From be88f4c7c92a388ffcc14894b69a60e7239d3804 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 15 Nov 2008 18:20:40 +0000 Subject: [PATCH] Fix: Permission to read donation doc --- htdocs/compta/dons/fiche.php | 603 ++++++++++++++++++----------------- 1 file changed, 305 insertions(+), 298 deletions(-) diff --git a/htdocs/compta/dons/fiche.php b/htdocs/compta/dons/fiche.php index 565895e3066..0b5ab6d140a 100644 --- a/htdocs/compta/dons/fiche.php +++ b/htdocs/compta/dons/fiche.php @@ -41,119 +41,119 @@ $mesg=""; /* * Actions */ - + if ($_POST["action"] == 'update') { - if ($_POST["amount"] > 0) - { + if ($_POST["amount"] > 0) + { - $don = new Don($db); - $don->id = $_POST["rowid"]; - $don->fetch($_POST["rowid"]); + $don = new Don($db); + $don->id = $_POST["rowid"]; + $don->fetch($_POST["rowid"]); - $don->prenom = $_POST["prenom"]; - $don->nom = $_POST["nom"]; - $don->societe = $_POST["societe"]; - $don->adresse = $_POST["adresse"]; - $don->amount = $_POST["amount"]; - $don->cp = $_POST["cp"]; - $don->ville = $_POST["ville"]; - $don->email = $_POST["email"]; - $don->date = mktime(12, 0 , 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]); - $don->note = $_POST["note"]; - $don->pays = $_POST["pays"]; - $don->public = $_POST["public"]; - $don->projetid = $_POST["projetid"]; - $don->note = $_POST["comment"]; - $don->modepaiementid = $_POST["modepaiement"]; + $don->prenom = $_POST["prenom"]; + $don->nom = $_POST["nom"]; + $don->societe = $_POST["societe"]; + $don->adresse = $_POST["adresse"]; + $don->amount = $_POST["amount"]; + $don->cp = $_POST["cp"]; + $don->ville = $_POST["ville"]; + $don->email = $_POST["email"]; + $don->date = mktime(12, 0 , 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]); + $don->note = $_POST["note"]; + $don->pays = $_POST["pays"]; + $don->public = $_POST["public"]; + $don->projetid = $_POST["projetid"]; + $don->note = $_POST["comment"]; + $don->modepaiementid = $_POST["modepaiement"]; - if ($don->update($user) > 0) - { - Header("Location: fiche.php?rowid=".$don->id); - exit; - } - } - else - { - $mesg="Montant non défini"; - } + if ($don->update($user) > 0) + { + Header("Location: fiche.php?rowid=".$don->id); + exit; + } + } + else + { + $mesg="Montant non défini"; + } } if ($_POST["action"] == 'add') { - if ($_POST["amount"] > 0) - { - $don = new Don($db); + if ($_POST["amount"] > 0) + { + $don = new Don($db); - $don->prenom = $_POST["prenom"]; - $don->nom = $_POST["nom"]; - $don->societe = $_POST["societe"]; - $don->adresse = $_POST["adresse"]; - $don->amount = $_POST["amount"]; - $don->cp = $_POST["cp"]; - $don->ville = $_POST["ville"]; - $don->email = $_POST["email"]; - $don->date = mktime(12, 0 , 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]); - $don->note = $_POST["note"]; - $don->pays = $_POST["pays"]; - $don->public = $_POST["public"]; - $don->projetid = $_POST["projetid"]; - $don->note = $_POST["comment"]; - $don->modepaiementid = $_POST["modepaiement"]; + $don->prenom = $_POST["prenom"]; + $don->nom = $_POST["nom"]; + $don->societe = $_POST["societe"]; + $don->adresse = $_POST["adresse"]; + $don->amount = $_POST["amount"]; + $don->cp = $_POST["cp"]; + $don->ville = $_POST["ville"]; + $don->email = $_POST["email"]; + $don->date = mktime(12, 0 , 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]); + $don->note = $_POST["note"]; + $don->pays = $_POST["pays"]; + $don->public = $_POST["public"]; + $don->projetid = $_POST["projetid"]; + $don->note = $_POST["comment"]; + $don->modepaiementid = $_POST["modepaiement"]; - if ($don->create($user) > 0) - { - Header("Location: index.php"); - exit; - } - } - else - { - $mesg=$langs->trans("ErrorFieldRequired",$langs->trans("Amount")); - $_GET["action"] = "create"; - } + if ($don->create($user) > 0) + { + Header("Location: index.php"); + exit; + } + } + else + { + $mesg=$langs->trans("ErrorFieldRequired",$langs->trans("Amount")); + $_GET["action"] = "create"; + } } if ($_GET["action"] == 'delete') { - $don = new Don($db); - $don->delete($_GET["rowid"]); - Header("Location: liste.php"); - exit; + $don = new Don($db); + $don->delete($_GET["rowid"]); + Header("Location: liste.php"); + exit; } if ($_POST["action"] == 'commentaire') { - $don = new Don($db); + $don = new Don($db); $don->fetch($_POST["rowid"]); - $don->update_note($_POST["commentaire"]); - $_GET["rowid"] = $_POST["rowid"]; + $don->update_note($_POST["commentaire"]); + $_GET["rowid"] = $_POST["rowid"]; } if ($_GET["action"] == 'valid_promesse') { - $don = new Don($db); - if ($don->valid_promesse($_GET["rowid"], $user->id)) - { - Header("Location: fiche.php?rowid=".$_GET["rowid"]); - exit; - } + $don = new Don($db); + if ($don->valid_promesse($_GET["rowid"], $user->id)) + { + Header("Location: fiche.php?rowid=".$_GET["rowid"]); + exit; + } } if ($_GET["action"] == 'set_payed') { - $don = new Don($db); - if ($don->set_paye($_GET["rowid"], $modepaiement)) - { - Header("Location: fiche.php?rowid=".$_GET["rowid"]); - exit; - } + $don = new Don($db); + if ($don->set_paye($_GET["rowid"], $modepaiement)) + { + Header("Location: fiche.php?rowid=".$_GET["rowid"]); + exit; + } } if ($_GET["action"] == 'set_encaisse') { - $don = new Don($db); - if ($don->set_encaisse($_GET["rowid"])) - { - Header("Location: liste.php"); - exit; - } + $don = new Don($db); + if ($don->set_encaisse($_GET["rowid"])) + { + Header("Location: liste.php"); + exit; + } } /* @@ -207,52 +207,52 @@ $formfile = new FormFile($db); if ($_GET["action"] == 'create') { - print_titre($langs->trans("AddDonation")); - - print '
'; - print ''; - - print ''; - - print ''; - - $nbrows=11; - if ($conf->projet->enabled) $nbrows++; - - print '"; + print_titre($langs->trans("AddDonation")); - print "\n"; + + if ($conf->projet->enabled) + { + // Si module projet actif + print "\n"; + } + + print "\n"; + + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "
'.$langs->trans("Date").''; - $html->select_date('','','','','',"add"); - print ''.$langs->trans("Comments").' :
'; - print "
".$langs->trans("PaymentMode")."\n"; + print ''; + print ''; + + print ''; + + print ''; + + $nbrows=11; + if ($conf->projet->enabled) $nbrows++; + + print '"; + + print "\n"; - - if ($conf->projet->enabled) - { - // Si module projet actif - print "\n"; - } - - print "\n"; - - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "
'.$langs->trans("Date").''; + $html->select_date('','','','','',"add"); + print ''.$langs->trans("Comments").' :
'; + print "
".$langs->trans("PaymentMode")."\n"; $html->select_types_paiements('', 'modepaiement', 'CRDT', 0); - print "
".$langs->trans("Project").""; - select_projects('','','',"projetid"); - print "
".$langs->trans("PublicDonation").""; - print $html->selectyesno("public",1,1); - print "
'.$langs->trans("Company").'
'.$langs->trans("Firstname").'
'.$langs->trans("Lastname").'
'.$langs->trans("Address").''; - print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").'
'.$langs->trans("Country").'
'.$langs->trans("EMail").'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->monnaie).'
\n"; - print "\n"; -} + print "
".$langs->trans("Project").""; + select_projects('','','',"projetid"); + print "
".$langs->trans("PublicDonation").""; + print $html->selectyesno("public",1,1); + print "
'.$langs->trans("Company").'
'.$langs->trans("Firstname").'
'.$langs->trans("Lastname").'
'.$langs->trans("Address").''; + print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").'
'.$langs->trans("Country").'
'.$langs->trans("EMail").'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->monnaie).'
\n"; + print "\n"; +} /* ************************************************************ */ @@ -263,94 +263,94 @@ if ($_GET["action"] == 'create') if ($_GET["rowid"] && $_GET["action"] == 'edit') { - $don = new Don($db); - $don->id = $_GET["rowid"]; - $don->fetch($_GET["rowid"]); - - $h=0; - $head[$h][0] = DOL_URL_ROOT."/compta/dons/fiche.php?rowid=".$_GET["rowid"]; - $head[$h][1] = $langs->trans("Donation"); - $hselected=$h; - $h++; - - dolibarr_fiche_head($head, $hselected, $langs->trans("Ref")); - - print '
'; - print ''; - - print ''; - print ''; - - // Ref - print "".''; - print ''; + $don = new Don($db); + $don->id = $_GET["rowid"]; + $don->fetch($_GET["rowid"]); + + $h=0; + $head[$h][0] = DOL_URL_ROOT."/compta/dons/fiche.php?rowid=".$_GET["rowid"]; + $head[$h][1] = $langs->trans("Donation"); + $hselected=$h; + $h++; + + dolibarr_fiche_head($head, $hselected, $langs->trans("Ref")); + + print ''; + print '
'.$langs->trans("Ref").''; - print $don->getNomUrl(); - print '
'; + + print ''; + print ''; + + // Ref + print "".''; + print ''; // Date - print "".''; + print "".''; $nbrows=12; - if ($conf->projet->enabled) $nbrows++; - - print '"; - - // Project - if ($conf->projet->enabled) - { - print "\n"; - } + if ($conf->projet->enabled) $nbrows++; - print ""; - print "\n"; - - $langs->load("companies"); - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - print "".''; - - print ""; + + // Project + if ($conf->projet->enabled) + { + print "\n"; + } + + print ""; + print "\n"; + + $langs->load("companies"); + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + + print "\n"; + print "\n"; - print "".''; - - print "".''; - - print "
'.$langs->trans("Ref").''; + print $don->getNomUrl(); + print '
'.$langs->trans("Date").''; - $html->select_date($don->date,'','','','',"update"); - print '
'.$langs->trans("Date").''; + $html->select_date($don->date,'','','','',"update"); + print ''.$langs->trans("Comments").' :
'; - print "
".$langs->trans("Project")."
"; - print "
".$langs->trans("PublicDonation").""; - print $html->selectyesno("public",1,1); - print "
'.$langs->trans("Company").'
'.$langs->trans("Firstname").'
'.$langs->trans("Lastname").'
'.$langs->trans("Address").''; - print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").'
'.$langs->trans("Country").'
'.$langs->trans("EMail").'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->monnaie).'
".$langs->trans("PaymentMode")."\n"; + print ''.$langs->trans("Comments").' :
'; + print "
".$langs->trans("Project")."
"; + print "
".$langs->trans("PublicDonation").""; + print $html->selectyesno("public",1,1); + print "
'.$langs->trans("Company").'
'.$langs->trans("Firstname").'
'.$langs->trans("Lastname").'
'.$langs->trans("Address").''; + print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").'
'.$langs->trans("Country").'
'.$langs->trans("EMail").'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->monnaie).'
".$langs->trans("PaymentMode")."\n"; $html->select_types_paiements('', 'modepaiement', 'CRDT', 0); - print "
'.$langs->trans("Status").''.$don->getLibStatut(4).'
\n"; - print "
\n"; - - print "\n"; + print "".''.$langs->trans("Status").''.$don->getLibStatut(4).''; + + print "".''; + + print "\n"; + print "\n"; + + print "\n"; } @@ -362,98 +362,105 @@ if ($_GET["rowid"] && $_GET["action"] == 'edit') /* ************************************************************ */ if ($_GET["rowid"] && $_GET["action"] != 'edit') { - $don = new Don($db); - $don->id = $_GET["rowid"]; - $don->fetch($_GET["rowid"]); - - - $h=0; - $head[$h][0] = DOL_URL_ROOT."/compta/dons/fiche.php?rowid=".$_GET["rowid"]; - $head[$h][1] = $langs->trans("Donation"); - $hselected=$h; - $h++; - - dolibarr_fiche_head($head, $hselected, $langs->trans("Ref").": ".$_GET["rowid"]); - - print "
"; - print ''; - - // Ref - print "".''; + $don = new Don($db); + $don->id = $_GET["rowid"]; + $don->fetch($_GET["rowid"]); + + + $h=0; + $head[$h][0] = DOL_URL_ROOT."/compta/dons/fiche.php?rowid=".$_GET["rowid"]; + $head[$h][1] = $langs->trans("Donation"); + $hselected=$h; + $h++; + + dolibarr_fiche_head($head, $hselected, $langs->trans("Ref").": ".$_GET["rowid"]); + + print ""; + print '
'.$langs->trans("Ref").''; - print $don->getNomUrl(); - print '
'; + + // Ref + print "".''; print ''; - + // Date - print ""; + print ""; + + $nbrows=12; + if ($conf->projet->enabled) $nbrows++; + + print ''; + + // Project + if ($conf->projet->enabled) + { + print "".''; + } + + print "\n"; + + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "".''; + print "\n"; + + print "".''; + + print "
'.$langs->trans("Ref").''; + print $don->getNomUrl(); + print '
".$langs->trans("Date").""; - print dolibarr_print_date($don->date,"day"); - print "
".$langs->trans("Date").""; + print dolibarr_print_date($don->date,"day"); + print "'.$langs->trans("Comments").' :
'; + print nl2br($don->note).'
'.$langs->trans("Project").''.$don->projet.'
".$langs->trans("PublicDonation").""; + print $yn[$don->public]; + print "
'.$langs->trans("Company").''.$don->societe.'
'.$langs->trans("Firstname").''.$don->prenom.'
'.$langs->trans("Lastname").''.$don->nom.'
'.$langs->trans("Address").''.nl2br($don->adresse).'
'.$langs->trans("Zip").' / '.$langs->trans("Town").''.$don->cp.' '.$don->ville.'
'.$langs->trans("Country").''.$don->pays.'
'.$langs->trans("EMail").''.$don->email.'
'.$langs->trans("Amount").''.price($don->amount).' '.$langs->trans("Currency".$conf->monnaie).'
".$langs->trans("PaymentMode").""; + print $don->modepaiement; + print "
'.$langs->trans("Status").''.$don->getLibStatut(4).'
\n"; + print "
\n"; + + print ""; + + // \TODO Gérer action émettre paiement + $resteapayer = 0; - $nbrows=12; - if ($conf->projet->enabled) $nbrows++; - - print ''.$langs->trans("Comments").' :
'; - print nl2br($don->note).''; - - // Project - if ($conf->projet->enabled) - { - print "".''.$langs->trans("Project").''.$don->projet.''; - } - - print "".$langs->trans("PublicDonation").""; - print $yn[$don->public]; - print "\n"; - - print "".''.$langs->trans("Company").''.$don->societe.''; - print "".''.$langs->trans("Firstname").''.$don->prenom.''; - print "".''.$langs->trans("Lastname").''.$don->nom.''; - print "".''.$langs->trans("Address").''.nl2br($don->adresse).''; - print "".''.$langs->trans("Zip").' / '.$langs->trans("Town").''.$don->cp.' '.$don->ville.''; - print "".''.$langs->trans("Country").''.$don->pays.''; - print "".''.$langs->trans("EMail").''.$don->email.''; - print "".''.$langs->trans("Amount").''.price($don->amount).' '.$langs->trans("Currency".$conf->monnaie).''; - print "".$langs->trans("PaymentMode").""; - print $don->modepaiement; - print "\n"; - - print "".''.$langs->trans("Status").''.$don->getLibStatut(4).''; - - print "\n"; - print "\n"; - - print ""; - - - /** - * Barre d'actions - */ - print '
'; - - print ''.$langs->trans('Modify').''; - if ($don->statut == 0) - { - print ''.$langs->trans("ValidPromess").''; - } + /** + * Barre d'actions + */ + print '
'; - // \todo Gérer action émettre paiement - if ($don->statut == 1 && $resteapayer > 0) - { - print "".$langs->trans("DoPayment").""; - } + print ''.$langs->trans('Modify').''; - if ($don->statut == 1 && abs($resteapayer) == 0 && $don->paye == 0) - { - print "id&action=set_payed\">".$langs->trans("ClassifyPayed").""; - } + if ($don->statut == 0) + { + print ''.$langs->trans("ValidPromess").''; + } - if ($don->statut == 0) - { - print "id&action=delete\">".$langs->trans("Delete").""; - } + // \TODO Gérer action émettre paiement + if ($don->statut == 1 && $resteapayer > 0) + { + print "".$langs->trans("DoPayment").""; + } - print "
"; + if ($don->statut == 1 && $resteapayer == 0 && $don->paye == 0) + { + print "id&action=set_payed\">".$langs->trans("ClassifyPayed").""; + } + + if ($user->rights->don->supprimer) + { + print "id&action=delete\">".$langs->trans("Delete").""; + } + else + { + print "".$langs->trans("Delete").""; + } + + print "
"; print ''; + print ''; - print '
'; @@ -464,8 +471,8 @@ if ($_GET["rowid"] && $_GET["action"] != 'edit') $filename=sanitizeFileName($don->id); $filedir=$conf->don->dir_output . '/' . get_exdir($filename,2); $urlsource=$_SERVER['PHP_SELF'].'?rowid='.$don->id; -// $genallowed=($fac->statut == 1 && ($fac->paye == 0 || $user->admin) && $user->rights->facture->creer); -// $delallowed=$user->rights->facture->supprimer; + // $genallowed=($fac->statut == 1 && ($fac->paye == 0 || $user->admin) && $user->rights->facture->creer); + // $delallowed=$user->rights->facture->supprimer; $genallowed=1; $delallowed=0; @@ -474,9 +481,9 @@ if ($_GET["rowid"] && $_GET["action"] != 'edit') print '
'; $formfile->show_documents('donation',$filename,$filedir,$urlsource,$genallowed,$delallowed); - print '		  
'; + print ''; }