From c2b910f6edd86d1ea0f0a50ce66446a3031b79ed Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 11 Jun 2021 15:08:54 +0200 Subject: [PATCH] Clean code --- htdocs/bom/bom_note.php | 40 +--------------------------------------- htdocs/variants/list.php | 9 +++++++-- 2 files changed, 8 insertions(+), 41 deletions(-) diff --git a/htdocs/bom/bom_note.php b/htdocs/bom/bom_note.php index 1110bb4b0d4..539eb654751 100644 --- a/htdocs/bom/bom_note.php +++ b/htdocs/bom/bom_note.php @@ -97,45 +97,7 @@ if ($id > 0 || !empty($ref)) { $linkback = ''.$langs->trans("BackToList").''; $morehtmlref = '
'; - /* - // Ref customer - $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); - $morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1); - // Thirdparty - $morehtmlref.='
'.$langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1); - // Project - if (! empty($conf->projet->enabled)) - { - $langs->load("projects"); - $morehtmlref.='
'.$langs->trans('Project') . ' '; - if ($user->rights->bom->creer) - { - if ($action != 'classify') - //$morehtmlref.='' . img_edit($langs->transnoentitiesnoconv('SetProject')) . ' : '; - $morehtmlref.=' : '; - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref.='
'; - $morehtmlref.=''; - $morehtmlref.=''; - $morehtmlref.=$formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref.=''; - $morehtmlref.='
'; - } else { - $morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); - } - } else { - if (! empty($object->fk_project)) { - $proj = new Project($db); - $proj->fetch($object->fk_project); - $morehtmlref.=''; - $morehtmlref.=$proj->ref; - $morehtmlref.=''; - } else { - $morehtmlref.=''; - } - } - }*/ + $morehtmlref .= '
'; diff --git a/htdocs/variants/list.php b/htdocs/variants/list.php index dd55b028ff9..dcf4fdcdb43 100644 --- a/htdocs/variants/list.php +++ b/htdocs/variants/list.php @@ -16,12 +16,15 @@ */ require '../main.inc.php'; +require DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require DOL_DOCUMENT_ROOT.'/variants/class/ProductAttribute.class.php'; $action = GETPOST('action', 'aZ09'); $object = new ProductAttribute($db); +$rowid = GETPOST('rowid', 'int'); // Id of line for up / down when no javascript available $permissiontoread = $user->rights->produit->lire || $user->rights->service->lire; +$permissiontoadd = $user->rights->produit->creer || $user->rights->service->creer; // Security check if (empty($conf->variants->enabled)) { @@ -30,6 +33,8 @@ if (empty($conf->variants->enabled)) { if ($user->socid > 0) { // Protection if external user accessforbidden(); } + + //$result = restrictedArea($user, 'variant'); if (!$permissiontoread) accessforbidden(); @@ -39,13 +44,13 @@ if (!$permissiontoread) accessforbidden(); * Actions */ -if ($action == 'up') { +if ($action == 'up' && $permissiontoadd) { $object->fetch($rowid); $object->moveUp(); header('Location: '.$_SERVER['PHP_SELF']); exit(); -} elseif ($action == 'down') { +} elseif ($action == 'down' && $permissiontoadd) { $object->fetch($rowid); $object->moveDown();