Clean code
This commit is contained in:
Laurent Destailleur
parent
14baec95dc
commit
d138e7410b
@ -719,7 +719,7 @@ if ($action == 'edit') {
|
||||
$liste['user'] = $langs->trans('UserEmail');
|
||||
$liste['company'] = $langs->trans('CompanyEmail').' ('.(empty($conf->global->MAIN_INFO_SOCIETE_MAIL) ? $langs->trans("NotDefined") : $conf->global->MAIN_INFO_SOCIETE_MAIL).')';
|
||||
$sql = 'SELECT rowid, label, email FROM '.MAIN_DB_PREFIX.'c_email_senderprofile';
|
||||
$sql .= ' WHERE active = 1 AND (private = 0 OR private = '.$user->id.')';
|
||||
$sql .= ' WHERE active = 1 AND (private = 0 OR private = '.((int) $user->id).')';
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
|
||||
@ -124,7 +124,7 @@ if ($enableremotecheck) {
|
||||
print '<input type="radio" name="target" id="checkboxremote" value="remote"'.(GETPOST('target') == 'remote' ? 'checked="checked"' : '').'> <label for="checkboxremote">'.$langs->trans("RemoteSignature").'</label> = ';
|
||||
print '<input name="xmlremote" class="flat minwidth400" value="'.dol_escape_htmltag($xmlremote).'"><br>';
|
||||
} else {
|
||||
print '<input type="radio" name="target" value="remote" disabled="disabled"> '.$langs->trans("RemoteSignature").' = '.$xmlremote;
|
||||
print '<input type="radio" name="target" value="remote" disabled="disabled"> '.$langs->trans("RemoteSignature").' = '.dol_escape_htmltag($xmlremote);
|
||||
if (!GETPOST('xmlremote')) {
|
||||
print ' <span class="warning">('.$langs->trans("FeatureAvailableOnlyOnStable").')</span>';
|
||||
}
|
||||
|
||||
@ -897,6 +897,8 @@ class Categorie extends CommonObject
|
||||
|
||||
$categories = array();
|
||||
|
||||
$type = checkVal($type, 'aZ09');
|
||||
|
||||
$sub_type = $type;
|
||||
$subcol_name = "fk_".$type;
|
||||
if ($type == "customer") {
|
||||
@ -917,9 +919,9 @@ class Categorie extends CommonObject
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."categorie as s";
|
||||
$sql .= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub ";
|
||||
$sql .= ' WHERE s.entity IN ('.getEntity('category').')';
|
||||
$sql .= ' AND s.type='.$idoftype;
|
||||
$sql .= ' AND s.type='.((int) $idoftype);
|
||||
$sql .= ' AND s.rowid = sub.fk_categorie';
|
||||
$sql .= ' AND sub.'.$subcol_name.' = '.$id;
|
||||
$sql .= ' AND sub.'.$subcol_name.' = '.((int) $id);
|
||||
|
||||
$sql .= $this->db->order($sortfield, $sortorder);
|
||||
|
||||
|
||||
@ -874,10 +874,10 @@ if ($showbirthday) {
|
||||
$sql .= ' WHERE (priv=0 OR (priv=1 AND fk_user_creat='.$user->id.'))';
|
||||
$sql .= " AND sp.entity IN (".getEntity('socpeople').")";
|
||||
if ($action == 'show_day') {
|
||||
$sql .= ' AND MONTH(birthday) = '.$month;
|
||||
$sql .= ' AND DAY(birthday) = '.$day;
|
||||
$sql .= ' AND MONTH(birthday) = '.((int) $month);
|
||||
$sql .= ' AND DAY(birthday) = '.((int) $day);
|
||||
} else {
|
||||
$sql .= ' AND MONTH(birthday) = '.$month;
|
||||
$sql .= ' AND MONTH(birthday) = '.((int) $month);
|
||||
}
|
||||
$sql .= ' ORDER BY birthday';
|
||||
|
||||
|
||||
@ -359,7 +359,7 @@ if ($search_product_category > 0) {
|
||||
$sql .= " AND cp.fk_categorie = ".$search_product_category;
|
||||
}
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
|
||||
@ -374,7 +374,7 @@ if ($sall) {
|
||||
$sql .= natural_search(array_keys($fieldstosearchall), $sall);
|
||||
}
|
||||
if ($search_billed != '' && $search_billed >= 0) {
|
||||
$sql .= ' AND c.facture = '.$search_billed;
|
||||
$sql .= ' AND c.facture = '.((int) $search_billed);
|
||||
}
|
||||
if ($search_status <> '') {
|
||||
if ($search_status < 4 && $search_status > -3) {
|
||||
|
||||
@ -1153,14 +1153,14 @@ class FactureRec extends CommonInvoice
|
||||
$sql .= ", date_end_fill=".((int) $date_end_fill);
|
||||
$sql .= ", fk_product_fournisseur_price=".($fk_fournprice > 0 ? $fk_fournprice : 'null');
|
||||
$sql .= ", buy_price_ht=".($pa_ht ? price2num($pa_ht) : 0);
|
||||
$sql .= ", info_bits=".$info_bits;
|
||||
$sql .= ", rang=".$rang;
|
||||
$sql .= ", special_code=".$special_code;
|
||||
$sql .= ", info_bits=".((int) $info_bits);
|
||||
$sql .= ", rang=".((int) $rang);
|
||||
$sql .= ", special_code=".((int) $special_code);
|
||||
$sql .= ", fk_unit=".($fk_unit ? "'".$this->db->escape($fk_unit)."'" : "null");
|
||||
$sql .= ', multicurrency_subprice = '.$pu_ht_devise;
|
||||
$sql .= ', multicurrency_total_ht = '.$multicurrency_total_ht;
|
||||
$sql .= ', multicurrency_total_tva = '.$multicurrency_total_tva;
|
||||
$sql .= ', multicurrency_total_ttc = '.$multicurrency_total_ttc;
|
||||
$sql .= ', multicurrency_subprice = '.price2num($pu_ht_devise);
|
||||
$sql .= ', multicurrency_total_ht = '.price2num($multicurrency_total_ht);
|
||||
$sql .= ', multicurrency_total_tva = '.price2num($multicurrency_total_tva);
|
||||
$sql .= ', multicurrency_total_ttc = '.price2num($multicurrency_total_ttc);
|
||||
$sql .= " WHERE rowid = ".((int) $rowid);
|
||||
|
||||
dol_syslog(get_class($this)."::updateline", LOG_DEBUG);
|
||||
@ -1248,7 +1248,7 @@ class FactureRec extends CommonInvoice
|
||||
$sql .= ' AND suspended = 0';
|
||||
$sql .= ' AND entity = '.$conf->entity; // MUST STAY = $conf->entity here
|
||||
if ($restrictioninvoiceid > 0) {
|
||||
$sql .= ' AND rowid = '.$restrictioninvoiceid;
|
||||
$sql .= ' AND rowid = '.((int) $restrictioninvoiceid);
|
||||
}
|
||||
$sql .= $this->db->order('entity', 'ASC');
|
||||
//print $sql;exit;
|
||||
|
||||
@ -5739,8 +5739,8 @@ class FactureLigne extends CommonInvoiceLine
|
||||
if ($include_credit_note) {
|
||||
$sql = 'SELECT fd.situation_percent FROM '.MAIN_DB_PREFIX.'facturedet fd';
|
||||
$sql .= ' JOIN '.MAIN_DB_PREFIX.'facture f ON (f.rowid = fd.fk_facture) ';
|
||||
$sql .= ' WHERE fd.fk_prev_id ='.$this->fk_prev_id;
|
||||
$sql .= ' AND f.situation_cycle_ref = '.$invoicecache[$invoiceid]->situation_cycle_ref; // Prevent cycle outed
|
||||
$sql .= ' WHERE fd.fk_prev_id = '.((int) $this->fk_prev_id);
|
||||
$sql .= ' AND f.situation_cycle_ref = '.((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
|
||||
$sql .= ' AND f.type = '.Facture::TYPE_CREDIT_NOTE;
|
||||
|
||||
$res = $this->db->query($sql);
|
||||
|
||||
@ -550,7 +550,7 @@ if ($search_product_category > 0) {
|
||||
$sql .= " AND cp.fk_categorie = ".$db->escape($search_product_category);
|
||||
}
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if ($userid) {
|
||||
if ($userid == -1) {
|
||||
|
||||
@ -873,7 +873,7 @@ if (!GETPOST('action', 'aZ09')) {
|
||||
$sql .= ' WHERE p.fk_facture = f.rowid';
|
||||
$sql .= ' AND f.entity IN ('.getEntity('invoice').')';
|
||||
if ($socid) {
|
||||
$sql .= ' AND f.fk_soc = '.$socid;
|
||||
$sql .= ' AND f.fk_soc = '.((int) $socid);
|
||||
}
|
||||
|
||||
$sql .= ' ORDER BY '.$sortfield.' '.$sortorder;
|
||||
|
||||
@ -296,7 +296,7 @@ if (!empty($search_town)) {
|
||||
$sql .= natural_search('s.town', $search_town);
|
||||
}
|
||||
if ($search_country > 0) {
|
||||
$sql .= ' AND s.fk_pays = '.$search_country.'';
|
||||
$sql .= ' AND s.fk_pays = '.((int) $search_country);
|
||||
}
|
||||
$sql .= " AND f.entity IN (".getEntity('supplier_invoice').")";
|
||||
if ($socid) {
|
||||
|
||||
@ -3117,7 +3117,7 @@ abstract class CommonObject
|
||||
public function getRangOfLine($rowid)
|
||||
{
|
||||
$sql = 'SELECT rang FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= ' WHERE rowid ='.$rowid;
|
||||
$sql .= ' WHERE rowid ='.((int) $rowid);
|
||||
|
||||
dol_syslog(get_class($this)."::getRangOfLine", LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -3137,7 +3137,7 @@ abstract class CommonObject
|
||||
{
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= ' WHERE '.$this->fk_element.' = '.$this->id;
|
||||
$sql .= ' AND rang = '.$rang;
|
||||
$sql .= ' AND rang = '.((int) $rang);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$row = $this->db->fetch_row($resql);
|
||||
|
||||
@ -220,7 +220,7 @@ class pdf_standard extends ModelePDFSuppliersPayments
|
||||
$sql .= ', f.fk_statut, s.nom as name, s.rowid as socid';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf,'.MAIN_DB_PREFIX.'facture_fourn as f,'.MAIN_DB_PREFIX.'societe as s';
|
||||
$sql .= ' WHERE pf.fk_facturefourn = f.rowid AND f.fk_soc = s.rowid';
|
||||
$sql .= ' AND pf.fk_paiementfourn = '.$object->id;
|
||||
$sql .= ' AND pf.fk_paiementfourn = '.((int) $object->id);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
if ($this->db->num_rows($resql) > 0) {
|
||||
|
||||
@ -553,11 +553,11 @@ class Cronjob extends CommonObject
|
||||
} elseif ($status == 2) {
|
||||
$sql .= " AND t.status = 2";
|
||||
}
|
||||
//Manage filter
|
||||
// Manage filter
|
||||
if (is_array($filter) && count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid') {
|
||||
$sql .= ' AND '.$key.' = '.$this->db->escape($value);
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
}
|
||||
|
||||
@ -428,7 +428,7 @@ class EcmFiles extends CommonObject
|
||||
$sql .= " AND t.src_object_type ='".$this->db->escape($src_object_type)."' AND t.src_object_id = ".$this->db->escape($src_object_id);
|
||||
$sql .= " AND t.entity = ".$conf->entity;
|
||||
} else {
|
||||
$sql .= ' AND t.rowid = '.$this->db->escape($id); // rowid already unique
|
||||
$sql .= ' AND t.rowid = '.((int) $id); // rowid already unique
|
||||
}
|
||||
|
||||
$this->db->plimit(1); // When we search on src or on hash of content (hashforfile) to solve hash conflict when several files has same content, we take first one only
|
||||
|
||||
@ -295,13 +295,13 @@ if ($socid) {
|
||||
$sql .= " AND e.fk_soc = ".$socid;
|
||||
}
|
||||
if ($search_status <> '' && $search_status >= 0) {
|
||||
$sql .= " AND e.fk_statut = ".$search_status;
|
||||
$sql .= " AND e.fk_statut = ".((int) $search_status);
|
||||
}
|
||||
if ($search_ref_customer != '') {
|
||||
$sql .= natural_search('e.ref_customer', $search_ref_customer);
|
||||
}
|
||||
if ($search_billed != '' && $search_billed >= 0) {
|
||||
$sql .= ' AND e.billed = '.$search_billed;
|
||||
$sql .= ' AND e.billed = '.((int) $search_billed);
|
||||
}
|
||||
if ($search_town) {
|
||||
$sql .= natural_search('s.town', $search_town);
|
||||
|
||||
@ -2761,9 +2761,9 @@ class ExpenseReportLine
|
||||
if (!empty($this->id)) {
|
||||
$sql .= ' AND d.rowid <> '.$this->id;
|
||||
}
|
||||
$sql .= ' AND d.fk_c_type_fees = '.$rule->fk_c_type_fees;
|
||||
$sql .= ' AND d.fk_c_type_fees = '.((int) $rule->fk_c_type_fees);
|
||||
if ($mode == 'day' || $mode == 'EX_DAY') {
|
||||
$sql .= ' AND d.date = \''.dol_print_date($this->date, '%Y-%m-%d').'\'';
|
||||
$sql .= " AND d.date = '".dol_print_date($this->date, '%Y-%m-%d')."'";
|
||||
} elseif ($mode == 'mon' || $mode == 'EX_MON') {
|
||||
$sql .= ' AND DATE_FORMAT(d.date, \'%Y-%m\') = \''.dol_print_date($this->date, '%Y-%m').'\''; // @todo DATE_FORMAT is forbidden
|
||||
} elseif ($mode == 'year' || $mode == 'EX_YEA') {
|
||||
|
||||
@ -248,7 +248,7 @@ class ExpenseReportIk extends CoreObject
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'c_exp_tax_range r';
|
||||
$sql .= ' WHERE r.entity IN (0, '.$conf->entity.')';
|
||||
if ($default_c_exp_tax_cat > 0) {
|
||||
$sql .= ' AND r.fk_c_exp_tax_cat = '.$default_c_exp_tax_cat;
|
||||
$sql .= ' AND r.fk_c_exp_tax_cat = '.((int) $default_c_exp_tax_cat);
|
||||
}
|
||||
$sql .= ' GROUP BY r.fk_c_exp_tax_cat';
|
||||
$sql .= ') as counts';
|
||||
|
||||
@ -160,13 +160,12 @@ class ExpenseReportRule extends CoreObject
|
||||
$sql .= ' AND er.fk_c_type_fees IN (-1, '.$fk_c_type_fees.')';
|
||||
}
|
||||
if (!empty($date)) {
|
||||
$date = dol_print_date($date, '%Y-%m-%d');
|
||||
$sql .= ' AND er.dates <= \''.$date.'\'';
|
||||
$sql .= ' AND er.datee >= \''.$date.'\'';
|
||||
$sql .= " AND er.dates <= '".dol_print_date($date, '%Y-%m-%d')."'";
|
||||
$sql .= " AND er.datee >= '".dol_print_date($date, '%Y-%m-%d')."'";
|
||||
}
|
||||
if ($fk_user > 0) {
|
||||
$sql .= ' AND (er.is_for_all = 1';
|
||||
$sql .= ' OR er.fk_user = '.$fk_user;
|
||||
$sql .= ' OR er.fk_user = '.((int) $fk_user);
|
||||
$sql .= ' OR er.fk_usergroup IN (SELECT ugu.fk_usergroup FROM '.MAIN_DB_PREFIX.'usergroup_user ugu WHERE ugu.fk_user = '.((int) $fk_user).') )';
|
||||
}
|
||||
$sql .= ' ORDER BY er.is_for_all, er.fk_usergroup, er.fk_user';
|
||||
|
||||
@ -369,7 +369,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= ' WHERE f.fk_soc = s.rowid';
|
||||
$sql .= ' AND f.rowid = '.$facid;
|
||||
$sql .= ' AND f.rowid = '.((int) $facid);
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
|
||||
}
|
||||
|
||||
@ -182,7 +182,7 @@ if (!$user->rights->societe->client->voir) {
|
||||
$sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.$user->id;
|
||||
}
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND f.fk_soc = '.$socid;
|
||||
$sql .= ' AND f.fk_soc = '.((int) $socid);
|
||||
}
|
||||
if ($search_ref) {
|
||||
$sql .= natural_search('p.ref', $search_ref);
|
||||
|
||||
@ -0,0 +1,144 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta http-equiv="x-ua-compatible" content="IE=edge">
|
||||
<title>Swagger UI</title>
|
||||
<link rel="icon" type="image/png" href="images/favicon-32x32.png" sizes="32x32" />
|
||||
<link rel="icon" type="image/png" href="images/favicon-16x16.png" sizes="16x16" />
|
||||
<link href='css/typography.css' media='screen' rel='stylesheet' type='text/css'/>
|
||||
<link href='css/reset.css' media='screen' rel='stylesheet' type='text/css'/>
|
||||
<link href='css/screen.css' media='screen' rel='stylesheet' type='text/css'/>
|
||||
<link href='css/reset.css' media='print' rel='stylesheet' type='text/css'/>
|
||||
<link href='css/print.css' media='print' rel='stylesheet' type='text/css'/>
|
||||
|
||||
<script src='lib/object-assign-pollyfill.js' type='text/javascript'></script>
|
||||
<script src='lib/jquery-1.8.0.min.js' type='text/javascript'></script>
|
||||
<script src='lib/jquery.slideto.min.js' type='text/javascript'></script>
|
||||
<script src='lib/jquery.wiggle.min.js' type='text/javascript'></script>
|
||||
<script src='lib/jquery.ba-bbq.min.js' type='text/javascript'></script>
|
||||
<script src='lib/handlebars-4.0.5.js' type='text/javascript'></script>
|
||||
<script src='lib/lodash.min.js' type='text/javascript'></script>
|
||||
<script src='lib/backbone-min.js' type='text/javascript'></script>
|
||||
<script src='swagger-ui.js' type='text/javascript'></script>
|
||||
<script src='lib/highlight.9.1.0.pack.js' type='text/javascript'></script>
|
||||
<script src='lib/highlight.9.1.0.pack_extended.js' type='text/javascript'></script>
|
||||
<script src='lib/jsoneditor.min.js' type='text/javascript'></script>
|
||||
<script src='lib/marked.js' type='text/javascript'></script>
|
||||
<script src='lib/swagger-oauth.js' type='text/javascript'></script>
|
||||
|
||||
<!-- Some basic translations -->
|
||||
<!-- <script src='lang/translator.js' type='text/javascript'></script> -->
|
||||
<!-- <script src='lang/ru.js' type='text/javascript'></script> -->
|
||||
<!-- <script src='lang/en.js' type='text/javascript'></script> -->
|
||||
|
||||
<script type="text/javascript">
|
||||
$(function () {
|
||||
var url = window.location.search.match(/url=([^&]+)/);
|
||||
if (url && url.length > 1) {
|
||||
url = decodeURIComponent(url[1]);
|
||||
} else {
|
||||
url = "swagger.json";
|
||||
}
|
||||
|
||||
hljs.configure({
|
||||
highlightSizeThreshold: 5000
|
||||
});
|
||||
|
||||
// Pre load translate...
|
||||
if(window.SwaggerTranslator) {
|
||||
window.SwaggerTranslator.translate();
|
||||
}
|
||||
window.swaggerUi = new SwaggerUi({
|
||||
url: url,
|
||||
dom_id: "swagger-ui-container",
|
||||
supportedSubmitMethods: ['get', 'post', 'put', 'delete', 'patch'],
|
||||
onComplete: function(swaggerApi, swaggerUi){
|
||||
if(typeof initOAuth == "function") {
|
||||
initOAuth({
|
||||
clientId: "your-client-id",
|
||||
clientSecret: "your-client-secret-if-required",
|
||||
realm: "your-realms",
|
||||
appName: "your-app-name",
|
||||
scopeSeparator: " ",
|
||||
additionalQueryStringParams: {}
|
||||
});
|
||||
}
|
||||
|
||||
if(window.SwaggerTranslator) {
|
||||
window.SwaggerTranslator.translate();
|
||||
}
|
||||
|
||||
addApiKeyAuthorization();
|
||||
},
|
||||
onFailure: function(data) {
|
||||
log("Unable to Load SwaggerUI");
|
||||
},
|
||||
docExpansion: "none",
|
||||
jsonEditor: false,
|
||||
apisSorter: "alpha",
|
||||
operationsSorter: "alpha",
|
||||
defaultModelRendering: 'model', /* example or model or schema */
|
||||
defaultModelsExpandDepth: -1,
|
||||
showRequestHeaders: false,
|
||||
showOperationIds: false,
|
||||
displayOperationIds: false,
|
||||
displayRequestDuration: true
|
||||
});
|
||||
|
||||
function addApiKeyAuthorization(){
|
||||
var key = encodeURIComponent($('#input_apiKey')[0].value);
|
||||
if(key && key.trim() != "") {
|
||||
/* @CHANGE LDR We set DOLAPIKEY into header */
|
||||
/* log("added key " + key); */
|
||||
log("added key");
|
||||
|
||||
|
||||
/* Disabled for security reason. We keep only param in header
|
||||
var apiKeyAuth = new SwaggerClient.ApiKeyAuthorization("api_key", key, "query");
|
||||
window.swaggerUi.api.clientAuthorizations.add("api_key", apiKeyAuth);
|
||||
log("added key " + key);
|
||||
*/
|
||||
|
||||
var apiKeyAuth = new SwaggerClient.ApiKeyAuthorization("DOLAPIKEY", key, "header");
|
||||
window.swaggerUi.api.clientAuthorizations.add("api_key", apiKeyAuth);
|
||||
/* log("header DOLAPIKEY added with value "+key); */
|
||||
log("header DOLAPIKEY added");
|
||||
}
|
||||
}
|
||||
|
||||
$('#input_apiKey').change(addApiKeyAuthorization);
|
||||
|
||||
window.swaggerUi.load();
|
||||
|
||||
function log() {
|
||||
if ('console' in window) {
|
||||
console.log.apply(console, arguments);
|
||||
}
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
||||
<style>
|
||||
.info_title, .info_description, .info_contact, .info_name, .info_url, .info_email, .info_license, #api_info, #input_baseUrl {
|
||||
display: none !important;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body class="swagger-section">
|
||||
<div id="header" style="background-color: rgb(38,60,92); height: 17px;">
|
||||
<div class="swagger-ui-wrap">
|
||||
<a id="logo" href="#">Dolibarr REST API Explorer</a>
|
||||
<form id='api_selector'>
|
||||
<div class='input'><input placeholder="http://example.com/api" id="input_baseUrl" name="baseUrl" type="text"/></div>
|
||||
<div class='input'><input placeholder="DOLAPIKEY" id="input_apiKey" name="apiKey" type="text"/></div>
|
||||
<div class='input'><a id="explore" href="#" data-sw-translate>Explore</a></div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="message-bar" class="swagger-ui-wrap" data-sw-translate> </div>
|
||||
<div id="swagger-ui-container" class="swagger-ui-wrap"></div>
|
||||
</body>
|
||||
</html>
|
||||
@ -234,7 +234,7 @@ if (!$user->rights->societe->client->voir && !$socid) {
|
||||
}
|
||||
$sql .= " WHERE f.fk_soc = s.rowid";
|
||||
if ($socid > 0) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if (!$user->rights->societe->client->voir && !$socid) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
|
||||
|
||||
@ -500,7 +500,7 @@ class Mo extends CommonObject
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$mostatic->table_element.' as t';
|
||||
$sql .= " WHERE t.role = '".$this->db->escape($role)."'";
|
||||
if ($lineid > 0) {
|
||||
$sql .= ' AND t.fk_mrp_production = '.$lineid;
|
||||
$sql .= ' AND t.fk_mrp_production = '.((int) $lineid);
|
||||
} else {
|
||||
$sql .= 'AND t.fk_mo = '.$this->id;
|
||||
}
|
||||
|
||||
@ -126,7 +126,7 @@ function ordered($product_id)
|
||||
} else {
|
||||
$sql .= ' cf.fk_statut < 5';
|
||||
}
|
||||
$sql .= ' AND cfd.fk_product = '.$product_id;
|
||||
$sql .= ' AND cfd.fk_product = '.((int) $product_id);
|
||||
$sql .= ' GROUP BY cfd.fk_product';
|
||||
|
||||
$resql = $db->query($sql);
|
||||
|
||||
@ -154,7 +154,7 @@ if ($sall) {
|
||||
$sql .= natural_search(array('cf.ref', 'cf.note'), $sall);
|
||||
}
|
||||
if (!empty($socid)) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if (GETPOST('statut', 'int')) {
|
||||
$sql .= ' AND fk_statut = '.GETPOST('statut', 'int');
|
||||
|
||||
@ -258,7 +258,7 @@ $sql .= $hookmanager->resPrint;
|
||||
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'product as p';
|
||||
if ($fk_warehouse > 0) {
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as ps ON p.rowid = ps.fk_product AND ps.fk_entrepot = '.$fk_warehouse;
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as ps ON p.rowid = ps.fk_product AND ps.fk_entrepot = '.((int) $fk_warehouse);
|
||||
}
|
||||
// Add fields from hooks
|
||||
$parameters = array();
|
||||
|
||||
@ -201,7 +201,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask')
|
||||
if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task
|
||||
// Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project)
|
||||
$sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact';
|
||||
$sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $db->fetch_object($resql);
|
||||
|
||||
@ -156,7 +156,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask')
|
||||
if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task
|
||||
// Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project)
|
||||
$sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact';
|
||||
$sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $db->fetch_object($resql);
|
||||
|
||||
@ -214,7 +214,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask')
|
||||
if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task
|
||||
// Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project)
|
||||
$sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact';
|
||||
$sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $db->fetch_object($resql);
|
||||
|
||||
@ -802,7 +802,7 @@ if ($urllogo) {
|
||||
|
||||
|
||||
print '<!-- Form to send a payment -->'."\n";
|
||||
print '<!-- creditor = '.$creditor.' -->'."\n";
|
||||
print '<!-- creditor = '.dol_escape_htmltag($creditor).' -->'."\n";
|
||||
// Additionnal information for each payment system
|
||||
if (!empty($conf->paypal->enabled)) {
|
||||
print '<!-- PAYPAL_API_SANDBOX = '.$conf->global->PAYPAL_API_SANDBOX.' -->'."\n";
|
||||
|
||||
@ -258,15 +258,15 @@ if ($display_ticket_list) {
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$value.'\'';
|
||||
$sql .= ' AND '.$key.' = \''.$db->escape($value).'\'';
|
||||
} elseif ($key == 't.fk_statut') {
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')';
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.$db->escape($value);
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$value.'%\'';
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\'';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -359,17 +359,17 @@ if ($action == "view_ticketlist") {
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$value.'\'';
|
||||
$sql .= ' AND '.$key.' = \''.$db->escape($value).'\'';
|
||||
} elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) {
|
||||
$sql .= " AND ".$key." = '".$db->escape($value)."'";
|
||||
} elseif ($key == 't.fk_statut') {
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')';
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.$db->escape($value);
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$value.'%\'';
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\'';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -460,7 +460,7 @@ if ($search_status <> '' && $search_status >= 0) {
|
||||
$sql .= " AND e.fk_statut = ".$search_status;
|
||||
}
|
||||
if ($search_billed != '' && $search_billed >= 0) {
|
||||
$sql .= ' AND e.billed = '.$search_billed;
|
||||
$sql .= ' AND e.billed = '.((int) $search_billed);
|
||||
}
|
||||
if ($search_town) {
|
||||
$sql .= natural_search('s.town', $search_town);
|
||||
|
||||
@ -371,7 +371,7 @@ if ($sall) {
|
||||
$sql .= natural_search(array_keys($fieldstosearchall), $sall);
|
||||
}
|
||||
if ($socid) {
|
||||
$sql .= ' AND s.rowid = '.$socid;
|
||||
$sql .= ' AND s.rowid = '.((int) $socid);
|
||||
}
|
||||
if ($search_status >= 0 && $search_status != '') {
|
||||
$sql .= ' AND sp.fk_statut IN ('.$db->sanitize($db->escape($search_status)).')';
|
||||
@ -379,7 +379,7 @@ if ($search_status >= 0 && $search_status != '') {
|
||||
$sql .= dolSqlDateFilter("sp.date_livraison", $day, $month, $year);
|
||||
$sql .= dolSqlDateFilter("sp.date_valid", $dayvalid, $monthvalid, $yearvalid);
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale;
|
||||
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale);
|
||||
}
|
||||
if ($search_user > 0) {
|
||||
$sql .= " AND c.fk_c_type_contact = tc.rowid AND tc.element='supplier_proposal' AND tc.source='internal' AND c.element_id = sp.rowid AND c.fk_socpeople = ".$search_user;
|
||||
|
||||
@ -719,10 +719,10 @@ class Ticket extends CommonObject
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$this->db->sanitize(implode(',', $value)).')';
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.$this->db->escape($value);
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$value.'%\'';
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -413,7 +413,7 @@ class WebsitePage extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
|
||||
$sqlwhere[] = $key.' = '.$value;
|
||||
$sqlwhere[] = $key.' = '.((int) $value);
|
||||
} elseif ($key == 'type_container') {
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'lang' || $key == 't.lang') {
|
||||
@ -515,7 +515,7 @@ class WebsitePage extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
|
||||
$sqlwhere[] = $key.' = '.$value;
|
||||
$sqlwhere[] = $key.' = '.((int) $value);
|
||||
} elseif ($key == 'type_container') {
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'lang' || $key == 't.lang') {
|
||||
@ -528,7 +528,7 @@ class WebsitePage extends CommonObject
|
||||
}
|
||||
$listoflang[] = "'".$this->db->escape(substr(str_replace("'", '', $tmpvalue), 0, 2))."'";
|
||||
}
|
||||
$stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang)).")";
|
||||
$stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")";
|
||||
if ($foundnull) {
|
||||
$stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)';
|
||||
}
|
||||
|
||||
@ -281,7 +281,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
$morehtmlref .= '</div>';
|
||||
|
||||
if ($socid > 0) {
|
||||
$object->next_prev_filter = 'te.fk_soc = '.$socid;
|
||||
$object->next_prev_filter = 'te.fk_soc = '.((int) $socid);
|
||||
}
|
||||
|
||||
dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'rowid', $morehtmlref);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user