From 98362881a673d3f2d9556254c6dd5e346b820dc4 Mon Sep 17 00:00:00 2001
From: ptibogxiv <support@ptibogxiv.net>
Date: Sat, 3 Sep 2022 11:06:38 +0200
Subject: [PATCH] Update note.php

---
 htdocs/user/note.php | 84 +++++++++++++-------------------------------
 1 file changed, 24 insertions(+), 60 deletions(-)

diff --git a/htdocs/user/note.php b/htdocs/user/note.php
index e0ac0bd4dcf..c0c93a75d64 100644
--- a/htdocs/user/note.php
+++ b/htdocs/user/note.php
@@ -27,6 +27,7 @@ require '../main.inc.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
 
+// Get parameters
 $id = GETPOST('id', 'int');
 $action = GETPOST('action', 'aZ09');
 $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'usernote'; // To manage different context of search
@@ -39,16 +40,19 @@ $object->fetch($id, '', '', 1);
 $object->getrights();
 
 // If user is not user read and no permission to read other users, we stop
-if (($object->id != $user->id) && (!$user->hasRight("user", "user", "read"))) {
+if (($object->id != $user->id) && (!$user->rights->user->user->lire)) {
 	accessforbidden();
 }
 
+// Permissions
+$permissionnote = $user->hasRight("user", "self", "write"); // Used by the include of actions_setnotes.inc.php
+
 // Security check
 $socid = 0;
 if ($user->socid > 0) {
 	$socid = $user->socid;
 }
-$feature2 = (($socid && $user->hasRight("user", "self", "write")) ? '' : 'user');
+$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
 
 $result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
 
@@ -59,37 +63,23 @@ $hookmanager->initHooks(array('usercard', 'usernote', 'globalcard'));
 /*
  * Actions
  */
-
 $parameters = array('id'=>$socid);
-$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
+$reshook = $hookmanager->executeHooks('doActions', array(), $object, $action); // Note that $action and $object may have been modified by some hooks
 if ($reshook < 0) {
 	setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
 }
-
 if (empty($reshook)) {
-	if ($action == 'update' && $user->hasRight("user", "user", "write") && !GETPOST("cancel")) {
-		$db->begin();
-
-		$res = $object->update_note(dol_html_entity_decode(GETPOST('note_private', 'restricthtml'), ENT_QUOTES | ENT_HTML5));
-		if ($res < 0) {
-			$mesg = '<div class="error">'.$adh->error.'</div>';
-			$db->rollback();
-		} else {
-			$db->commit();
-		}
-	}
+	include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include, not include_once
 }
 
 
 /*
  * View
  */
-$form = new Form($db);
 
-$person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firstname : $object->lastname;
-$title = $person_name." - ".$langs->trans('Notes');
-$help_url = '';
-llxHeader('', $title, $help_url);
+llxHeader();
+
+$form = new Form($db);
 
 if ($id) {
 	$head = user_prepare_head($object);
@@ -99,7 +89,7 @@ if ($id) {
 
 	$linkback = '';
 
-	if ($user->hasRight("user", "user", "read") || $user->admin) {
+	if ($user->rights->user->user->lire || $user->admin) {
 		$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
 	}
 
@@ -107,7 +97,7 @@ if ($id) {
 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
 	$morehtmlref .= '</a>';
 
-	dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref);
+	dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref);
 
 	print '<div class="underbanner clearboth"></div>';
 
@@ -127,7 +117,7 @@ if ($id) {
 		print '<td>';
 		$addadmin = '';
 		if (property_exists($object, 'admin')) {
-			if (isModEnabled('multicompany') && !empty($object->admin) && empty($object->entity)) {
+			if (!empty($conf->multicompany->enabled) && !empty($object->admin) && empty($object->entity)) {
 				$addadmin .= img_picto($langs->trans("SuperAdministratorDesc"), "redstar", 'class="paddingleft"');
 			} elseif (!empty($object->admin)) {
 				$addadmin .= img_picto($langs->trans("AdministratorDesc"), "star", 'class="paddingleft"');
@@ -138,46 +128,20 @@ if ($id) {
 	}
 	print '</tr>';
 
-	$editenabled = (($action == 'edit') && $user->hasRight("user", "user", "write"));
-
-	// Note
-	print '<tr><td class="tdtop">'.$langs->trans("Note").'</td>';
-	print '<td class="'.($editenabled ? '' : 'sensiblehtmlcontent').'">';
-	if ($editenabled) {
-		print "<input type=\"hidden\" name=\"action\" value=\"update\">";
-		print "<input type=\"hidden\" name=\"id\" value=\"".$object->id."\">";
-		// Editeur wysiwyg
-		require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
-		$doleditor = new DolEditor('note_private', $object->note_private, '', 280, 'dolibarr_notes', 'In', true, false, getDolGlobalInt('FCKEDITOR_ENABLE_SOCIETE'), ROWS_8, '90%');
-		$doleditor->Create();
-	} else {
-		print dol_string_onlythesehtmltags(dol_htmlentitiesbr($object->note_private));
-	}
-	print "</td></tr>";
-
 	print "</table>";
+
 	print '</div>';
 
+
+	//print '<br>';
+
+	//print '<div class="underbanner clearboth"></div>';
+	include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
+
 	print dol_get_fiche_end();
-
-	if ($action == 'edit') {
-		print $form->buttonsSaveCancel();
-	}
-
-
-	/*
-	 * Actions
-	 */
-
-	print '<div class="tabsAction">';
-
-	if ($user->hasRight("user", "user", "write") && $action != 'edit') {
-		print '<a class="butAction" href="note.php?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans('Modify')."</a>";
-	}
-
-	print "</div>";
-
-	print "</form>\n";
+} else {
+	$langs->load("errors");
+	print $langs->trans("ErrorRecordNotFound");
 }
 
 // End of page