diff --git a/htdocs/includes/boxes/box_boutique_livre.php b/htdocs/includes/boxes/box_boutique_livre.php index fc5fe936e31..56cf87d01b7 100644 --- a/htdocs/includes/boxes/box_boutique_livre.php +++ b/htdocs/includes/boxes/box_boutique_livre.php @@ -63,30 +63,40 @@ class box_boutique_livre extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxTitleLastBooks",$max)); - $sql = "SELECT l.ref, l.title, l.rowid"; - $sql .= " FROM ".MAIN_DB_PREFIX."livre as l "; - $sql .= " ORDER BY l.date_ajout DESC "; - $sql .= $db->plimit($max, 0); - - $result = $db->query($sql); - - if ($result) + if ($user->rights->boutique->lire) { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT l.ref, l.title, l.rowid"; + $sql .= " FROM ".MAIN_DB_PREFIX."livre as l "; + $sql .= " ORDER BY l.date_ajout DESC "; + $sql .= $db->plimit($max, 0); + + $result = $db->query($sql); + + if ($result) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'left', - 'logo' => $this->boximg, - 'text' => $objp->title, - 'url' => DOL_URL_ROOT."/boutique/livre/fiche.php?id=".$objp->rowid); - - $i++; + $num = $db->num_rows($result); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'left', + 'logo' => $this->boximg, + 'text' => $objp->title, + 'url' => DOL_URL_ROOT."/boutique/livre/fiche.php?id=".$objp->rowid); + + $i++; + } } + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_clients.php b/htdocs/includes/boxes/box_clients.php index 7605732cea1..2f83c606503 100644 --- a/htdocs/includes/boxes/box_clients.php +++ b/htdocs/includes/boxes/box_clients.php @@ -62,34 +62,44 @@ class box_clients extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxTitleLastCustomers",$max)); - $sql = "SELECT s.nom,s.idp"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.client = 1"; - if ($user->societe_id > 0) + if ($user->rights->societe->lire) { - $sql .= " AND s.idp = $user->societe_id"; - } - $sql .= " ORDER BY s.datec DESC "; - $sql .= $db->plimit($max, 0); - - $result = $db->query($sql); - - if ($result) - { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT s.nom,s.idp"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.client = 1"; + if ($user->societe_id > 0) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'left', - 'logo' => $this->boximg, - 'text' => stripslashes($objp->nom), - 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); - - $i++; + $sql .= " AND s.idp = $user->societe_id"; } + $sql .= " ORDER BY s.datec DESC "; + $sql .= $db->plimit($max, 0); + + $result = $db->query($sql); + + if ($result) + { + $num = $db->num_rows($result); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'left', + 'logo' => $this->boximg, + 'text' => stripslashes($objp->nom), + 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); + + $i++; + } + } + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_commandes.php b/htdocs/includes/boxes/box_commandes.php index 4609ee68745..e315fb45c5c 100644 --- a/htdocs/includes/boxes/box_commandes.php +++ b/htdocs/includes/boxes/box_commandes.php @@ -58,12 +58,12 @@ class box_commandes extends ModeleBoxes { function loadBox($max=5) { global $user, $langs, $db; + $langs->load("boxes"); + + $this->info_box_head = array('text' => $langs->trans("BoxTitleLastCustomerOrders",$max)); if ($user->rights->commande->lire) { - $langs->load("boxes"); - - $this->info_box_head = array('text' => $langs->trans("BoxTitleLastCustomerOrders",$max)); $sql = "SELECT s.nom,s.idp,p.ref,".$db->pdate("p.date_commande")." as dp,p.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as p WHERE p.fk_soc = s.idp"; @@ -97,6 +97,13 @@ class box_commandes extends ModeleBoxes { $i++; } } + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_factures.php b/htdocs/includes/boxes/box_factures.php index 4de4715261c..a6313efc59f 100644 --- a/htdocs/includes/boxes/box_factures.php +++ b/htdocs/includes/boxes/box_factures.php @@ -58,13 +58,13 @@ class box_factures extends ModeleBoxes { function loadBox($max=5) { global $user, $langs, $db; - + + $langs->load("boxes"); + + $this->info_box_head = array('text' => $langs->trans("BoxTitleLastCustomerBills",$max)); + if ($user->rights->facture->lire) { - $langs->load("boxes"); - - $this->info_box_head = array('text' => $langs->trans("BoxTitleLastCustomerBills",$max)); - $sql = "SELECT s.nom,s.idp,f.facnumber,f.amount,".$db->pdate("f.datef")." as df,f.paye,f.rowid as facid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f WHERE f.fk_soc = s.idp"; if($user->societe_id) @@ -73,31 +73,35 @@ class box_factures extends ModeleBoxes { } $sql .= " ORDER BY f.datef DESC, f.facnumber DESC "; $sql .= $db->plimit($max, 0); - + $result = $db->query($sql); - + if ($result) { $num = $db->num_rows(); - + $i = 0; - + while ($i < $num) { $objp = $db->fetch_object($result); - + $this->info_box_contents[$i][0] = array('align' => 'left', 'logo' => $this->boximg, 'text' => $objp->facnumber, 'url' => DOL_URL_ROOT."/compta/facture.php?facid=".$objp->facid); - + $this->info_box_contents[$i][1] = array('align' => 'left', 'text' => $objp->nom, 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); $i++; } } - + + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_factures_fourn.php b/htdocs/includes/boxes/box_factures_fourn.php index 30c8559395d..33442185a31 100644 --- a/htdocs/includes/boxes/box_factures_fourn.php +++ b/htdocs/includes/boxes/box_factures_fourn.php @@ -97,6 +97,13 @@ class box_factures_fourn extends ModeleBoxes { $i++; } } + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_factures_fourn_imp.php b/htdocs/includes/boxes/box_factures_fourn_imp.php index 315d5e7299c..e48c0847de7 100644 --- a/htdocs/includes/boxes/box_factures_fourn_imp.php +++ b/htdocs/includes/boxes/box_factures_fourn_imp.php @@ -58,12 +58,12 @@ class box_factures_fourn_imp extends ModeleBoxes { function loadBox($max=5) { global $user, $langs, $db; + $langs->load("boxes"); + + $this->info_box_head = array('text' => $langs->trans("BoxTitleOldestUnpayedSupplierBills",$max)); if ($user->rights->facture->lire) { - $langs->load("boxes"); - - $this->info_box_head = array('text' => $langs->trans("BoxTitleOldestUnpayedSupplierBills",$max)); $sql = "SELECT s.nom,s.idp,f.facnumber,f.amount,".$db->pdate("f.datef")." as df,f.paye,f.rowid as facid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_fourn as f WHERE f.fk_soc = s.idp AND f.paye=0 AND fk_statut = 1"; @@ -97,8 +97,15 @@ class box_factures_fourn_imp extends ModeleBoxes { $i++; } } - + else { + dolibarr_print_error($db); + } } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } + } function showBox() diff --git a/htdocs/includes/boxes/box_factures_imp.php b/htdocs/includes/boxes/box_factures_imp.php index 96b5a585234..05f7841a2c3 100644 --- a/htdocs/includes/boxes/box_factures_imp.php +++ b/htdocs/includes/boxes/box_factures_imp.php @@ -105,6 +105,10 @@ class box_factures_imp extends ModeleBoxes { } } } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } } function showBox() diff --git a/htdocs/includes/boxes/box_fournisseurs.php b/htdocs/includes/boxes/box_fournisseurs.php index 1f08667f2e8..ceca7bfb828 100644 --- a/htdocs/includes/boxes/box_fournisseurs.php +++ b/htdocs/includes/boxes/box_fournisseurs.php @@ -61,34 +61,44 @@ class box_fournisseurs extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxTitleLastSuppliers",$max)); - $sql = "SELECT s.nom,s.idp"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.fournisseur = 1"; - if ($user->societe_id > 0) + if ($user->rights->societe->lire) { - $sql .= " AND s.idp = $user->societe_id"; - } - $sql .= " ORDER BY s.datec DESC "; - $sql .= $db->plimit($max, 0); - - $result = $db->query($sql); - - if ($result) - { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT s.nom,s.idp"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.fournisseur = 1"; + if ($user->societe_id > 0) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'left', - 'logo' => $this->boximg, - 'text' => $objp->nom, - 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); - - $i++; + $sql .= " AND s.idp = $user->societe_id"; } + $sql .= " ORDER BY s.datec DESC "; + $sql .= $db->plimit($max, 0); + + $result = $db->query($sql); + + if ($result) + { + $num = $db->num_rows(); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'left', + 'logo' => $this->boximg, + 'text' => $objp->nom, + 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); + + $i++; + } + } + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_osc_client.php b/htdocs/includes/boxes/box_osc_client.php index 8c697012cd8..eea08affaed 100644 --- a/htdocs/includes/boxes/box_osc_client.php +++ b/htdocs/includes/boxes/box_osc_client.php @@ -62,27 +62,37 @@ class box_osc_clients extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxTitleNbOfCustomers",$max)); - $sql = "SELECT count(*) as cus FROM ".DB_NAME_OSC.".customers"; - - $result = $db->query($sql); - if ($result) + if ($user->rights->boutique->lire) { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT count(*) as cus FROM ".DB_NAME_OSC.".customers"; + + $result = $db->query($sql); + if ($result) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'center', - 'logo' => $this->boximg, - 'text' => $objp->cus, - 'url' => DOL_URL_ROOT."/boutique/client/index.php"); - $i++; + $num = $db->num_rows(); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'center', + 'logo' => $this->boximg, + 'text' => $objp->cus, + 'url' => DOL_URL_ROOT."/boutique/client/index.php"); + $i++; + } + } + else { + dolibarr_print_error($db); } } - + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } + } function showBox() diff --git a/htdocs/includes/boxes/box_produits.php b/htdocs/includes/boxes/box_produits.php index b109b4fa502..7be1ded2f93 100644 --- a/htdocs/includes/boxes/box_produits.php +++ b/htdocs/includes/boxes/box_produits.php @@ -93,6 +93,10 @@ class box_produits extends ModeleBoxes { dolibarr_print_error($db); } } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } } function showBox() diff --git a/htdocs/includes/boxes/box_propales.php b/htdocs/includes/boxes/box_propales.php index 5b7e102ce3e..e97a1319e2b 100644 --- a/htdocs/includes/boxes/box_propales.php +++ b/htdocs/includes/boxes/box_propales.php @@ -59,11 +59,12 @@ class box_propales extends ModeleBoxes { { global $user, $langs, $db; + $langs->load("boxes"); + + $this->info_box_head = array('text' => $langs->trans("BoxTitleLastPropals",$max)); + if ($user->rights->propale->lire) { - $langs->load("boxes"); - - $this->info_box_head = array('text' => $langs->trans("BoxTitleLastPropals",$max)); $sql = "SELECT s.nom,s.idp,p.ref,".$db->pdate("p.datep")." as dp,p.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."propal as p WHERE p.fk_soc = s.idp"; @@ -97,7 +98,13 @@ class box_propales extends ModeleBoxes { $i++; } } - + else { + dolibarr_print_error($db); + } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); } } diff --git a/htdocs/includes/boxes/box_prospect.php b/htdocs/includes/boxes/box_prospect.php index da8e23f4b5e..fa2ae079193 100644 --- a/htdocs/includes/boxes/box_prospect.php +++ b/htdocs/includes/boxes/box_prospect.php @@ -63,36 +63,43 @@ class box_prospect extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxTitleLastProspects",$max)); - $sql = "SELECT s.nom,s.idp"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.client = 2"; - if ($user->societe_id > 0) + if ($user->rights->societe->lire) { - $sql .= " AND s.idp = $user->societe_id"; - } - $sql .= " ORDER BY s.datec DESC "; - $sql .= $db->plimit($max, 0); - - $result = $db->query($sql); - - if ($result) - { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT s.nom,s.idp"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s WHERE s.client = 2"; + if ($user->societe_id > 0) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'left', - 'logo' => $this->boximg, - 'text' => stripslashes($objp->nom), - 'url' => DOL_URL_ROOT."/comm/prospect/fiche.php?id=".$objp->idp); - - $i++; + $sql .= " AND s.idp = $user->societe_id"; + } + $sql .= " ORDER BY s.datec DESC "; + $sql .= $db->plimit($max, 0); + + $result = $db->query($sql); + + if ($result) + { + $num = $db->num_rows($result); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'left', + 'logo' => $this->boximg, + 'text' => stripslashes($objp->nom), + 'url' => DOL_URL_ROOT."/comm/prospect/fiche.php?id=".$objp->idp); + + $i++; + } } - } + } + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } } function showBox() diff --git a/htdocs/includes/boxes/box_services_vendus.php b/htdocs/includes/boxes/box_services_vendus.php index aa2d96617dd..da5f45bcb42 100644 --- a/htdocs/includes/boxes/box_services_vendus.php +++ b/htdocs/includes/boxes/box_services_vendus.php @@ -62,41 +62,51 @@ class box_services_vendus extends ModeleBoxes { $this->info_box_head = array('text' => $langs->trans("BoxLastProductsInContract",$max)); - $sql = "SELECT s.nom, s.idp, p.label, p.fk_product_type, c.rowid"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."product as p"; - $sql .= " WHERE s.idp = c.fk_soc AND c.fk_product = p.rowid"; - if($user->societe_id) + if ($user->rights->produit->lire) { - $sql .= " AND s.idp = $user->societe_id"; - } - $sql .= " ORDER BY c.tms DESC "; - $sql .= $db->plimit($max, 0); - - $result = $db->query($sql); - - if ($result) - { - $num = $db->num_rows(); - - $i = 0; - - while ($i < $num) + $sql = "SELECT s.nom, s.idp, p.label, p.fk_product_type, c.rowid"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."product as p"; + $sql .= " WHERE s.idp = c.fk_soc AND c.fk_product = p.rowid"; + if($user->societe_id) { - $objp = $db->fetch_object($result); - - $this->info_box_contents[$i][0] = array('align' => 'left', - 'logo' => ($objp->fk_product_type?'object_service':'object_product'), - 'text' => $objp->label, - 'url' => DOL_URL_ROOT."/contrat/fiche.php?id=".$objp->rowid); - - $this->info_box_contents[$i][1] = array('align' => 'left', - 'text' => $objp->nom, - 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); - - $i++; + $sql .= " AND s.idp = $user->societe_id"; + } + $sql .= " ORDER BY c.tms DESC "; + $sql .= $db->plimit($max, 0); + + $result = $db->query($sql); + + if ($result) + { + $num = $db->num_rows($result); + + $i = 0; + + while ($i < $num) + { + $objp = $db->fetch_object($result); + + $this->info_box_contents[$i][0] = array('align' => 'left', + 'logo' => ($objp->fk_product_type?'object_service':'object_product'), + 'text' => $objp->label, + 'url' => DOL_URL_ROOT."/contrat/fiche.php?id=".$objp->rowid); + + $this->info_box_contents[$i][1] = array('align' => 'left', + 'text' => $objp->nom, + 'url' => DOL_URL_ROOT."/comm/fiche.php?socid=".$objp->idp); + + $i++; + } + } + else { + dolibarr_print_error($db); } } - + else { + $this->info_box_contents[0][0] = array('align' => 'left', + 'text' => $langs->trans("ReadPermissionNotAllowed")); + } + } function showBox()