From 7be0e0da1c41002dcec509ed0ddf91e5f699caa3 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 22 Nov 2022 13:46:42 +0100 Subject: [PATCH 1/2] Fix API right check --- htdocs/societe/class/api_thirdparties.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 07dd2ba6031..1e37cfa1204 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -1048,7 +1048,7 @@ class Thirdparties extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->facture->lire) { + if (!DolibarrApiAccess::$user->rights->societe->lire) { throw new RestException(401); } if (empty($id)) { From 3d9b2a16768164860cb66e537e381c2a2729e40e Mon Sep 17 00:00:00 2001 From: ATM-Nicolas Date: Tue, 22 Nov 2022 15:32:37 +0100 Subject: [PATCH 2/2] FIX : SQL request parenthesis --- htdocs/core/class/translate.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index eca41a55301..5b339fe1d81 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -468,7 +468,7 @@ class Translate if (! $found && ! empty($conf->global->MAIN_ENABLE_OVERWRITE_TRANSLATION)) { // Overwrite translation with database read - $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where lang='".$db->escape($this->defaultlang)."' OR lang IS NULL"; + $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where (lang='".$db->escape($this->defaultlang)."' OR lang IS NULL)"; $sql.=" AND entity IN (0, ".getEntity('overwrite_trans').")"; $sql.=$db->order("lang", "DESC"); $resql=$db->query($sql);