bugfix
This commit is contained in:
Regis Houssin
parent
5e5ccc8f06
commit
bd272c7bd2
@ -40,7 +40,7 @@ $langs->load("companies");
|
||||
if ($user->societe_id > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socidp = $user->societe_id;
|
||||
}
|
||||
|
||||
|
||||
@ -67,9 +67,9 @@ llxHeader();
|
||||
$sql = "SELECT s.nom as societe, s.idp as socidp, s.client,";
|
||||
$sql.= " a.id,".$db->pdate("a.datea")." as da, a.fk_contact, a.note, a.percent as percent,";
|
||||
$sql.= " c.code as acode, c.libelle, u.code, u.rowid as userid";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."user as u";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE a.fk_soc = s.idp AND c.id=a.fk_action AND a.fk_user_author = u.rowid";
|
||||
if ($_GET["type"])
|
||||
{
|
||||
@ -79,11 +79,11 @@ if ($_GET["time"] == "today")
|
||||
{
|
||||
$sql .= " AND date_format(a.datea, '%d%m%Y') = ".strftime("%d%m%Y",time());
|
||||
}
|
||||
if ($socid)
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socid";
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -100,10 +100,10 @@ if ($resql)
|
||||
if ($status == 'done') $title="DoneActions";
|
||||
if ($status == 'todo') $title="ToDoActions";
|
||||
|
||||
if ($socid)
|
||||
if ($socidp)
|
||||
{
|
||||
$societe = new Societe($db);
|
||||
$societe->fetch($socid);
|
||||
$societe->fetch($socidp);
|
||||
|
||||
print_barre_liste($langs->trans($title."For",$societe->nom), $page, "index.php",'',$sortfield,$sortorder,'',$num);
|
||||
}
|
||||
|
||||
@ -129,12 +129,15 @@ if ($conf->contrat->enabled)
|
||||
if ($conf->propal->enabled && $user->rights->propale->lire)
|
||||
{
|
||||
$sql = "SELECT p.rowid, p.ref, p.price, s.idp, s.nom";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp";
|
||||
$sql.= " AND s.idp = ".$socidp;
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
|
||||
$resql=$db->query($sql);
|
||||
if ($resql)
|
||||
@ -177,11 +180,11 @@ if ($conf->commande->enabled)
|
||||
{
|
||||
$langs->load("orders");
|
||||
$sql = "SELECT c.rowid, c.ref, c.total_ttc, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.idp AND c.fk_statut = 0";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND c.fk_soc = $socidp";
|
||||
@ -273,11 +276,11 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
|
||||
*/
|
||||
|
||||
$sql = "SELECT a.id, a.label, ".$db->pdate("a.datea")." as da, c.code, c.libelle, a.fk_user_author, s.nom as sname, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.id=a.fk_action AND a.percent < 100 AND s.idp = a.fk_soc";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
@ -356,15 +359,15 @@ else
|
||||
if ($user->rights->societe->lire)
|
||||
{
|
||||
$sql = "SELECT s.idp,s.nom,".$db->pdate("datec")." as datec";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE s.client = 1";
|
||||
if ($user->societe_id > 0)
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $user->societe_id";
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -409,15 +412,15 @@ if ($user->rights->societe->lire)
|
||||
*/
|
||||
|
||||
$sql = "SELECT a.id, ".$db->pdate("a.datea")." as da, c.code, c.libelle, a.fk_user_author, s.nom as sname, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.id=a.fk_action AND a.percent >= 100 AND s.idp = a.fk_soc";
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -471,15 +474,15 @@ if ($conf->contrat->enabled && 0) // \todo A REFAIRE DEPUIS NOUVEAU CONTRAT
|
||||
$langs->load("contracts");
|
||||
|
||||
$sql = "SELECT s.nom, s.idp, c.statut, c.rowid, p.ref, c.mise_en_service as datemes, c.fin_validite as datefin, c.date_cloture as dateclo";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."product as p";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.fk_soc = s.idp and c.fk_product = p.rowid";
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -524,12 +527,12 @@ if ($conf->contrat->enabled && 0) // \todo A REFAIRE DEPUIS NOUVEAU CONTRAT
|
||||
if ($conf->propal->enabled && $user->rights->propale->lire)
|
||||
{
|
||||
$sql = "SELECT s.nom, s.idp, p.rowid as propalid, p.price, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE p.fk_soc = s.idp AND p.fk_statut = 1";
|
||||
if ($socidp) $sql .= " AND s.idp = $socidp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql .= " ORDER BY p.rowid DESC";
|
||||
|
||||
$result=$db->query($sql);
|
||||
@ -579,15 +582,15 @@ if ($conf->propal->enabled && $user->rights->propale->lire) {
|
||||
$NBMAX=5;
|
||||
|
||||
$sql = "SELECT s.nom, s.idp, p.rowid as propalid, p.price, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE p.fk_soc = s.idp AND p.fk_statut > 1";
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql .= " ORDER BY p.rowid DESC";
|
||||
$sql .= $db->plimit($NBMAX, 0);
|
||||
|
||||
|
||||
@ -1235,13 +1235,13 @@ else
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sql = 'SELECT s.nom, s.idp, s.client, p.rowid as propalid, p.price, p.ref, p.fk_statut, '.$db->pdate('p.datep').' as dp,'.$db->pdate('p.fin_validite').' as dfv';
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'propal as p';
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'propaldet as pd ON p.rowid=pd.fk_propal';
|
||||
$sql.= ' WHERE p.fk_soc = s.idp';
|
||||
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
|
||||
@ -70,12 +70,12 @@ print "</form></table><br>\n";
|
||||
* Commandes à valider
|
||||
*/
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 0";
|
||||
if ($socidp) $sql .= " AND c.fk_soc = ".$socidp;
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
|
||||
if ( $db->query($sql) )
|
||||
{
|
||||
@ -104,12 +104,12 @@ if ( $db->query($sql) )
|
||||
* Commandes à traiter
|
||||
*/
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .=" FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 1";
|
||||
if ($socidp) $sql .= " AND c.fk_soc = ".$socidp;
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql .= " ORDER BY c.rowid DESC";
|
||||
|
||||
if ( $db->query($sql) )
|
||||
@ -144,12 +144,12 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
|
||||
* Commandes en cours
|
||||
*/
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 2 ";
|
||||
if ($socidp) $sql .= " AND c.fk_soc = ".$socidp;
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql .= " ORDER BY c.rowid DESC";
|
||||
|
||||
if ( $db->query($sql) )
|
||||
@ -183,12 +183,12 @@ $max=5;
|
||||
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp,";
|
||||
$sql.= " ".$db->pdate("date_cloture")." as datec";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.idp and c.fk_statut > 2";
|
||||
if ($socidp) $sql .= " AND c.fk_soc = ".$socidp;
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql.= " ORDER BY c.tms DESC";
|
||||
$sql.= $db->plimit($max, 0);
|
||||
|
||||
|
||||
@ -63,11 +63,11 @@ $limit = $conf->liste_limit;
|
||||
$offset = $limit * $_GET['page'] ;
|
||||
|
||||
$sql = 'SELECT s.nom, s.idp, c.rowid, c.ref, c.total_ht,'.$db->pdate('c.date_commande').' as date_commande, c.fk_statut';
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande as c';
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= ' WHERE c.fk_soc = s.idp';
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ $langs->load("suppliers");
|
||||
if ($user->societe_id > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socidp = $user->societe_id;
|
||||
}
|
||||
|
||||
|
||||
@ -91,9 +91,9 @@ llxHeader();
|
||||
|
||||
|
||||
$sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
$sql .= "FROM ".MAIN_DB_PREFIX."socpeople as p";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.idp = p.fk_soc ";
|
||||
$sql .= "WHERE 1=1 ";
|
||||
|
||||
@ -101,7 +101,7 @@ if ($_GET["userid"]) // statut commercial
|
||||
{
|
||||
$sql .= " AND p.fk_user=".$_GET["userid"];
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -133,9 +133,9 @@ if ($sall)
|
||||
{
|
||||
$sql .= " AND (p.name like '%".addslashes($sall)."%' OR p.firstname like '%".addslashes($sall)."%' OR p.email like '%".addslashes($sall)."%') ";
|
||||
}
|
||||
if ($socid)
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socid";
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
|
||||
if($_GET["view"] == "recent")
|
||||
|
||||
@ -51,15 +51,15 @@ print "</form></table><br />\n";
|
||||
* Expeditions à valider
|
||||
*/
|
||||
$sql = "SELECT e.rowid, e.ref, s.nom, s.idp, c.ref as commande_ref, c.rowid as commande_id";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."expedition as e, ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE e.fk_commande = c.rowid AND c.fk_soc = s.idp AND e.fk_statut = 0";
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND c.fk_soc = $socidp";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
@ -92,11 +92,12 @@ if ($resql)
|
||||
* Commandes à traiter
|
||||
*/
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.idp AND c.fk_statut = 1";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp) $sql .= " AND c.fk_soc = $socidp";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql.= " ORDER BY c.rowid ASC";
|
||||
|
||||
if ( $db->query($sql) )
|
||||
@ -135,11 +136,12 @@ print '</td><td valign="top" width="70%">';
|
||||
* Commandes en traitement
|
||||
*/
|
||||
$sql = "SELECT c.rowid, c.ref, s.nom, s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 2";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp) $sql .= " AND c.fk_soc = $socidp";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$resql = $db->query($sql);
|
||||
if ( $resql )
|
||||
{
|
||||
@ -171,11 +173,12 @@ if ( $resql )
|
||||
* Expeditions à valider
|
||||
*/
|
||||
$sql = "SELECT e.rowid, e.ref, s.nom, s.idp, c.ref as commande_ref, c.rowid as commande_id";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."expedition as e, ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE e.fk_commande = c.rowid AND c.fk_soc = s.idp AND e.fk_statut = 1";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp) $sql .= " AND c.fk_soc = $socidp";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql .= " ORDER BY e.date_expedition DESC";
|
||||
$sql .= $db->plimit(5, 0);
|
||||
|
||||
|
||||
@ -58,9 +58,9 @@ $offset = $limit * $_GET["page"] ;
|
||||
llxHeader('',$langs->trans('ListOfSendings'),'ch-expedition.html');
|
||||
|
||||
$sql = "SELECT e.rowid, e.ref,".$db->pdate("e.date_expedition")." as date_expedition, e.fk_statut";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."expedition as e";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."commande as c";
|
||||
if ($socidp) $sql.=", ".MAIN_DB_PREFIX."commande as c";
|
||||
$sql_add = " WHERE ";
|
||||
if ($socidp)
|
||||
@ -73,7 +73,7 @@ if ($_POST["sf_ref"])
|
||||
$sql.= $sql_add . " e.ref like '%".addslashes($_POST["sf_ref"])."%'";
|
||||
$sql_add = " AND ";
|
||||
}
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= $sql_add . " e.fk_commande = c.rowid AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
|
||||
@ -40,11 +40,11 @@ $langs->load("suppliers");
|
||||
|
||||
|
||||
// Sécurité accés client
|
||||
$socid=0;
|
||||
$socidp=0;
|
||||
if ($user->societe_id > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socidp = $user->societe_id;
|
||||
}
|
||||
|
||||
|
||||
@ -80,11 +80,11 @@ if ($mode == 'search')
|
||||
$_POST["search_nom"]="$socname";
|
||||
|
||||
$sql = "SELECT s.idp";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE s.nom like '%".$socname."%'";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
|
||||
$result=$db->query($sql);
|
||||
if ($result)
|
||||
@ -92,8 +92,8 @@ if ($mode == 'search')
|
||||
if ($db->num_rows($result) == 1)
|
||||
{
|
||||
$obj = $db->fetch_object($result);
|
||||
$socid = $obj->idp;
|
||||
header("location: soc.php?socid=$socid");
|
||||
$socidp = $obj->idp;
|
||||
header("location: soc.php?socidp=$socidp");
|
||||
exit;
|
||||
}
|
||||
$db->free($result);
|
||||
@ -102,7 +102,7 @@ if ($mode == 'search')
|
||||
if ($user->societe_id > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socidp = $user->societe_id;
|
||||
}
|
||||
}
|
||||
|
||||
@ -127,14 +127,14 @@ $title=$langs->trans("ListOfCompanies");
|
||||
|
||||
$sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea";
|
||||
$sql.= ", st.libelle as stcomm, s.prefix_comm, s.client, s.fournisseur, s.siren";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
$sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
|
||||
if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE s.fk_stcomm = st.id";
|
||||
if ($user->societe_id > 0)
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = " . $user->societe_id;
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
|
||||
if ($socname)
|
||||
@ -146,7 +146,7 @@ if (strlen($stcomm)) {
|
||||
$sql .= " AND s.fk_stcomm=$stcomm";
|
||||
}
|
||||
|
||||
if (!$user->rights->commercial->client->voir) //restriction
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) //restriction
|
||||
{
|
||||
$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user