder);
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
$nbtotalofrecords = $num;
@ -134,18 +144,21 @@ if ($resql)
$i = 0;
$param = "&amp;search_group=".urlencode($search_group)."&amp;sall=".urlencode($sall);
if ($optioncss != '') $param .= '&amp;optioncss='.$optioncss;
if ($optioncss != '') {
$param .= '&amp;optioncss='.$optioncss;
}
$text = $langs->trans("ListOfGroups");
$newcardbutton = '';
if ($caneditperms)
{
if ($caneditperms) {
$newcardbutton .= dolGetButtonTitle($langs->trans('NewGroup'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/user/group/card.php?action=create&leftmenu=');
}
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">'."\n";
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
@ -155,9 +168,10 @@ if ($resql)
print_barre_liste($text, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, "", $num, $nbtotalofrecords, 'object_group', 0, $newcardbutton, '', $limit, 0, 0, 1);
if ($sall)
{
foreach ($fieldstosearchall as $key => $val) $fieldstosearchall[$key] = $langs->trans($val);
if ($sall) {
foreach ($fieldstosearchall as $key => $val) {
$fieldstosearchall[$key] = $langs->trans($val);
}
print '<div class="divsearchfieldfilter">'.$langs->trans("FilterOnInto", $sall).join(', ', $fieldstosearchall).'</div>';
}
@ -172,8 +186,7 @@ if ($resql)
print '<tr class="liste_titre">';
print_liste_field_titre("Group", $_SERVER["PHP_SELF"], "g.nom", $param, "", "", $sortfield, $sortorder);
//multicompany
if (!empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1)
{
if (!empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1) {
print_liste_field_titre("Entity", $_SERVER["PHP_SELF"], "g.entity", $param, "", '', $sortfield, $sortorder, 'center ');
}
print_liste_field_titre("NbOfUsers", $_SERVER["PHP_SELF"], "nb", $param, "", '', $sortfield, $sortorder, 'center ');
@ -184,8 +197,7 @@ if ($resql)
$grouptemp = new UserGroup($db);
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($resql);
$grouptemp->id = $obj->rowid;
@ -195,14 +207,12 @@ if ($resql)
print '<tr class="oddeven">';
print '<td>';
print $grouptemp->getNomUrl(1);
if (!$obj->entity)
{
if (!$obj->entity) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
}
print "</td>";
//multicompany
if (!empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1)
{
if (!empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1) {
$mc->getInfo($obj->entity);
print '<td class="center">'.$mc->label.'</td>';
}

114
htdocs/user/group/perms.php
View File

@ -47,14 +47,15 @@ $canreadperms = ($user->admin || $user->rights->user->user->lire);
$caneditperms = ($user->admin || $user->rights->user->user->creer);
// Advanced permissions
$advancedpermsactive = false;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$advancedpermsactive = true;
$canreadperms = ($user->admin || ($user->rights->user->group_advance->read && $user->rights->user->group_advance->readperms));
$caneditperms = ($user->admin || $user->rights->user->group_advance->write);
}
if (!$canreadperms) accessforbidden();
if (!$canreadperms) {
accessforbidden();
}
$object = new Usergroup($db);
$object->fetch($id);
@ -71,7 +72,9 @@ $hookmanager->initHooks(array('groupperms', 'globalcard'));
$parameters = array();
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($action == 'addrights' && $caneditperms) {
@ -110,8 +113,7 @@ $form = new Form($db);
llxHeader('', $langs->trans("Permissions"));
if ($object->id > 0)
{
if ($object->id > 0) {
/*
* Affichage onglets
*/
@ -127,32 +129,24 @@ if ($object->id > 0)
$db->begin();
foreach ($modulesdir as $dir)
{
foreach ($modulesdir as $dir) {
$handle = @opendir(dol_osencode($dir));
if (is_resource($handle))
{
while (($file = readdir($handle)) !== false)
{
if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php')
{
if (is_resource($handle)) {
while (($file = readdir($handle)) !== false) {
if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php') {
$modName = substr($file, 0, dol_strlen($file) - 10);
if ($modName)
{
if ($modName) {
include_once $dir.$file;
$objMod = new $modName($db);
// Load all lang files of module
if (isset($objMod->langfiles) && is_array($objMod->langfiles))
{
foreach ($objMod->langfiles as $domain)
{
if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
foreach ($objMod->langfiles as $domain) {
$langs->load($domain);
}
}
// Load all permissions
if ($objMod->rights_class)
{
if ($objMod->rights_class) {
$ret = $objMod->insert_permissions(0, $entity);
$modules[$objMod->rights_class] = $objMod;
}
@ -176,15 +170,14 @@ if ($object->id > 0)
dol_syslog("get user perms", LOG_DEBUG);
$result = $db->query($sql);
if ($result)
{
if ($result) {
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($result);
if (!isset($permsgroupbyentity[$obj->entity]))
if (!isset($permsgroupbyentity[$obj->entity])) {
$permsgroupbyentity[$obj->entity] = array();
}
array_push($permsgroupbyentity[$obj->entity], $obj->id);
$i++;
}
@ -207,12 +200,10 @@ if ($object->id > 0)
print '<table class="border centpercent tableforfield">';
// Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)
if (!empty($conf->mutlicompany->enabled))
{
if (!empty($conf->mutlicompany->enabled)) {
print '<tr><td class="titlefield">'.$langs->trans("Name").'</td>';
print '<td colspan="2">'.$object->name.'';
if (!$object->entity)
{
if (!$object->entity) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
}
print "</td></tr>\n";
@ -227,19 +218,22 @@ if ($object->id > 0)
print '</table><br>';
if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"));
if ($user->admin) {
print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"));
}
$parameters = array();
$reshook = $hookmanager->executeHooks('insertExtraHeader', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
print "\n";
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Module").'</td>';
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module=allmodules">'.$langs->trans("All")."</a>";
print '/';
@ -248,36 +242,36 @@ if ($object->id > 0)
}
print '<td class="center" width="24">&nbsp;</td>';
print '<td>'.$langs->trans("Permissions").'</td>';
if ($user->admin) print '<td class="right">'.$langs->trans("ID").'</td>';
if ($user->admin) {
print '<td class="right">'.$langs->trans("ID").'</td>';
}
print '</tr>'."\n";
$sql = "SELECT r.id, r.libelle as label, r.module";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql .= " AND r.entity = ".$entity;
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable
}
$sql .= " ORDER BY r.module, r.id";
$result = $db->query($sql);
if ($result)
{
if ($result) {
$num = $db->num_rows($result);
$i = 0;
$oldmod = '';
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($result);
// If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it
if (empty($modules[$obj->module]))
{
if (empty($modules[$obj->module])) {
$i++;
continue;
}
if ($oldmod <> $obj->module)
{
if ($oldmod <> $obj->module) {
$oldmod = $obj->module;
// Break detected, we get objMod
@ -290,8 +284,7 @@ if ($object->id > 0)
print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();
print '<a name="'.$objMod->getName().'"></a>';
print '</td>';
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition" title='.$langs->trans("All").' alt='.$langs->trans("All").' href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module='.$obj->module.'">'.$langs->trans("All")."</a>";
print '/';
@ -303,7 +296,9 @@ if ($object->id > 0)
print '<td colspan="2">&nbsp;</td>';
// Permission id
if ($user->admin) print '<td class="right"></td>';
if ($user->admin) {
print '<td class="right"></td>';
}
print '</tr>';
}
@ -316,13 +311,10 @@ if ($object->id > 0)
//print img_object('', $picto, 'class="inline-block pictoobjectwidth"').' '.$objMod->getName();
print '</td>';
if (is_array($permsgroupbyentity[$entity]))
{
if (in_array($obj->id, $permsgroupbyentity[$entity]))
{
if (is_array($permsgroupbyentity[$entity])) {
if (in_array($obj->id, $permsgroupbyentity[$entity])) {
// Own permission by group
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';
//print img_edit_remove($langs->trans("Remove"));
print img_picto($langs->trans("Remove"), 'switch_on');
@ -333,8 +325,7 @@ if ($object->id > 0)
print '</td>';
} else {
// Do not own permission
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';
//print img_edit_add($langs->trans("Add"));
print img_picto($langs->trans("Add"), 'switch_off');
@ -344,8 +335,7 @@ if ($object->id > 0)
}
} else {
// Do not own permission
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';
//print img_edit_add($langs->trans("Add"));
print img_picto($langs->trans("Add"), 'switch_off');
@ -358,7 +348,9 @@ if ($object->id > 0)
print '<td class="maxwidthonsmartphone">'.$permlabel.'</td>';
// Permission id
if ($user->admin) print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>';
if ($user->admin) {
print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>';
}
print '</tr>'."\n";
@ -372,7 +364,9 @@ if ($object->id > 0)
$parameters = array();
$reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
print dol_get_fiche_end();
}

38
htdocs/user/hierarchy.php
View File

@ -29,16 +29,18 @@
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/treeview.lib.php';
if (!$user->rights->user->user->lire && !$user->admin)
if (!$user->rights->user->user->lire && !$user->admin) {
accessforbidden();
}
// Load translation files required by page
$langs->loadLangs(array('users', 'companies'));
// Security check (for external users)
$socid = 0;
if ($user->socid > 0)
if ($user->socid > 0) {
$socid = $user->socid;
}
$sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml'));
$search_user = GETPOST('search_user', 'alpha');
@ -49,10 +51,11 @@ $mode = GETPOST("mode", 'alpha');
$userstatic = new User($db);
$search_statut = GETPOST('search_statut', 'int');
if ($search_statut == '') $search_statut = '1';
if ($search_statut == '') {
$search_statut = '1';
}
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', 'alpha')) // Both test are required to be compatible with all browsers
{
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // Both test are required to be compatible with all browsers
$search_statut = "";
}
@ -79,8 +82,7 @@ llxHeader('', $langs->trans("ListOfUsers").' - '.$langs->trans("HierarchicView")
// Load hierarchy of users
$user_arbo = $userstatic->get_full_tree(0, ($search_statut != '' && $search_statut >= 0) ? "statut = ".$search_statut : '');
if (!is_array($user_arbo) && $user_arbo < 0)
{
if (!is_array($user_arbo) && $user_arbo < 0) {
setEventMessages($userstatic->error, $userstatic->errors, 'warnings');
} else {
// Define fulltree array
@ -89,8 +91,7 @@ if (!is_array($user_arbo) && $user_arbo < 0)
// Define data (format for treeview)
$data = array();
$data[] = array('rowid'=>0, 'fk_menu'=>-1, 'title'=>"racine", 'mainmenu'=>'', 'leftmenu'=>'', 'fk_mainmenu'=>'', 'fk_leftmenu'=>'');
foreach ($fulltree as $key => $val)
{
foreach ($fulltree as $key => $val) {
$userstatic->id = $val['id'];
$userstatic->ref = $val['label'];
$userstatic->login = $val['login'];
@ -108,10 +109,8 @@ if (!is_array($user_arbo) && $user_arbo < 0)
$entitystring = '';
// TODO Set of entitystring should be done with a hook
if (!empty($conf->multicompany->enabled) && is_object($mc))
{
if (empty($entity))
{
if (!empty($conf->multicompany->enabled) && is_object($mc)) {
if (empty($entity)) {
$entitystring = $langs->trans("AllEntities");
} else {
$mc->getInfo($entity);
@ -120,11 +119,9 @@ if (!is_array($user_arbo) && $user_arbo < 0)
}
$li = $userstatic->getNomUrl(-1, '', 0, 1);
if (!empty($conf->multicompany->enabled) && $userstatic->admin && !$userstatic->entity)
{
if (!empty($conf->multicompany->enabled) && $userstatic->admin && !$userstatic->entity) {
$li .= img_picto($langs->trans("SuperAdministrator"), 'redstar');
} elseif ($userstatic->admin)
{
} elseif ($userstatic->admin) {
$li .= img_picto($langs->trans("Administrator"), 'star');
}
$li .= ' ('.$val['login'].($entitystring ? ' - '.$entitystring : '').')';
@ -155,7 +152,9 @@ if (!is_array($user_arbo) && $user_arbo < 0)
print load_fiche_titre($title, $morehtmlright.' '.$newcardbutton, 'user');
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">'."\n";
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
@ -188,8 +187,7 @@ if (!is_array($user_arbo) && $user_arbo < 0)
$nbofentries = (count($data) - 1);
if ($nbofentries > 0)
{
if ($nbofentries > 0) {
print '<tr><td colspan="3">';
tree_recur($data, $data[0], 0);
print '</td>';

63
htdocs/user/home.php
View File

@ -27,8 +27,7 @@ require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userhome'; // To manage different context of search
if (!$user->rights->user->user->lire && !$user->admin)
{
if (!$user->rights->user->user->lire && !$user->admin) {
// Redirection vers la page de l'utilisateur
header("Location: card.php?id=".$user->id);
exit;
@ -38,14 +37,15 @@ if (!$user->rights->user->user->lire && !$user->admin)
$langs->load("users");
$canreadperms = true;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreadperms = ($user->admin || $user->rights->user->group_advance->read);
}
// Security check (for external users)
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$companystatic = new Societe($db);
$fuserstatic = new User($db);
@ -77,8 +77,7 @@ print '<tr><td>';
print $langs->trans("User").':</td><td><input class="flat inputsearch" type="text" name="search_user" size="18"></td></tr>';
// Search Group
if ($canreadperms)
{
if ($canreadperms) {
print '<tr><td>';
print $langs->trans("Group").':</td><td><input class="flat inputsearch" type="text" name="search_group" size="18"></td></tr>';
}
@ -115,13 +114,14 @@ if ($reshook > 0) {
} else {
$sql .= " WHERE u.entity IN (".getEntity('user').")";
}
if (!empty($socid)) $sql .= " AND u.fk_soc = ".$socid;
if (!empty($socid)) {
$sql .= " AND u.fk_soc = ".$socid;
}
$sql .= $db->order("u.datec", "DESC");
$sql .= $db->plimit($max);
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
print '<div class="div-table-responsive-no-min">';
@ -131,8 +131,7 @@ if ($resql)
print '</tr>'."\n";
$i = 0;
while ($i < $num && $i < $max)
{
while ($i < $num && $i < $max) {
$obj = $db->fetch_object($resql);
$fuserstatic->id = $obj->rowid;
@ -153,34 +152,28 @@ if ($resql)
print '<tr class="oddeven">';
print '<td class="nowraponall">';
print $fuserstatic->getNomUrl(-1);
if (!empty($conf->multicompany->enabled) && $obj->admin && !$obj->entity)
{
if (!empty($conf->multicompany->enabled) && $obj->admin && !$obj->entity) {
print img_picto($langs->trans("SuperAdministrator"), 'redstar');
} elseif ($obj->admin)
{
} elseif ($obj->admin) {
print img_picto($langs->trans("Administrator"), 'star');
}
print "</td>";
print '<td>'.$obj->login.'</td>';
print "<td>";
if ($obj->fk_soc)
{
if ($obj->fk_soc) {
print $companystatic->getNomUrl(1);
} else {
print $langs->trans("InternalUser");
}
if ($obj->ldap_sid)
{
if ($obj->ldap_sid) {
print ' ('.$langs->trans("DomainUser").')';
}
$entity = $obj->entity;
$entitystring = '';
// TODO Set of entitystring should be done with a hook
if (!empty($conf->multicompany->enabled) && is_object($mc))
{
if (empty($entity))
{
if (!empty($conf->multicompany->enabled) && is_object($mc)) {
if (empty($entity)) {
$entitystring = $langs->trans("AllEntities");
} else {
$mc->getInfo($entity);
@ -210,14 +203,12 @@ if ($resql)
/*
* Last groups created
*/
if ($canreadperms)
{
if ($canreadperms) {
$max = 5;
$sql = "SELECT g.rowid, g.nom as name, g.note, g.entity, g.datec";
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g";
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && !$user->entity)))
{
if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && !$user->entity))) {
$sql .= " WHERE g.entity IS NOT NULL";
} else {
$sql .= " WHERE g.entity IN (0,".$conf->entity.")";
@ -226,10 +217,11 @@ if ($canreadperms)
$sql .= $db->plimit($max);
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$colspan = 1;
if (!empty($conf->multicompany->enabled)) $colspan++;
if (!empty($conf->multicompany->enabled)) {
$colspan++;
}
$num = $db->num_rows($resql);
print '<div class="div-table-responsive-no-min">';
@ -241,8 +233,7 @@ if ($canreadperms)
$grouptemp = new UserGroup($db);
while ($i < $num && (!$max || $i < $max))
{
while ($i < $num && (!$max || $i < $max)) {
$obj = $db->fetch_object($resql);
$grouptemp->id = $obj->rowid;
@ -252,13 +243,11 @@ if ($canreadperms)
print '<tr class="oddeven">';
print '<td>';
print $grouptemp->getNomUrl(1);
if (!$obj->entity)
{
if (!$obj->entity) {
print img_picto($langs->trans("GlobalGroup"), 'redstar');
}
print "</td>";
if (!empty($conf->multicompany->enabled) && is_object($mc))
{
if (!empty($conf->multicompany->enabled) && is_object($mc)) {
$mc->getInfo($obj->entity);
print '<td>';
print $mc->label;

12
htdocs/user/info.php
View File

@ -33,22 +33,24 @@ $langs->load("users");
// Security check
$id = GETPOST('id', 'int');
$object = new User($db);
if ($id > 0 || !empty($ref))
{
if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref, '', 1);
$object->getrights();
}
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
// If user is not user that read and no permission to read other users, we stop
if (($object->id != $user->id) && (!$user->rights->user->user->lire))
accessforbidden();
if (($object->id != $user->id) && (!$user->rights->user->user->lire)) {
accessforbidden();
}

42
htdocs/user/ldap.php
View File

@ -35,7 +35,9 @@ $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'use
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
@ -55,17 +57,16 @@ $hookmanager->initHooks(array('usercard', 'userldap', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook))
{
if ($_GET["action"] == 'dolibarr2ldap')
{
if (empty($reshook)) {
if ($_GET["action"] == 'dolibarr2ldap') {
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0)
{
if ($result > 0) {
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$olddn = $dn; // We can say that old dn = dn as we force synchro
@ -109,20 +110,17 @@ print '<table class="border centpercent">';
// Login
print '<tr><td class="titlefield">'.$langs->trans("Login").'</td>';
if ($object->ldap_sid)
{
if ($object->ldap_sid) {
print '<td class="warning">'.$langs->trans("LoginAccountDisableInDolibarr").'</td>';
} else {
print '<td>'.$object->login.'</td>';
}
print '</tr>';
if ($conf->global->LDAP_SERVER_TYPE == "activedirectory")
{
if ($conf->global->LDAP_SERVER_TYPE == "activedirectory") {
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0)
{
if ($result > 0) {
$userSID = $ldap->getObjectSid($object->login);
}
print '<tr><td class="valigntop">'.$langs->trans("SID").'</td>';
@ -155,14 +153,15 @@ print dol_get_fiche_end();
print '<div class="tabsAction">';
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap')
{
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') print "<br>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
print "<br>\n";
}
@ -179,8 +178,7 @@ print '</tr>';
// Lecture LDAP
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0)
{
if ($result > 0) {
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info, 1);
$search = "(".$object->_load_ldap_dn($info, 2).")";
@ -190,10 +188,8 @@ if ($result > 0)
//print_r($records);
// Affichage arbre
if (((!is_numeric($records)) || $records != 0) && (!isset($records['count']) || $records['count'] > 0))
{
if (!is_array($records))
{
if (((!is_numeric($records)) || $records != 0) && (!isset($records['count']) || $records['count'] > 0)) {
if (!is_array($records)) {
print '<tr class="oddeven"><td colspan="2"><font class="error">'.$langs->trans("ErrorFailedToReadLDAP").'</font></td></tr>';
} else {
$result = show_ldap_content($records, 0, $records['count'], true);

704
htdocs/user/list.php
View File

File diff suppressed because it is too large Load Diff

62
htdocs/user/logout.php
View File

@ -24,17 +24,24 @@
*/
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Uncomment creates pb to relogon after a disconnect
if (!defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1');
if (!defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1');
if (!defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1');
if (!defined('NOREQUIREMENU')) {
define('NOREQUIREMENU', '1');
}
if (!defined('NOREQUIREHTML')) {
define('NOREQUIREHTML', '1');
}
if (!defined('NOREQUIREAJAX')) {
define('NOREQUIREAJAX', '1');
}
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // We need company to get correct logo onto home page
if (!defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) define('EVEN_IF_ONLY_LOGIN_ALLOWED', '1');
if (!defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) {
define('EVEN_IF_ONLY_LOGIN_ALLOWED', '1');
}
require_once '../main.inc.php';
// This can happen only with a bookmark or forged url call.
if (!empty($_SESSION["dol_authmode"]) && ($_SESSION["dol_authmode"] == 'forceuser' || $_SESSION["dol_authmode"] == 'http'))
{
if (!empty($_SESSION["dol_authmode"]) && ($_SESSION["dol_authmode"] == 'forceuser' || $_SESSION["dol_authmode"] == 'http')) {
unset($_SESSION["dol_login"]);
die("Applicative disconnection should be useless when connection was made in mode ".$_SESSION["dol_authmode"]);
}
@ -43,7 +50,9 @@ global $conf, $langs, $user;
// Call trigger
$result = $user->call_trigger('USER_LOGOUT', $user);
if ($result < 0) $error++;
if ($result < 0) {
$error++;
}
// End call triggers
// Hooks on logout
@ -51,26 +60,41 @@ $action = '';
$hookmanager->initHooks(array('logout'));
$parameters = array();
$reshook = $hookmanager->executeHooks('afterLogout', $parameters, $user, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) { $error++; }
if ($reshook < 0) {
$error++;
}
// Define url to go after disconnect
$urlfrom = empty($_SESSION["urlfrom"]) ? '' : $_SESSION["urlfrom"];
// Define url to go
$url = DOL_URL_ROOT."/index.php"; // By default go to login page
if ($urlfrom) $url = DOL_URL_ROOT.$urlfrom;
if (!empty($conf->global->MAIN_LOGOUT_GOTO_URL)) $url = $conf->global->MAIN_LOGOUT_GOTO_URL;
if ($urlfrom) {
$url = DOL_URL_ROOT.$urlfrom;
}
if (!empty($conf->global->MAIN_LOGOUT_GOTO_URL)) {
$url = $conf->global->MAIN_LOGOUT_GOTO_URL;
}
if (GETPOST('dol_hide_topmenu')) $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_topmenu=1';
if (GETPOST('dol_hide_leftmenu')) $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_leftmenu=1';
if (GETPOST('dol_optimize_smallscreen')) $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_optimize_smallscreen=1';
if (GETPOST('dol_no_mouse_hover')) $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_no_mouse_hover=1';
if (GETPOST('dol_use_jmobile')) $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_use_jmobile=1';
if (GETPOST('dol_hide_topmenu')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_topmenu=1';
}
if (GETPOST('dol_hide_leftmenu')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_leftmenu=1';
}
if (GETPOST('dol_optimize_smallscreen')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_optimize_smallscreen=1';
}
if (GETPOST('dol_no_mouse_hover')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_no_mouse_hover=1';
}
if (GETPOST('dol_use_jmobile')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_use_jmobile=1';
}
// Destroy session
dol_syslog("End of session ".session_id());
if (session_status() === PHP_SESSION_ACTIVE)
{
if (session_status() === PHP_SESSION_ACTIVE) {
session_destroy();
}
@ -80,5 +104,7 @@ unset($_SESSION['dol_login']);
unset($_SESSION['dol_entity']);
unset($_SESSION['urlfrom']);
if (GETPOST('noredirect')) return;
if (GETPOST('noredirect')) {
return;
}
header("Location: ".$url); // Default behaviour is redirect to index.php page

28
htdocs/user/note.php
View File

@ -39,11 +39,15 @@ $object->fetch($id, '', '', 1);
$object->getrights();
// If user is not user read and no permission to read other users, we stop
if (($object->id != $user->id) && (!$user->rights->user->user->lire)) accessforbidden();
if (($object->id != $user->id) && (!$user->rights->user->user->lire)) {
accessforbidden();
}
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
@ -58,7 +62,9 @@ $hookmanager->initHooks(array('usercard', 'usernote', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($action == 'update' && $user->rights->user->user->creer && !$_POST["cancel"]) {
@ -83,8 +89,7 @@ llxHeader();
$form = new Form($db);
if ($id)
{
if ($id) {
$head = user_prepare_head($object);
$title = $langs->trans("User");
@ -114,8 +119,7 @@ if ($id)
// Note
print '<tr><td class="tdtop">'.$langs->trans("Note").'</td>';
print '<td class="'.($editenabled ? '' : 'sensiblehtmlcontent').'">';
if ($editenabled)
{
if ($editenabled) {
print "<input type=\"hidden\" name=\"action\" value=\"update\">";
print "<input type=\"hidden\" name=\"id\" value=\"".$object->id."\">";
// Editeur wysiwyg
@ -132,8 +136,7 @@ if ($id)
print dol_get_fiche_end();
if ($action == 'edit')
{
if ($action == 'edit') {
print '<div class="center">';
print '<input type="submit" class="button button-save" name="update" value="'.$langs->trans("Save").'">';
print '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
@ -143,13 +146,12 @@ if ($id)
/*
* Actions
*/
* Actions
*/
print '<div class="tabsAction">';
if ($user->rights->user->user->creer && $action != 'edit')
{
if ($user->rights->user->user->creer && $action != 'edit') {
print "<a class=\"butAction\" href=\"note.php?id=".$object->id."&amp;action=edit\">".$langs->trans('Modify')."</a>";
}

165
htdocs/user/notify/card.php
View File

@ -39,16 +39,24 @@ $action = GETPOST('action', 'aZ09');
$actionid = GETPOST('actionid');
// Security check
if ($user->socid) $id = $user->socid;
if ($user->socid) {
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', '', '');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (!$sortorder) $sortorder = "DESC";
if (!$sortfield) $sortfield = "n.daten";
if (empty($page) || $page == -1) { $page = 0; }
if (!$sortorder) {
$sortorder = "DESC";
}
if (!$sortfield) {
$sortfield = "n.daten";
}
if (empty($page) || $page == -1) {
$page = 0;
}
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
@ -61,29 +69,24 @@ $now = dol_now();
*/
// Add a notification
if ($action == 'add')
{
if ($action == 'add') {
$error = 0;
if ($actionid <= 0)
{
if ($actionid <= 0) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Action")), null, 'errors');
$error++;
}
if (!$error)
{
if (!$error) {
$db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def";
$sql .= " WHERE fk_user=".$id." AND fk_action=".$actionid;
if ($db->query($sql))
{
if ($db->query($sql)) {
$sql = "INSERT INTO ".MAIN_DB_PREFIX."notify_def (datec,fk_user, fk_action)";
$sql .= " VALUES ('".$db->idate($now)."',".$id.",".$actionid.")";
if (!$db->query($sql))
{
if (!$db->query($sql)) {
$error++;
dol_print_error($db);
}
@ -91,8 +94,7 @@ if ($action == 'add')
dol_print_error($db);
}
if (!$error)
{
if (!$error) {
$db->commit();
} else {
$db->rollback();
@ -101,8 +103,7 @@ if ($action == 'add')
}
// Remove a notification
if ($action == 'delete')
{
if ($action == 'delete') {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".GETPOST("actid", "int");
$db->query($sql);
}
@ -120,13 +121,14 @@ $result = $object->fetch($id, '', '', 1);
$object->getrights();
$title = $langs->trans("ThirdParty").' - '.$langs->trans("Notification");
if (!empty($conf->global->MAIN_HTML_TITLE) && preg_match('/thirdpartynameonly/', $conf->global->MAIN_HTML_TITLE) && $object->name) $title = $object->name.' - '.$langs->trans("Notification");
if (!empty($conf->global->MAIN_HTML_TITLE) && preg_match('/thirdpartynameonly/', $conf->global->MAIN_HTML_TITLE) && $object->name) {
$title = $object->name.' - '.$langs->trans("Notification");
}
$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
llxHeader('', $title, $help_url);
if ($result > 0)
{
if ($result > 0) {
$langs->load("other");
$head = user_prepare_head($object);
@ -144,8 +146,7 @@ if ($result > 0)
// Login
print '<tr><td class="titlefield">'.$langs->trans("Login").'</td>';
if (!empty($object->ldap_sid) && $object->statut == 0)
{
if (!empty($object->ldap_sid) && $object->statut == 0) {
print '<td class="error">'.$langs->trans("LoginAccountDisableInDolibarr").'</td>';
} else {
print '<td>'.$object->login.'</td>';
@ -153,16 +154,16 @@ if ($result > 0)
print '</tr>'."\n";
/*print '<tr><td class="titlefield">'.$langs->trans("NbOfActiveNotifications").'</td>'; // Notification for this thirdparty
print '<td colspan="3">';
$nbofrecipientemails=0;
$notify=new Notify($db);
$tmparray = $notify->getNotificationsArray('', 0, null, $object->id, array('user'));
foreach($tmparray as $tmpkey => $tmpval)
{
$nbofrecipientemails++;
}
print $nbofrecipientemails;
print '</td></tr>';*/
print '<td colspan="3">';
$nbofrecipientemails=0;
$notify=new Notify($db);
$tmparray = $notify->getNotificationsArray('', 0, null, $object->id, array('user'));
foreach($tmparray as $tmpkey => $tmpval)
{
$nbofrecipientemails++;
}
print $nbofrecipientemails;
print '</td></tr>';*/
print '</table>';
@ -203,23 +204,20 @@ if ($result > 0)
// $listofemails=$object->thirdparty_and_contact_email_array();
if ($object->email)
{
if ($object->email) {
$actions = array();
// Load array of available notifications
$notificationtrigger = new InterfaceNotification($db);
$listofnotifiedevents = $notificationtrigger->getListOfManagedEvents();
foreach ($listofnotifiedevents as $notifiedevent)
{
$label = ($langs->trans("Notify_".$notifiedevent['code']) != "Notify_".$notifiedevent['code'] ? $langs->trans("Notify_".$notifiedevent['code']) : $notifiedevent['label']);
foreach ($listofnotifiedevents as $notifiedevent) {
$label = ($langs->trans("Notify_".$notifiedevent['code']) != "Notify_".$notifiedevent['code'] ? $langs->trans("Notify_".$notifiedevent['code']) : $notifiedevent['label']);
$actions[$notifiedevent['rowid']] = $label;
}
print '<tr class="oddeven nohover"><td>';
print $object->getNomUrl(1);
if (isValidEmail($object->email))
{
if (isValidEmail($object->email)) {
print ' &lt;'.$object->email.'&gt;';
} else {
$langs->load("errors");
@ -258,8 +256,7 @@ if ($result > 0)
$sql .= " AND c.rowid = ".$object->id;
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
} else {
dol_print_error($db);
@ -280,24 +277,20 @@ if ($result > 0)
$langs->load("errors");
$langs->load("other");
if ($num)
{
if ($num) {
$i = 0;
$userstatic = new user($db);
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($resql);
$userstatic->id = $obj->userid;
$userstatic->lastname = $obj->lastname;
$userstatic->firstname = $obj->firstname;
print '<tr class="oddeven"><td>'.$userstatic->getNomUrl(1);
if ($obj->type == 'email')
{
if (isValidEmail($obj->email))
{
if ($obj->type == 'email') {
if (isValidEmail($obj->email)) {
print ' &lt;'.$obj->email.'&gt;';
} else {
$langs->load("errors");
@ -310,8 +303,12 @@ if ($result > 0)
print img_picto('', 'object_action', '', false, 0, 0, '', 'paddingright').$label;
print '</td>';
print '<td>';
if ($obj->type == 'email') print $langs->trans("Email");
if ($obj->type == 'sms') print $langs->trans("SMS");
if ($obj->type == 'email') {
print $langs->trans("Email");
}
if ($obj->type == 'sms') {
print $langs->trans("SMS");
}
print '</td>';
print '<td class="right"><a href="card.php?id='.$id.'&amp;action=delete&amp;token='.newToken().'&amp;actid='.$obj->rowid.'">'.img_delete().'</a></td>';
print '</tr>';
@ -322,8 +319,8 @@ if ($result > 0)
// List of notifications enabled for fixed email
/*
foreach($conf->global as $key => $val) {
if (! preg_match('/^NOTIFICATION_FIXEDEMAIL_(.*)/', $key, $reg)) continue;
foreach($conf->global as $key => $val) {
if (! preg_match('/^NOTIFICATION_FIXEDEMAIL_(.*)/', $key, $reg)) continue;
print '<tr class="oddeven"><td>';
$listtmp=explode(',',$val);
$first=1;
@ -332,7 +329,7 @@ if ($result > 0)
if (! $first) print ', ';
$first=0;
$valemail=trim($valemail);
//print $keyemail.' - '.$valemail.' - '.$reg[1].'<br>';
//print $keyemail.' - '.$valemail.' - '.$reg[1].'<br>';
if (isValidEmail($valemail, 1))
{
if ($valemail == '__SUPERVISOREMAIL__') print $valemail;
@ -359,14 +356,14 @@ if ($result > 0)
print '</td>';
print '<td class="right">'.$langs->trans("SeeModuleSetup", $langs->transnoentitiesnoconv("Module600Name")).'</td>';
print '</tr>';
}*/
}*/
/*if ($user->admin)
{
$var = ! $var;
{
$var = ! $var;
print '<tr class="oddeven"><td colspan="4">';
print '+ <a href="'.DOL_URL_ROOT.'/admin/notification.php">'.$langs->trans("SeeModuleSetup", $langs->transnoentitiesnoconv("Module600Name")).'</a>';
print '</td></tr>';
}*/
}*/
print '</table>';
@ -387,12 +384,10 @@ if ($result > 0)
// Count total nb of records
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
if (($page * $limit) > $nbtotalofrecords) // if total resultset is smaller then paging size (filtering), goto and load page 0
{
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0
$page = 0;
$offset = 0;
}
@ -401,19 +396,24 @@ if ($result > 0)
$sql .= $db->plimit($limit + 1, $offset);
$resql = $db->query($sql);
if ($resql)
{
if ($resql) {
$num = $db->num_rows($resql);
} else {
dol_print_error($db);
}
$param = '&id='.$object->id;
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.$contextpage;
if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.$limit;
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
$param .= '&contextpage='.$contextpage;
}
if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.$limit;
}
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'" name="formfilter">';
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
@ -434,19 +434,16 @@ if ($result > 0)
print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "n.daten", '', $param, '', $sortfield, $sortorder, 'right ');
print '</tr>';
if ($num)
{
if ($num) {
$i = 0;
$userstatic = new User($db);
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($resql);
print '<tr class="oddeven"><td>';
if ($obj->id > 0)
{
if ($obj->id > 0) {
$userstatic->id = $obj->id;
$userstatic->lastname = $obj->lastname;
$userstatic->firstname = $obj->firstname;
@ -461,18 +458,22 @@ if ($result > 0)
print $label;
print '</td>';
print '<td>';
if ($obj->type == 'email') print $langs->trans("Email");
if ($obj->type == 'sms') print $langs->trans("Sms");
if ($obj->type == 'email') {
print $langs->trans("Email");
}
if ($obj->type == 'sms') {
print $langs->trans("Sms");
}
print '</td>';
// TODO Add link to object here for other types
/*print '<td>';
if ($obj->object_type == 'order')
{
if ($obj->object_type == 'order')
{
$orderstatic->id=$obj->object_id;
$orderstatic->ref=...
print $orderstatic->getNomUrl(1);
}
print '</td>';*/
}
print '</td>';*/
// print
print'<td class="right">'.dol_print_date($db->jdate($obj->daten), 'dayhour').'</td>';
print '</tr>';
@ -486,7 +487,9 @@ if ($result > 0)
print '</table>';
print '</form>';
} else dol_print_error('', 'RecordNotFound');
} else {
dol_print_error('', 'RecordNotFound');
}
// End of page
llxFooter();

113
htdocs/user/param_ihm.php
View File

@ -38,8 +38,7 @@ $id = GETPOST('id', 'int');
$action = GETPOST('action', 'aZ09');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userihm'; // To manage different context of search
if ($id)
{
if ($id) {
// $user est le user qui edite, $id est l'id de l'utilisateur edite
$caneditfield = ((($user->id == $id) && $user->rights->user->self->creer)
|| (($user->id != $id) && $user->rights->user->user->creer));
@ -47,11 +46,15 @@ if ($id)
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
if ($user->id <> $id && !$canreaduser) accessforbidden();
if ($user->id <> $id && !$canreaduser) {
accessforbidden();
}
$dirtop = "../core/menus/standard";
$dirleft = "../core/menus/standard";
@ -81,7 +84,9 @@ $hookmanager->initHooks(array('usercard', 'userihm', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($action == 'update' && ($caneditfield || !empty($user->admin))) {
@ -122,16 +127,20 @@ if (empty($reshook)) {
if ($val == '') {
$tabparam['THEME_ELDY_TOPMENU_BACK1'] = '';
} else {
$tabparam['THEME_ELDY_TOPMENU_BACK1'] = join(',',
colorStringToArray(GETPOST('THEME_ELDY_TOPMENU_BACK1', 'alphanohtml'), array()));
$tabparam['THEME_ELDY_TOPMENU_BACK1'] = join(
',',
colorStringToArray(GETPOST('THEME_ELDY_TOPMENU_BACK1', 'alphanohtml'), array())
);
}
$val = (implode(',', (colorStringToArray(GETPOST('THEME_ELDY_BACKTITLE1', 'alphanohtml'), array()))));
if ($val == '') {
$tabparam['THEME_ELDY_BACKTITLE1'] = '';
} else {
$tabparam['THEME_ELDY_BACKTITLE1'] = join(',',
colorStringToArray(GETPOST('THEME_ELDY_BACKTITLE1', 'alphanohtml'), array()));
$tabparam['THEME_ELDY_BACKTITLE1'] = join(
',',
colorStringToArray(GETPOST('THEME_ELDY_BACKTITLE1', 'alphanohtml'), array())
);
}
if (GETPOST('check_THEME_ELDY_USE_HOVER') == 'on') {
@ -174,21 +183,36 @@ llxHeader();
// List of possible landing pages
$tmparray = array('index.php'=>'Dashboard');
if (!empty($conf->societe->enabled)) $tmparray['societe/index.php?mainmenu=companies&leftmenu='] = 'ThirdPartiesArea';
if (!empty($conf->projet->enabled)) $tmparray['projet/index.php?mainmenu=project&leftmenu='] = 'ProjectsArea';
if (!empty($conf->holiday->enabled) || !empty($conf->expensereport->enabled)) $tmparray['hrm/index.php?mainmenu=hrm&leftmenu='] = 'HRMArea'; // TODO Complete list with first level of menus
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) $tmparray['product/index.php?mainmenu=products&leftmenu='] = 'ProductsAndServicesArea';
if (!empty($conf->propal->enabled) || !empty($conf->commande->enabled) || !empty($conf->ficheinter->enabled) || !empty($conf->contrat->enabled)) $tmparray['comm/index.php?mainmenu=commercial&leftmenu='] = 'CommercialArea';
if (!empty($conf->comptabilite->enabled) || !empty($conf->accounting->enabled)) $tmparray['compta/index.php?mainmenu=compta&leftmenu='] = 'AccountancyTreasuryArea';
if (!empty($conf->adherent->enabled)) $tmparray['adherents/index.php?mainmenu=members&leftmenu='] = 'MembersArea';
if (!empty($conf->agenda->enabled)) $tmparray['comm/action/index.php?mainmenu=agenda&leftmenu='] = 'Agenda';
if (!empty($conf->societe->enabled)) {
$tmparray['societe/index.php?mainmenu=companies&leftmenu='] = 'ThirdPartiesArea';
}
if (!empty($conf->projet->enabled)) {
$tmparray['projet/index.php?mainmenu=project&leftmenu='] = 'ProjectsArea';
}
if (!empty($conf->holiday->enabled) || !empty($conf->expensereport->enabled)) {
$tmparray['hrm/index.php?mainmenu=hrm&leftmenu='] = 'HRMArea'; // TODO Complete list with first level of menus
}
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
$tmparray['product/index.php?mainmenu=products&leftmenu='] = 'ProductsAndServicesArea';
}
if (!empty($conf->propal->enabled) || !empty($conf->commande->enabled) || !empty($conf->ficheinter->enabled) || !empty($conf->contrat->enabled)) {
$tmparray['comm/index.php?mainmenu=commercial&leftmenu='] = 'CommercialArea';
}
if (!empty($conf->comptabilite->enabled) || !empty($conf->accounting->enabled)) {
$tmparray['compta/index.php?mainmenu=compta&leftmenu='] = 'AccountancyTreasuryArea';
}
if (!empty($conf->adherent->enabled)) {
$tmparray['adherents/index.php?mainmenu=members&leftmenu='] = 'MembersArea';
}
if (!empty($conf->agenda->enabled)) {
$tmparray['comm/action/index.php?mainmenu=agenda&leftmenu='] = 'Agenda';
}
$head = user_prepare_head($object);
$title = $langs->trans("User");
if ($action == 'edit')
{
if ($action == 'edit') {
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="update">';
@ -196,8 +220,7 @@ if ($action == 'edit')
}
if ($action == 'edit')
{
if ($action == 'edit') {
print dol_get_fiche_head($head, 'guisetup', $title, -1, 'user');
$linkback = '';
@ -208,22 +231,20 @@ if ($action == 'edit')
dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin);
if (!empty($conf->use_javascript_ajax))
{/*
print '<script type="text/javascript" language="javascript">
jQuery(document).ready(function() {
$("#main_lang_default").change(function() {
$("#check_MAIN_LANG_DEFAULT").prop("checked", true);
});
$("#main_size_liste_limit").keyup(function() {
if ($(this).val().length) $("#check_SIZE_LISTE_LIMIT").prop("checked", true);
else $("#check_SIZE_LISTE_LIMIT").prop("checked", false);
});
});
</script>';*/
if (!empty($conf->use_javascript_ajax)) {/*
print '<script type="text/javascript" language="javascript">
jQuery(document).ready(function() {
$("#main_lang_default").change(function() {
$("#check_MAIN_LANG_DEFAULT").prop("checked", true);
});
$("#main_size_liste_limit").keyup(function() {
if ($(this).val().length) $("#check_SIZE_LISTE_LIMIT").prop("checked", true);
else $("#check_SIZE_LISTE_LIMIT").prop("checked", false);
});
});
</script>';*/
}
if (!empty($conf->use_javascript_ajax))
{
if (!empty($conf->use_javascript_ajax)) {
print '<script type="text/javascript" language="javascript">
jQuery(document).ready(function() {
function init_myfunc()
@ -357,10 +378,11 @@ if ($action == 'edit')
print empty($dolibarr_main_demo) ? '' : ' disabled="disabled"'; // Disabled for demo
print '> '.$langs->trans("UsePersonalValue").'</td>';
print '<td>';
if (!empty($tmparray[$object->conf->MAIN_LANDING_PAGE]))
{
if (!empty($tmparray[$object->conf->MAIN_LANDING_PAGE])) {
print $langs->trans($tmparray[$object->conf->MAIN_LANDING_PAGE]);
} else print $object->conf->MAIN_LANDING_PAGE;
} else {
print $object->conf->MAIN_LANDING_PAGE;
}
//print $form->selectarray('MAIN_LANDING_PAGE', $tmparray, (! empty($object->conf->MAIN_LANDING_PAGE)?$object->conf->MAIN_LANDING_PAGE:''), 0, 0, 0, '', 1);
print '</td></tr>';
@ -371,7 +393,9 @@ if ($action == 'edit')
print '<td class="nowrap" width="20%"><input class="oddeven" type="checkbox" disabled '.(!empty($object->conf->AGENDA_DEFAULT_VIEW) ? " checked" : "").'> '.$langs->trans("UsePersonalValue").'</td>';
print '<td>'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
if (!empty($object->conf->AGENDA_DEFAULT_VIEW)) print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $object->conf->AGENDA_DEFAULT_VIEW, 0, 0, 0, '', 0, 0, 1);
if (!empty($object->conf->AGENDA_DEFAULT_VIEW)) {
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $object->conf->AGENDA_DEFAULT_VIEW, 0, 0, 0, '', 0, 0, 1);
}
print '</td></tr>'."\n";
// Max size for lists
@ -390,12 +414,10 @@ if ($action == 'edit')
print '<div class="tabsAction">';
if (empty($user->admin) && !empty($dolibarr_main_demo))
{
if (empty($user->admin) && !empty($dolibarr_main_demo)) {
print "<a class=\"butActionRefused classfortooltip\" title=\"".$langs->trans("FeatureDisabledInDemo")."\" href=\"#\">".$langs->trans("Modify")."</a>";
} else {
if ($caneditfield || !empty($user->admin)) // Si utilisateur edite = utilisateur courant (pas besoin de droits particulier car il s'agit d'une page de modif d'output et non de données) ou si admin
{
if ($caneditfield || !empty($user->admin)) { // Si utilisateur edite = utilisateur courant (pas besoin de droits particulier car il s'agit d'une page de modif d'output et non de données) ou si admin
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&amp;id='.$object->id.'">'.$langs->trans("Modify").'</a>';
} else {
print "<a class=\"butActionRefused classfortooltip\" title=\"".$langs->trans("NotEnoughPermissions")."\" href=\"#\">".$langs->trans("Modify")."</a>";
@ -405,8 +427,7 @@ if ($action == 'edit')
print '</div>';
}
if ($action == 'edit')
{
if ($action == 'edit') {
print '</form>';
}

224
htdocs/user/passwordforgotten.php
View File

@ -29,21 +29,24 @@ require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
if (!empty($conf->ldap->enabled)) require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
if (!empty($conf->ldap->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
}
// Load translation files required by page
$langs->loadLangs(array('errors', 'users', 'companies', 'ldap', 'other'));
// Security check
if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK))
{
if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
header("Location: ".DOL_URL_ROOT.'/');
exit;
}
$action = GETPOST('action', 'aZ09');
$mode = $dolibarr_main_authentication;
if (!$mode) $mode = 'http';
if (!$mode) {
$mode = 'http';
}
$username = GETPOST('username', 'alphanohtml');
$passwordhash = GETPOST('passwordhash', 'alpha');
@ -53,11 +56,21 @@ $conf->entity = (GETPOST('entity', 'int') ? GETPOST('entity', 'int') : 1);
$hookmanager->initHooks(array('passwordforgottenpage'));
if (GETPOST('dol_hide_leftmenu', 'alpha') || !empty($_SESSION['dol_hide_leftmenu'])) $conf->dol_hide_leftmenu = 1;
if (GETPOST('dol_hide_topmenu', 'alpha') || !empty($_SESSION['dol_hide_topmenu'])) $conf->dol_hide_topmenu = 1;
if (GETPOST('dol_optimize_smallscreen', 'alpha') || !empty($_SESSION['dol_optimize_smallscreen'])) $conf->dol_optimize_smallscreen = 1;
if (GETPOST('dol_no_mouse_hover', 'alpha') || !empty($_SESSION['dol_no_mouse_hover'])) $conf->dol_no_mouse_hover = 1;
if (GETPOST('dol_use_jmobile', 'alpha') || !empty($_SESSION['dol_use_jmobile'])) $conf->dol_use_jmobile = 1;
if (GETPOST('dol_hide_leftmenu', 'alpha') || !empty($_SESSION['dol_hide_leftmenu'])) {
$conf->dol_hide_leftmenu = 1;
}
if (GETPOST('dol_hide_topmenu', 'alpha') || !empty($_SESSION['dol_hide_topmenu'])) {
$conf->dol_hide_topmenu = 1;
}
if (GETPOST('dol_optimize_smallscreen', 'alpha') || !empty($_SESSION['dol_optimize_smallscreen'])) {
$conf->dol_optimize_smallscreen = 1;
}
if (GETPOST('dol_no_mouse_hover', 'alpha') || !empty($_SESSION['dol_no_mouse_hover'])) {
$conf->dol_no_mouse_hover = 1;
}
if (GETPOST('dol_use_jmobile', 'alpha') || !empty($_SESSION['dol_use_jmobile'])) {
$conf->dol_use_jmobile = 1;
}
/**
@ -67,96 +80,86 @@ if (GETPOST('dol_use_jmobile', 'alpha') || !empty($_SESSION['dol_use_jmobile']))
$parameters = array('username' => $username);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) {
$message = $hookmanager->error;
$message = $hookmanager->error;
}
if (empty($reshook)) {
// Validate new password
if ($action == 'validatenewpassword' && $username && $passwordhash)
{
$edituser = new User($db);
$result = $edituser->fetch('', $_GET["username"]);
if ($result < 0)
{
$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorLoginDoesNotExists", $username)).'</div>';
} else {
if (dol_verifyHash($edituser->pass_temp, $passwordhash))
{
// Clear session
unset($_SESSION['dol_login']);
$_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
// Validate new password
if ($action == 'validatenewpassword' && $username && $passwordhash) {
$edituser = new User($db);
$result = $edituser->fetch('', $_GET["username"]);
if ($result < 0) {
$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorLoginDoesNotExists", $username)).'</div>';
} else {
if (dol_verifyHash($edituser->pass_temp, $passwordhash)) {
// Clear session
unset($_SESSION['dol_login']);
$_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
$newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
header("Location: ".DOL_URL_ROOT.'/');
exit;
} else {
$langs->load("errors");
$message = '<div class="error">'.$langs->trans("ErrorFailedToValidatePasswordReset").'</div>';
}
}
}
// Action modif mot de passe
if ($action == 'buildnewpassword' && $username)
{
$sessionkey = 'dol_antispam_value';
$ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
$newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
header("Location: ".DOL_URL_ROOT.'/');
exit;
} else {
$langs->load("errors");
$message = '<div class="error">'.$langs->trans("ErrorFailedToValidatePasswordReset").'</div>';
}
}
}
// Action modif mot de passe
if ($action == 'buildnewpassword' && $username) {
$sessionkey = 'dol_antispam_value';
$ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
// Verify code
if (!$ok)
{
$message = '<div class="error">'.$langs->trans("ErrorBadValueForCode").'</div>';
} else {
$isanemail = preg_match('/@/', $username);
// Verify code
if (!$ok) {
$message = '<div class="error">'.$langs->trans("ErrorBadValueForCode").'</div>';
} else {
$isanemail = preg_match('/@/', $username);
$edituser = new User($db);
$result = $edituser->fetch('', $username, '', 1);
if ($result == 0 && $isanemail)
{
$result = $edituser->fetch('', '', '', 1, -1, $username);
}
$edituser = new User($db);
$result = $edituser->fetch('', $username, '', 1);
if ($result == 0 && $isanemail) {
$result = $edituser->fetch('', '', '', 1, -1, $username);
}
if ($result <= 0 && $edituser->error == 'USERNOTFOUND')
{
$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
if (!$isanemail) {
$message .= $langs->trans("IfLoginExistPasswordRequestSent");
} else {
$message .= $langs->trans("IfEmailExistPasswordRequestSent");
}
$message .= '</div>';
$username = '';
} else {
if (!$edituser->email)
{
$message = '<div class="error">'.$langs->trans("ErrorLoginHasNoEmail").'</div>';
} else {
$newpassword = $edituser->setPassword($user, '', 1);
if ($newpassword < 0)
{
// Failed
$message = '<div class="error">'.$langs->trans("ErrorFailedToChangePassword").'</div>';
} else {
// Success
if ($edituser->send_password($user, $newpassword, 1) > 0)
{
$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
if (!$isanemail) {
$message .= $langs->trans("IfLoginExistPasswordRequestSent");
} else {
$message .= $langs->trans("IfEmailExistPasswordRequestSent");
}
//$message .= $langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email));
$message .= '</div>';
$username = '';
} else {
$message .= '<div class="error">'.$edituser->error.'</div>';
}
}
}
}
}
}
if ($result <= 0 && $edituser->error == 'USERNOTFOUND') {
$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
if (!$isanemail) {
$message .= $langs->trans("IfLoginExistPasswordRequestSent");
} else {
$message .= $langs->trans("IfEmailExistPasswordRequestSent");
}
$message .= '</div>';
$username = '';
} else {
if (!$edituser->email) {
$message = '<div class="error">'.$langs->trans("ErrorLoginHasNoEmail").'</div>';
} else {
$newpassword = $edituser->setPassword($user, '', 1);
if ($newpassword < 0) {
// Failed
$message = '<div class="error">'.$langs->trans("ErrorFailedToChangePassword").'</div>';
} else {
// Success
if ($edituser->send_password($user, $newpassword, 1) > 0) {
$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
if (!$isanemail) {
$message .= $langs->trans("IfLoginExistPasswordRequestSent");
} else {
$message .= $langs->trans("IfEmailExistPasswordRequestSent");
}
//$message .= $langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email));
$message .= '</div>';
$username = '';
} else {
$message .= '<div class="error">'.$edituser->error.'</div>';
}
}
}
}
}
}
}
@ -168,46 +171,49 @@ $dol_url_root = DOL_URL_ROOT;
// Title
$title = 'Dolibarr '.DOL_VERSION;
if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $title = $conf->global->MAIN_APPLICATION_TITLE;
if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
$title = $conf->global->MAIN_APPLICATION_TITLE;
}
// Select templates
if (file_exists(DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/passwordforgotten.tpl.php"))
{
if (file_exists(DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/passwordforgotten.tpl.php")) {
$template_dir = DOL_DOCUMENT_ROOT."/theme/".$conf->theme."/tpl/";
} else {
$template_dir = DOL_DOCUMENT_ROOT."/core/tpl/";
}
if (!$username) $focus_element = 'username';
else $focus_element = 'password';
if (!$username) {
$focus_element = 'username';
} else {
$focus_element = 'password';
}
// Send password button enabled ?
$disabled = 'disabled';
if (preg_match('/dolibarr/i', $mode)) $disabled = '';
if (!empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) $disabled = ''; // To force button enabled
if (preg_match('/dolibarr/i', $mode)) {
$disabled = '';
}
if (!empty($conf->global->MAIN_SECURITY_ENABLE_SENDPASSWORD)) {
$disabled = ''; // To force button enabled
}
// Show logo (search in order: small company logo, large company logo, theme logo, common logo)
$width = 0;
$rowspan = 2;
$urllogo = DOL_URL_ROOT.'/theme/common/login_logo.png';
if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small))
{
if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small)) {
$urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/thumbs/'.$mysoc->logo_small);
} elseif (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo))
{
} elseif (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo)) {
$urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/'.$mysoc->logo);
$width = 128;
} elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.svg'))
{
} elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.svg')) {
$urllogo = DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/dolibarr_logo.svg';
} elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.svg'))
{
} elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.svg')) {
$urllogo = DOL_URL_ROOT.'/theme/dolibarr_logo.svg';
}
// Security graphical code
if (function_exists("imagecreatefrompng") && !$disabled)
{
if (function_exists("imagecreatefrompng") && !$disabled) {
$captcha = 1;
$captcha_refresh = img_picto($langs->trans("Refresh"), 'refresh', 'id="captcha_refresh_img"');
}

167
htdocs/user/perms.php
View File

@ -26,7 +26,9 @@
* \brief Page to set permission of a user record
*/
if (!defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
if (!defined('CSRFCHECK_WITH_TOKEN')) {
define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
}
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
@ -43,15 +45,16 @@ $module = GETPOST('module', 'alpha');
$rights = GETPOST('rights', 'int');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userperms'; // To manage different context of search
if (!isset($id) || empty($id)) accessforbidden();
if (!isset($id) || empty($id)) {
accessforbidden();
}
// Define if user can read permissions
$canreaduser = ($user->admin || $user->rights->user->user->lire);
// Define if user can modify other users and permissions
$caneditperms = ($user->admin || $user->rights->user->user->creer);
// Advanced permissions
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreaduser = ($user->admin || ($user->rights->user->user->lire && $user->rights->user->user_advance->readperms));
$caneditselfperms = ($user->id == $id && $user->rights->user->self_advance->writeperms);
$caneditperms = (($caneditperms || $caneditselfperms) ? 1 : 0);
@ -59,16 +62,19 @@ if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))
// Security check
$socid = 0;
if (isset($user->socid) && $user->socid > 0) $socid = $user->socid;
if (isset($user->socid) && $user->socid > 0) {
$socid = $user->socid;
}
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
// A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin
if ($user->id == $id && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms) && empty($user->admin)))
{
if ($user->id == $id && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms) && empty($user->admin))) {
accessforbidden();
}
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
if ($user->id <> $id && !$canreaduser) accessforbidden();
if ($user->id <> $id && !$canreaduser) {
accessforbidden();
}
$object = new User($db);
$object->fetch($id, '', '', 1);
@ -86,15 +92,16 @@ $hookmanager->initHooks(array('usercard', 'userperms', 'globalcard'));
$parameters = array('id'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if (empty($reshook)) {
if ($action == 'addrights' && $caneditperms && $confirm == 'yes') {
$edituser = new User($db);
$edituser->fetch($object->id);
$result = $edituser->addrights($rights, $module, '', $entity);
if ($result < 0)
{
if ($result < 0) {
setEventMessages($edituser->error, $edituser->errors, 'errors');
}
@ -113,8 +120,7 @@ if (empty($reshook)) {
$edituser = new User($db);
$edituser->fetch($object->id);
$result = $edituser->delrights($rights, $module, '', $entity);
if ($result < 0)
{
if ($result < 0) {
setEventMessages($edituser->error, $edituser->errors, 'errors');
}
@ -151,33 +157,25 @@ $db->begin();
$modules = array();
$modulesdir = dolGetModulesDirs();
foreach ($modulesdir as $dir)
{
foreach ($modulesdir as $dir) {
$handle = @opendir(dol_osencode($dir));
if (is_resource($handle))
{
while (($file = readdir($handle)) !== false)
{
if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php')
{
if (is_resource($handle)) {
while (($file = readdir($handle)) !== false) {
if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php') {
$modName = substr($file, 0, dol_strlen($file) - 10);
if ($modName)
{
if ($modName) {
include_once $dir.$file;
$objMod = new $modName($db);
// Load all lang files of module
if (isset($objMod->langfiles) && is_array($objMod->langfiles))
{
foreach ($objMod->langfiles as $domain)
{
if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
foreach ($objMod->langfiles as $domain) {
$langs->load($domain);
}
}
// Load all permissions
if ($objMod->rights_class)
{
if ($objMod->rights_class) {
$ret = $objMod->insert_permissions(0, $entity);
$modules[$objMod->rights_class] = $objMod;
//print "modules[".$objMod->rights_class."]=$objMod;";
@ -200,12 +198,10 @@ $sql .= " AND ur.fk_user = ".$object->id;
dol_syslog("get user perms", LOG_DEBUG);
$result = $db->query($sql);
if ($result)
{
if ($result) {
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($result);
array_push($permsuser, $obj->fk_id);
$i++;
@ -227,15 +223,14 @@ $sql .= " AND gu.fk_user = ".$object->id;
dol_syslog("get user perms", LOG_DEBUG);
$result = $db->query($sql);
if ($result)
{
if ($result) {
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($result);
if (!isset($permsgroupbyentity[$obj->entity]))
if (!isset($permsgroupbyentity[$obj->entity])) {
$permsgroupbyentity[$obj->entity] = array();
}
array_push($permsgroupbyentity[$obj->entity], $obj->fk_id);
$i++;
}
@ -260,13 +255,19 @@ dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $use
print '<div class="underbanner clearboth"></div>';
if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"));
if ($user->admin) {
print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"));
}
// Show warning about external users
if (empty($user->socid)) print info_admin(showModulesExludedForExternal($modules))."\n";
if (empty($user->socid)) {
print info_admin(showModulesExludedForExternal($modules))."\n";
}
$parameters = array('permsgroupbyentity'=>$permsgroupbyentity);
$reshook = $hookmanager->executeHooks('insertExtraHeader', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
print "\n";
@ -275,10 +276,8 @@ print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Module").'</td>';
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin))
{
if ($caneditperms)
{
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) {
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module=allmodules&amp;confirm=yes&amp;token='.newToken().'">'.$langs->trans("All")."</a>";
print ' / ';
@ -288,7 +287,9 @@ if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->ad
print '<td class="center" width="24">&nbsp;</td>';
}
print '<td>'.$langs->trans("Permissions").'</td>';
if ($user->admin) print '<td class="right">'.$langs->trans("ID").'</td>';
if ($user->admin) {
print '<td class="right">'.$langs->trans("ID").'</td>';
}
print '</tr>'."\n";
//print "xx".$conf->global->MAIN_USE_ADVANCED_PERMS;
@ -296,32 +297,29 @@ $sql = "SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql .= " AND r.entity = ".$entity;
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is not enabled
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is not enabled
}
$sql .= " ORDER BY r.family_position, r.module_position, r.module, r.id";
$result = $db->query($sql);
if ($result)
{
if ($result) {
$num = $db->num_rows($result);
$i = 0;
$oldmod = '';
while ($i < $num)
{
while ($i < $num) {
$obj = $db->fetch_object($result);
// If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it
if (empty($modules[$obj->module]))
{
if (empty($modules[$obj->module])) {
$i++;
continue;
}
// Save field module_position in database if value is still zero
if (empty($obj->module_position))
{
if (is_object($modules[$obj->module]) && ($modules[$obj->module]->module_position > 0))
{
if (empty($obj->module_position)) {
if (is_object($modules[$obj->module]) && ($modules[$obj->module]->module_position > 0)) {
// TODO Define familyposition
$family = $modules[$obj->module]->family_position;
$familyposition = 0;
@ -332,8 +330,7 @@ if ($result)
}
}
if (isset($obj->module) && ($oldmod <> $obj->module))
{
if (isset($obj->module) && ($oldmod <> $obj->module)) {
$oldmod = $obj->module;
// Break detected, we get objMod
@ -346,10 +343,8 @@ if ($result)
print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();
print '<a name="'.$objMod->getName().'"></a>';
print '</td>';
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin))
{
if ($caneditperms)
{
if (($caneditperms && empty($objMod->rights_admin_allowed)) || empty($object->admin)) {
if ($caneditperms) {
print '<td class="center nowrap">';
print '<a class="reposition" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module='.$obj->module.'&amp;confirm=yes&amp;token='.newToken().'">'.$langs->trans("All")."</a>";
print ' / ';
@ -358,8 +353,7 @@ if ($result)
}
print '<td>&nbsp;</td>';
} else {
if ($caneditperms)
{
if ($caneditperms) {
print '<td>&nbsp;</td>';
}
print '<td>&nbsp;</td>';
@ -367,7 +361,9 @@ if ($result)
print '<td>&nbsp;</td>';
// Permission id
if ($user->admin) print '<td class="right"></td>';
if ($user->admin) {
print '<td class="right"></td>';
}
print '</tr>'."\n";
}
@ -381,19 +377,15 @@ if ($result)
print '</td>';
// Permission and tick
if (!empty($object->admin) && !empty($objMod->rights_admin_allowed)) // Permission granted because admin
{
if ($caneditperms)
{
if (!empty($object->admin) && !empty($objMod->rights_admin_allowed)) { // Permission granted because admin
if ($caneditperms) {
print '<td class="center">'.img_picto($langs->trans("Administrator"), 'star').'</td>';
}
print '<td class="center nowrap">';
print img_picto($langs->trans("Active"), 'tick');
print '</td>';
} elseif (in_array($obj->id, $permsuser)) // Permission granted by user
{
if ($caneditperms)
{
} elseif (in_array($obj->id, $permsuser)) { // Permission granted by user
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'&amp;confirm=yes&amp;token='.newToken().'">';
//print img_edit_remove($langs->trans("Remove"));
print img_picto($langs->trans("Remove"), 'switch_on');
@ -402,12 +394,9 @@ if ($result)
print '<td class="center nowrap">';
print img_picto($langs->trans("Active"), 'tick');
print '</td>';
} elseif (is_array($permsgroupbyentity[$entity]))
{
if (in_array($obj->id, $permsgroupbyentity[$entity])) // Permission granted by group
{
if ($caneditperms)
{
} elseif (is_array($permsgroupbyentity[$entity])) {
if (in_array($obj->id, $permsgroupbyentity[$entity])) { // Permission granted by group
if ($caneditperms) {
print '<td class="center">';
print $form->textwithtooltip($langs->trans("Inherited"), $langs->trans("PermissionInheritedFromAGroup"));
print '</td>';
@ -417,8 +406,7 @@ if ($result)
print '</td>';
} else {
// Do not own permission
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'&amp;confirm=yes&amp;token='.newToken().'">';
//print img_edit_add($langs->trans("Add"));
print img_picto($langs->trans("Add"), 'switch_off');
@ -428,8 +416,7 @@ if ($result)
}
} else {
// Do not own permission
if ($caneditperms)
{
if ($caneditperms) {
print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'&amp;confirm=yes&amp;token='.newToken().'">';
//print img_edit_add($langs->trans("Add"));
print img_picto($langs->trans("Add"), 'switch_off');
@ -450,19 +437,25 @@ if ($result)
print '</td>';
// Permission id
if ($user->admin) print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>';
if ($user->admin) {
print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>';
}
print '</tr>'."\n";
$i++;
}
} else dol_print_error($db);
} else {
dol_print_error($db);
}
print '</table>';
print '</div>';
$parameters = array();
$reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
print dol_get_fiche_end();

53
htdocs/user/vcard.php
View File

@ -36,14 +36,15 @@ $id = GETPOST('id', 'int');
// Security check
$socid = 0;
if ($user->socid > 0) $socid = $user->socid;
if ($user->socid > 0) {
$socid = $user->socid;
}
$feature2 = 'user';
$result = restrictedArea($user, 'user', $id, 'user', $feature2);
$result = $user2->fetch($id);
if ($result <= 0)
{
if ($result <= 0) {
dol_print_error($user2->error);
exit;
}
@ -51,8 +52,7 @@ if ($result <= 0)
$physicalperson = 1;
$company = new Societe($db);
if ($user2->socid)
{
if ($user2->socid) {
$result = $company->fetch($user2->socid);
}
@ -79,33 +79,32 @@ $v->setNote($user2->note);
$v->setTitle($user2->poste);
// Data from linked company
if ($company->id)
{
if ($company->id) {
$v->setURL($company->url, "TYPE=WORK");
if (!$user2->phone_pro) $v->setPhoneNumber($company->phone, "TYPE=WORK;VOICE");
if (!$user2->fax) $v->setPhoneNumber($company->fax, "TYPE=WORK;FAX");
if (!$user2->zip) $v->setAddress("", "", $company->address, $company->town, $company->state, $company->zip, $company->country, "TYPE=WORK;POSTAL");
if (!$user2->phone_pro) {
$v->setPhoneNumber($company->phone, "TYPE=WORK;VOICE");
}
if (!$user2->fax) {
$v->setPhoneNumber($company->fax, "TYPE=WORK;FAX");
}
if (!$user2->zip) {
$v->setAddress("", "", $company->address, $company->town, $company->state, $company->zip, $company->country, "TYPE=WORK;POSTAL");
}
// when company e-mail is empty, use only user e-mail
if (empty(trim($company->email)))
{
if (empty(trim($company->email))) {
// was set before, don't set twice
}
// when user e-mail is empty, use only company e-mail
elseif (empty(trim($user2->email)))
{
} elseif (empty(trim($user2->email))) {
// when user e-mail is empty, use only company e-mail
$v->setEmail($company->email);
}
// when e-mail domain of user and company are the same, use user e-mail at first (and company e-mail at second)
elseif (strtolower(end(explode("@", $user2->email))) == strtolower(end(explode("@", $company->email))))
{
} elseif (strtolower(end(explode("@", $user2->email))) == strtolower(end(explode("@", $company->email)))) {
// when e-mail domain of user and company are the same, use user e-mail at first (and company e-mail at second)
$v->setEmail($user2->email);
// support by Microsoft Outlook (2019 and possible earlier)
$v->setEmail($company->email, 'INTERNET');
}
// when e-mail of user and company complete different use company e-mail at first (and user e-mail at second)
else {
} else {
// when e-mail of user and company complete different use company e-mail at first (and user e-mail at second)
$v->setEmail($company->email);
// support by Microsoft Outlook (2019 and possible earlier)
@ -113,12 +112,16 @@ if ($company->id)
}
// Si user lie a un tiers non de type "particulier"
if ($user2->typent_code != 'TE_PRIVATE') $v->setOrg($company->name);
if ($user2->typent_code != 'TE_PRIVATE') {
$v->setOrg($company->name);
}
}
// Personal informations
$v->setPhoneNumber($user2->phone_perso, "TYPE=HOME;VOICE");
if ($user2->birth) $v->setBirthday($user2->birth);
if ($user2->birth) {
$v->setBirthday($user2->birth);
}
$db->close();