Merge pull request #12283 from frederic34/socid
replace deprecated user->societe_id by user->socid
This commit is contained in:
Laurent Destailleur
GitHub
commit
e087ac434d
@ -46,7 +46,7 @@ $search_pcgtype = GETPOST('search_pcgtype', 'alpha');
|
||||
$search_pcgsubtype = GETPOST('search_pcgsubtype', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0) accessforbidden();
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
if (! $user->rights->accounting->chartofaccount) accessforbidden();
|
||||
|
||||
// Load variable for pagination
|
||||
|
||||
@ -71,7 +71,7 @@ $search_country_id = GETPOST('search_country_id', 'int');
|
||||
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0) accessforbidden();
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
if (! $user->rights->accounting->chartofaccount) accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ if (! $sortorder) $sortorder="ASC";
|
||||
$langs->loadLangs(array("admin","compta"));
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->fiscalyear->write) // If we can read accounting records, we should be able to see fiscal year.
|
||||
accessforbidden();
|
||||
|
||||
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/fiscalyear.class.php';
|
||||
$langs->loadLangs(array("admin","compta"));
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (empty($user->rights->accounting->fiscalyear->write))
|
||||
accessforbidden();
|
||||
|
||||
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/fiscalyear.class.php';
|
||||
$langs->loadLangs(array("admin","compta"));
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->fiscalyear->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -45,7 +45,7 @@ $mode = GETPOST('mode', 'aZ09'); // '' or 'tmp'
|
||||
$piece_num = GETPOST("piece_num", 'int'); // id of transaction (several lines share the same transaction id)
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0) {
|
||||
if ($user->socid > 0) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -83,7 +83,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x',
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("socid", 'int');
|
||||
// if ($user->societe_id) $socid=$user->societe_id;
|
||||
// if ($user->socid) $socid=$user->socid;
|
||||
|
||||
$lettering = new Lettering($db);
|
||||
$object = new Societe($db);
|
||||
@ -139,7 +139,7 @@ dol_fiche_head($head, 'lettering_customer', $langs->trans("ThirdParty"), 0, 'com
|
||||
|
||||
$linkback = '<a href="'.DOL_URL_ROOT.'/societe/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
|
||||
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->societe_id?0:1), 'rowid', 'nom', '', '', 0, '', '', 'arearefnobottom');
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->socid?0:1), 'rowid', 'nom', '', '', 0, '', '', 'arearefnobottom');
|
||||
|
||||
dol_fiche_end();
|
||||
|
||||
|
||||
@ -83,7 +83,7 @@ if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x',
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("socid", 'int');
|
||||
// if ($user->societe_id) $socid=$user->societe_id;
|
||||
// if ($user->socid) $socid=$user->socid;
|
||||
|
||||
$lettering = new Lettering($db);
|
||||
$object = new Societe($db);
|
||||
@ -138,7 +138,7 @@ dol_fiche_head($head, 'lettering_supplier', $langs->trans("ThirdParty"), 0, 'com
|
||||
|
||||
$linkback = '<a href="'.DOL_URL_ROOT.'/societe/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
|
||||
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->societe_id?0:1), 'rowid', 'nom', '', '', 0, '', '', 'arearefnobottom');
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->socid?0:1), 'rowid', 'nom', '', '', 0, '', '', 'arearefnobottom');
|
||||
|
||||
dol_fiche_end();
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ $langs->loadLangs(array("compta","bills","other","main","accountancy"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->fiscalyear->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -34,7 +34,7 @@ $langs->loadLangs(array("compta","bills","other","main","accountancy"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->fiscalyear->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -38,7 +38,7 @@ $codeventil = GETPOST('codeventil');
|
||||
$id = GETPOST('id');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -39,7 +39,7 @@ $langs->loadLangs(array("compta","bills","other","main","accountancy"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -72,7 +72,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -83,7 +83,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -42,7 +42,7 @@ $codeventil = GETPOST('codeventil');
|
||||
$id = GETPOST('id');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -36,7 +36,7 @@ $langs->loadLangs(array("compta","bills","other","main","accountancy"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -67,7 +67,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -77,7 +77,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formother.class.php';
|
||||
$langs->loadLangs(array("compta","bills","other","accountancy","loans","banks","admin","dict"));
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
|
||||
|
||||
@ -80,7 +80,7 @@ $now = dol_now();
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0 && empty($id_journal))
|
||||
if ($user->socid > 0 && empty($id_journal))
|
||||
accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -56,7 +56,7 @@ if ($in_bookkeeping == '') $in_bookkeeping = 'notyet';
|
||||
$now = dol_now();
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
/*
|
||||
|
||||
@ -56,7 +56,7 @@ if ($in_bookkeeping == '') $in_bookkeeping = 'notyet';
|
||||
$now = dol_now();
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
$hookmanager->initHooks(array('purchasesjournal'));
|
||||
|
||||
@ -58,7 +58,7 @@ if ($in_bookkeeping == '') $in_bookkeeping = 'notyet';
|
||||
$now = dol_now();
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
$hookmanager->initHooks(array('sellsjournal'));
|
||||
|
||||
@ -42,7 +42,7 @@ $codeventil = GETPOST('codeventil');
|
||||
$id = GETPOST('id');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -37,7 +37,7 @@ $langs->loadLangs(array("compta","bills","other","main","accountancy"));
|
||||
if (empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -74,7 +74,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -83,7 +83,7 @@ if (! $sortorder) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
accessforbidden();
|
||||
if (! $user->rights->accounting->bind->write)
|
||||
accessforbidden();
|
||||
|
||||
@ -118,7 +118,7 @@ if (! empty($this->control->tpl['action_delete'])) echo $this->control->tpl['act
|
||||
|
||||
<?php echo $this->control->tpl['showend'];
|
||||
|
||||
if (empty($user->societe_id)) {
|
||||
if (empty($user->socid)) {
|
||||
echo '<div class="tabsAction">';
|
||||
|
||||
if ($user->rights->adherent->creer) {
|
||||
|
||||
@ -1885,7 +1885,7 @@ else
|
||||
}
|
||||
|
||||
// Create user
|
||||
if (! $user->societe_id && ! $object->user_id)
|
||||
if (! $user->socid && ! $object->user_id)
|
||||
{
|
||||
if ($user->rights->user->user->creer)
|
||||
{
|
||||
|
||||
@ -70,7 +70,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$this->where.= " m.statut != 0";
|
||||
$this->where.= " AND p.fk_adherent = m.rowid AND m.entity IN (".getEntity('adherent').")";
|
||||
//if (!$user->rights->societe->client->voir && !$user->societe_id) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if($this->memberid)
|
||||
{
|
||||
$this->where .= " AND m.rowid = ".$this->memberid;
|
||||
@ -92,7 +92,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)";
|
||||
$sql.= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE date_format(p.dateadh,'%Y') = '".$year."'";
|
||||
$sql.= " AND ".$this->where;
|
||||
$sql.= " GROUP BY dm";
|
||||
@ -112,7 +112,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%Y') as dm, count(*)";
|
||||
$sql.= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE ".$this->where;
|
||||
$sql.= " GROUP BY dm";
|
||||
$sql.= $this->db->order('dm', 'DESC');
|
||||
@ -133,7 +133,7 @@ class AdherentStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")";
|
||||
$sql.= " FROM ".$this->from;
|
||||
//if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
//if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE date_format(p.dateadh,'%Y') = '".$year."'";
|
||||
$sql.= " AND ".$this->where;
|
||||
$sql.= " GROUP BY dm";
|
||||
|
||||
@ -37,9 +37,9 @@ $action = GETPOST('action', 'aZ09');
|
||||
|
||||
// Protection
|
||||
$socid=0;
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$object = new Adherent($db);
|
||||
|
||||
@ -33,10 +33,10 @@ $mode=GETPOST('mode')?GETPOST('mode'):'';
|
||||
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result=restrictedArea($user, 'adherent', '', '', 'cotisation');
|
||||
|
||||
|
||||
@ -34,10 +34,10 @@ $mode=GETPOST('mode')?GETPOST('mode'):'';
|
||||
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result=restrictedArea($user, 'adherent', '', '', 'cotisation');
|
||||
|
||||
|
||||
@ -35,10 +35,10 @@ $userid=GETPOST('userid', 'int'); if ($userid < 0) $userid=0;
|
||||
$socid=GETPOST('socid', 'int'); if ($socid < 0) $socid=0;
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result=restrictedArea($user, 'adherent', '', '', 'cotisation');
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ $cancel=GETPOST('cancel', 'alpha');
|
||||
// Security check
|
||||
$fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref : ''));
|
||||
$fieldtype = (! empty($ref) ? 'ref' : 'rowid');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
// Security check
|
||||
$result=restrictedArea($user, 'adherent', $id, 'adherent_type');
|
||||
|
||||
|
||||
@ -75,8 +75,8 @@ if (empty($action) && empty($id) && empty($ref)) $action='view';
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->statut == MyObject::STATUS_DRAFT) ? 1 : 0);
|
||||
//$result = restrictedArea($user, 'mymodule', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
|
||||
@ -78,9 +78,9 @@ if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
// Security check
|
||||
$socid=0;
|
||||
if ($user->societe_id > 0) // Protection if external user
|
||||
if ($user->socid > 0) // Protection if external user
|
||||
{
|
||||
//$socid = $user->societe_id;
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
//$result = restrictedArea($user, 'emailcollector', $id, '');
|
||||
|
||||
@ -71,9 +71,9 @@ if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
// Protection if external user
|
||||
$socid=0;
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
//$socid = $user->societe_id;
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -35,10 +35,10 @@ $action=GETPOST('action', 'alpha');
|
||||
$confirm=GETPOST('confirm', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
// Load translation files required by the page
|
||||
|
||||
@ -35,10 +35,10 @@ $action=GETPOST('action', 'alpha');
|
||||
$confirm=GETPOST('confirm', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$sortfield = GETPOST("sortfield", 'alpha');
|
||||
|
||||
@ -60,8 +60,8 @@ foreach($object->fields as $key => $val)
|
||||
if (empty($action) && empty($id) && empty($ref)) $action='view';
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'asset', $id);
|
||||
|
||||
// Load object
|
||||
|
||||
@ -40,8 +40,8 @@ $id=(GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int'));
|
||||
$ref = GETPOST('ref', 'alpha');
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'asset', $id);
|
||||
|
||||
// Get parameters
|
||||
|
||||
@ -34,7 +34,7 @@ $ref=GETPOST('ref', 'alpha');
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'asset', $id, '');
|
||||
|
||||
$object = new Asset($db);
|
||||
|
||||
@ -72,9 +72,9 @@ if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
// Protection if external user
|
||||
$socid=0;
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
//$socid = $user->societe_id;
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
//$result = restrictedArea($user, 'asset', $id,'');
|
||||
|
||||
@ -46,8 +46,8 @@ $hookmanager->initHooks(array('assetnote')); // Note that conf->hooks_module
|
||||
$extrafields->fetch_name_optionals_label($object->table_element);
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'asset', $id);
|
||||
|
||||
// Load object
|
||||
|
||||
@ -53,8 +53,8 @@ else
|
||||
$search_agenda_label=GETPOST('search_agenda_label');
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'bom', $id);
|
||||
|
||||
$limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
|
||||
|
||||
@ -70,8 +70,8 @@ if (empty($action) && empty($id) && empty($ref)) $action='view';
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->statut == BillOfMaterials::STATUS_DRAFT) ? 1 : 0);
|
||||
//$result = restrictedArea($user, 'bom', $object->id, '', '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
|
||||
@ -41,8 +41,8 @@ $id=(GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int'));
|
||||
$ref = GETPOST('ref', 'alpha');
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'bom', $id);
|
||||
|
||||
// Get parameters
|
||||
|
||||
@ -73,9 +73,9 @@ if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
// Security check
|
||||
$socid=0;
|
||||
if ($user->societe_id > 0) // Protection if external user
|
||||
if ($user->socid > 0) // Protection if external user
|
||||
{
|
||||
//$socid = $user->societe_id;
|
||||
//$socid = $user->socid;
|
||||
accessforbidden();
|
||||
}
|
||||
//$result = restrictedArea($user, 'bom', $id, '');
|
||||
|
||||
@ -47,8 +47,8 @@ $hookmanager->initHooks(array('bomnote','globalcard')); // Note that conf->h
|
||||
$extrafields->fetch_name_optionals_label($object->table_element);
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->societe_id > 0) access_forbidden();
|
||||
//if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
//if ($user->socid > 0) access_forbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$result = restrictedArea($user, 'bom', $id);
|
||||
|
||||
// Load object
|
||||
|
||||
@ -779,9 +779,9 @@ class Categorie extends CommonObject
|
||||
$sql .= " AND c.fk_categorie = ".$this->id;
|
||||
$sql .= " AND c.fk_" . $this->MAP_CAT_FK[$type] . " = o.rowid";
|
||||
// Protection for external users
|
||||
if (($type == 'customer' || $type == 'supplier') && $user->societe_id > 0)
|
||||
if (($type == 'customer' || $type == 'supplier') && $user->socid > 0)
|
||||
{
|
||||
$sql.= " AND o.rowid = ".$user->societe_id;
|
||||
$sql.= " AND o.rowid = ".$user->socid;
|
||||
}
|
||||
if ($limit > 0 || $offset > 0) $sql .= $this->db->plimit($limit + 1, $offset);
|
||||
$sql .= $this->db->order($sortfield, $sortorder);
|
||||
|
||||
@ -136,7 +136,7 @@ if ($object->id)
|
||||
}
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
|
||||
dol_banner_tab($object, 'ref', $linkback, ($user->socid?0:1), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
|
||||
|
||||
/*
|
||||
* Confirmation de la suppression de photo
|
||||
|
||||
@ -207,7 +207,7 @@ foreach ($ways as $way)
|
||||
}
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
|
||||
dol_banner_tab($object, 'ref', $linkback, ($user->socid?0:1), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
|
||||
|
||||
print '<br>';
|
||||
|
||||
|
||||
@ -226,7 +226,7 @@ foreach ($ways as $way)
|
||||
}
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
dol_banner_tab($object, 'label', $linkback, ($user->societe_id?0:1), 'label', 'label', $morehtmlref, '', 0, '', '', 1);
|
||||
dol_banner_tab($object, 'label', $linkback, ($user->socid?0:1), 'label', 'label', $morehtmlref, '', 0, '', '', 1);
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@ -69,9 +69,9 @@ $datef=dol_mktime($fulldayevent?'23':$p2hour, $fulldayevent?'59':$p2min, $fullda
|
||||
// Security check
|
||||
$socid = GETPOST('socid', 'int');
|
||||
$id = GETPOST('id', 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
|
||||
if ($user->societe_id && $socid) $result = restrictedArea($user, 'societe', $socid);
|
||||
if ($user->socid && $socid) $result = restrictedArea($user, 'societe', $socid);
|
||||
|
||||
$error=GETPOST("error");
|
||||
$donotclearsession=GETPOST('donotclearsession')?GETPOST('donotclearsession'):0;
|
||||
@ -1024,8 +1024,8 @@ if ($action == 'create')
|
||||
$events=array();
|
||||
$events[]=array('method' => 'getContacts', 'url' => dol_buildpath('/core/ajax/contacts.php?showempty=1', 1), 'htmlname' => 'contactid', 'params' => array('add-customer-contact' => 'disabled'));
|
||||
//For external user force the company to user company
|
||||
if (!empty($user->societe_id)) {
|
||||
print $form->select_company($user->societe_id, 'socid', '', 1, 1, 0, $events, 0, 'minwidth300');
|
||||
if (!empty($user->socid)) {
|
||||
print $form->select_company($user->socid, 'socid', '', 1, 1, 0, $events, 0, 'minwidth300');
|
||||
} else {
|
||||
print $form->select_company('', 'socid', '', 'SelectThirdParty', 1, 0, $events, 0, 'minwidth300');
|
||||
}
|
||||
@ -1612,7 +1612,7 @@ if ($id > 0)
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->societe_id?0:1), 'id', 'ref', $morehtmlref);
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->socid?0:1), 'id', 'ref', $morehtmlref);
|
||||
|
||||
print '<div class="fichecenter">';
|
||||
|
||||
|
||||
@ -1163,13 +1163,13 @@ class ActionComm extends CommonObject
|
||||
$sql = "SELECT count(a.id) as nb";
|
||||
}
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a";
|
||||
if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
if (! $user->rights->societe->client->voir && ! $user->socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
|
||||
$sql.= " WHERE 1 = 1";
|
||||
if(empty($load_state_board)) $sql.= " AND a.percent >= 0 AND a.percent < 100";
|
||||
$sql.= " AND a.entity IN (".getEntity('agenda').")";
|
||||
if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= " AND (a.fk_soc IS NULL OR sc.fk_user = " .$user->id . ")";
|
||||
if ($user->societe_id) $sql.=" AND a.fk_soc = ".$user->societe_id;
|
||||
if (! $user->rights->societe->client->voir && ! $user->socid) $sql.= " AND (a.fk_soc IS NULL OR sc.fk_user = " .$user->id . ")";
|
||||
if ($user->socid) $sql.=" AND a.fk_soc = ".$user->socid;
|
||||
if (! $user->rights->agenda->allactions->read) $sql.= " AND (a.fk_user_author = ".$user->id . " OR a.fk_user_action = ".$user->id . " OR a.fk_user_done = ".$user->id . ")";
|
||||
|
||||
$resql=$this->db->query($sql);
|
||||
|
||||
@ -45,8 +45,8 @@ $confirm = GETPOST('confirm', 'alpha');
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('socid', 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
unset($_GET["action"]);
|
||||
$action='';
|
||||
@ -159,7 +159,7 @@ if ($object->id > 0)
|
||||
}
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->societe_id?0:1), 'id', 'ref', $morehtmlref);
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->socid?0:1), 'id', 'ref', $morehtmlref);
|
||||
|
||||
print '<div class="fichecenter">';
|
||||
|
||||
|
||||
@ -67,7 +67,7 @@ if (! $sortfield) $sortfield="a.datec";
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("search_socid", "int")?GETPOST("search_socid", "int"):GETPOST("socid", "int");
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
|
||||
if ($socid < 0) $socid='';
|
||||
|
||||
|
||||
@ -39,10 +39,10 @@ $langs->load("commercial");
|
||||
$id = GETPOST('id', 'int');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
|
||||
@ -102,7 +102,7 @@ if (! empty($conf->projet->enabled))
|
||||
}
|
||||
$morehtmlref.='</div>';
|
||||
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->societe_id?0:1), 'id', 'ref', $morehtmlref);
|
||||
dol_banner_tab($object, 'id', $linkback, ($user->socid?0:1), 'id', 'ref', $morehtmlref);
|
||||
|
||||
print '<div class="underbanner clearboth"></div>';
|
||||
|
||||
|
||||
@ -110,7 +110,7 @@ if (! $sortfield)
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("search_socid", 'int')?GETPOST("search_socid", 'int'):GETPOST("socid", 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
|
||||
if ($socid < 0) $socid='';
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@ if (! $sortfield) $sortfield="a.datec";
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("socid", "int");
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
|
||||
if ($socid < 0) $socid='';
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@ if (! $sortfield) $sortfield="a.datec";
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST("search_socid", "int")?GETPOST("search_socid", "int"):GETPOST("socid", "int");
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
|
||||
if ($socid < 0) $socid='';
|
||||
|
||||
|
||||
@ -49,7 +49,7 @@ if (! $sortfield) $sortfield="a.datep";
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('socid', 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'agenda', $socid, '', 'myactions');
|
||||
|
||||
|
||||
|
||||
@ -59,7 +59,7 @@ if (! empty($conf->notification->enabled)) $langs->load("mails");
|
||||
|
||||
// Security check
|
||||
$id = (GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int'));
|
||||
if ($user->societe_id > 0) $id=$user->societe_id;
|
||||
if ($user->socid > 0) $id=$user->socid;
|
||||
$result = restrictedArea($user, 'societe', $id, '&societe');
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
@ -240,7 +240,7 @@ if ($object->id > 0)
|
||||
|
||||
$linkback = '<a href="'.DOL_URL_ROOT.'/societe/list.php">'.$langs->trans("BackToList").'</a>';
|
||||
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->societe_id?0:1), 'rowid', 'nom');
|
||||
dol_banner_tab($object, 'socid', $linkback, ($user->socid?0:1), 'rowid', 'nom');
|
||||
|
||||
print '<div class="fichecenter"><div class="fichehalfleft">';
|
||||
|
||||
@ -387,7 +387,7 @@ if ($object->id > 0)
|
||||
print '<table width="100%" class="nobordernopadding"><tr><td class="nowrap">';
|
||||
print $langs->trans("CustomerRelativeDiscountShort");
|
||||
print '<td><td class="right">';
|
||||
if ($user->rights->societe->creer && !$user->societe_id > 0)
|
||||
if ($user->rights->societe->creer && !$user->socid > 0)
|
||||
{
|
||||
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/comm/remise.php?id='.$object->id.'">'.img_edit($langs->trans("Modify")).'</a>';
|
||||
}
|
||||
@ -401,7 +401,7 @@ if ($object->id > 0)
|
||||
print '<tr><td class="nowrap">';
|
||||
print $langs->trans("CustomerAbsoluteDiscountShort");
|
||||
print '<td><td class="right">';
|
||||
if ($user->rights->societe->creer && !$user->societe_id > 0)
|
||||
if ($user->rights->societe->creer && !$user->socid > 0)
|
||||
{
|
||||
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/comm/remx.php?id='.$object->id.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?socid='.$object->id).'">'.img_edit($langs->trans("Modify")).'</a>';
|
||||
}
|
||||
@ -1274,7 +1274,7 @@ if ($object->id > 0)
|
||||
}
|
||||
|
||||
// Add invoice
|
||||
if ($user->societe_id == 0)
|
||||
if ($user->socid == 0)
|
||||
{
|
||||
if (! empty($conf->deplacement->enabled) && $object->status==1)
|
||||
{
|
||||
|
||||
@ -47,7 +47,7 @@ $begin=GETPOST('begin', 'alpha');
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('socid', 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'societe', $socid, '');
|
||||
|
||||
|
||||
|
||||
@ -51,10 +51,10 @@ $bid=GETPOST('bid', 'int');
|
||||
|
||||
// Securite acces client
|
||||
$socid=GETPOST('socid', 'int');
|
||||
if (isset($user->societe_id) && $user->societe_id > 0)
|
||||
if (isset($user->socid) && $user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$max=3;
|
||||
@ -561,10 +561,10 @@ if (! empty($conf->fournisseur->enabled) && $user->rights->societe->lire)
|
||||
$sql = "SELECT s.nom as name, s.rowid, s.datec as dc, s.canvas, s.tms as dm";
|
||||
$sql.= ", s.code_fournisseur";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
|
||||
if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (! $user->rights->societe->client->voir && ! $user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE s.fournisseur = 1";
|
||||
$sql.= " AND s.entity IN (".getEntity($companystatic->element).")";
|
||||
if (! $user->rights->societe->client->voir && ! $user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if (! $user->rights->societe->client->voir && ! $user->socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socid) $sql.= " AND s.rowid = ".$socid;
|
||||
$sql.= " ORDER BY s.datec DESC";
|
||||
$sql.= $db->plimit($max, 0);
|
||||
|
||||
@ -41,7 +41,7 @@ if (! empty($conf->categorie->enabled)) {
|
||||
}
|
||||
|
||||
// Security check
|
||||
if (! $user->rights->mailing->lire || $user->societe_id > 0)
|
||||
if (! $user->rights->mailing->lire || $user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
// Load variable for pagination
|
||||
|
||||
@ -38,7 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->load("mails");
|
||||
|
||||
if (! $user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->societe_id > 0)) accessforbidden();
|
||||
if (! $user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) accessforbidden();
|
||||
|
||||
$id=(GETPOST('mailid', 'int') ? GETPOST('mailid', 'int') : GETPOST('id', 'int'));
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
@ -36,7 +36,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
|
||||
$langs->load("mails");
|
||||
|
||||
// Security check
|
||||
if (! $user->rights->mailing->lire || $user->societe_id > 0) accessforbidden();
|
||||
if (! $user->rights->mailing->lire || $user->socid > 0) accessforbidden();
|
||||
|
||||
|
||||
// Load variable for pagination
|
||||
|
||||
@ -33,7 +33,7 @@ $id=GETPOST('id');
|
||||
$langs->load("mails");
|
||||
|
||||
// Security check
|
||||
if (! $user->rights->mailing->lire || $user->societe_id > 0)
|
||||
if (! $user->rights->mailing->lire || $user->socid > 0)
|
||||
accessforbidden();
|
||||
|
||||
|
||||
|
||||
@ -33,9 +33,9 @@ $langs->loadLangs(array('orders', 'companies'));
|
||||
$id = GETPOST('id', 'int');
|
||||
$_socid = GETPOST("id", 'int');
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$_socid = $user->societe_id;
|
||||
$_socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -86,7 +86,7 @@ $hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (! empty($co
|
||||
$NBLINES = 4;
|
||||
|
||||
// Security check
|
||||
if (! empty($user->societe_id)) $socid = $user->societe_id;
|
||||
if (! empty($user->socid)) $socid = $user->socid;
|
||||
$result = restrictedArea($user, 'propal', $id);
|
||||
|
||||
$object = new Propal($db);
|
||||
@ -1717,7 +1717,7 @@ if ($action == 'create')
|
||||
print $doleditor->Create(1);
|
||||
|
||||
// Private note
|
||||
if (empty($user->societe_id))
|
||||
if (empty($user->socid))
|
||||
{
|
||||
print '<tr>';
|
||||
print '<td class="tdtop">' . $langs->trans('NotePrivate') . '</td>';
|
||||
|
||||
@ -3263,7 +3263,7 @@ class Propal extends CommonObject
|
||||
|
||||
$sql = "SELECT p.rowid, p.ref, p.datec as datec, p.fin_validite as datefin, p.total_ht";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id)
|
||||
if (!$user->rights->societe->client->voir && !$user->socid)
|
||||
{
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc";
|
||||
$sql.= " WHERE sc.fk_user = " .$user->id;
|
||||
@ -3272,7 +3272,7 @@ class Propal extends CommonObject
|
||||
$sql.= $clause." p.entity IN (".getEntity('propal').")";
|
||||
if ($mode == 'opened') $sql.= " AND p.fk_statut = ".self::STATUS_VALIDATED;
|
||||
if ($mode == 'signed') $sql.= " AND p.fk_statut = ".self::STATUS_SIGNED;
|
||||
if ($user->societe_id) $sql.= " AND p.fk_soc = ".$user->societe_id;
|
||||
if ($user->socid) $sql.= " AND p.fk_soc = ".$user->socid;
|
||||
|
||||
$resql=$this->db->query($sql);
|
||||
if ($resql)
|
||||
@ -3442,7 +3442,7 @@ class Propal extends CommonObject
|
||||
$sql = "SELECT count(p.rowid) as nb";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p";
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id)
|
||||
if (!$user->rights->societe->client->voir && !$user->socid)
|
||||
{
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql.= " WHERE sc.fk_user = " .$user->id;
|
||||
|
||||
@ -112,7 +112,7 @@ class PropaleStats extends Stats
|
||||
|
||||
$sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb";
|
||||
$sql.= " FROM ".$this->from;
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE ".$this->field_date." BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'";
|
||||
$sql.= " AND ".$this->where;
|
||||
$sql.= " GROUP BY dm";
|
||||
|
||||
@ -41,7 +41,7 @@ $lineid=GETPOST('lineid', 'int');
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'propal', $id);
|
||||
|
||||
$object = new Propal($db);
|
||||
|
||||
@ -46,9 +46,9 @@ $ref = GETPOST('ref', 'alpha');
|
||||
|
||||
// Security check
|
||||
$socid='';
|
||||
if (! empty($user->societe_id))
|
||||
if (! empty($user->socid))
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'propal', $id);
|
||||
|
||||
|
||||
@ -38,10 +38,10 @@ $langs->loadLangs(array('propal', 'companies'));
|
||||
|
||||
// Security check
|
||||
$socid=GETPOST('socid', 'int');
|
||||
if (isset($user->societe_id) && $user->societe_id > 0)
|
||||
if (isset($user->socid) && $user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'propal');
|
||||
|
||||
@ -87,7 +87,7 @@ $sql.= ", ".MAIN_DB_PREFIX."propal as p";
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE p.fk_soc = s.rowid";
|
||||
$sql.= " AND p.entity IN (".getEntity('propal').")";
|
||||
if ($user->societe_id) $sql.=' AND p.fk_soc = '.$user->societe_id;
|
||||
if ($user->socid) $sql.=' AND p.fk_soc = '.$user->socid;
|
||||
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql.= " AND p.fk_statut IN (0,1,2,3,4)";
|
||||
$sql.= " GROUP BY p.fk_statut";
|
||||
|
||||
@ -40,7 +40,7 @@ $ref=GETPOST('ref', 'alpha');
|
||||
$socid=GETPOST('socid', 'int');
|
||||
|
||||
// Security check
|
||||
if (! empty($user->societe_id)) $socid=$user->societe_id;
|
||||
if (! empty($user->socid)) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'propal', $id);
|
||||
|
||||
$object = new Propal($db);
|
||||
|
||||
@ -112,7 +112,7 @@ if (! $sortorder) $sortorder='DESC';
|
||||
$module='propal';
|
||||
$dbtable='';
|
||||
$objectid='';
|
||||
if (! empty($user->societe_id)) $socid=$user->societe_id;
|
||||
if (! empty($user->socid)) $socid=$user->socid;
|
||||
if (! empty($socid))
|
||||
{
|
||||
$objectid=$socid;
|
||||
|
||||
@ -41,7 +41,7 @@ $ref=GETPOST('ref', 'alpha');
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'propale', $id, 'propal');
|
||||
|
||||
$object = new Propal($db);
|
||||
|
||||
@ -42,10 +42,10 @@ $object_status=GETPOST('object_status');
|
||||
$userid=GETPOST('userid', 'int');
|
||||
$socid=GETPOST('socid', 'int');
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$nowyear=strftime("%Y", dol_now());
|
||||
@ -94,7 +94,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filenamenb = $dir.'/proposalsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -134,7 +134,7 @@ if (! $mesg)
|
||||
$data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear, 0);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filenameamount = $dir.'/proposalsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
$fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -173,7 +173,7 @@ if (! $mesg)
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
$fileurl_avg='';
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -30,9 +30,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/agenda.lib.php';
|
||||
$langs->load("propal");
|
||||
|
||||
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -32,10 +32,10 @@ if (! empty($conf->facture->enabled)) $langs->load("bills");
|
||||
|
||||
// Security check
|
||||
$socid = $_GET["socid"];
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -32,10 +32,10 @@ if (! empty($conf->facture->enabled)) $langs->load("bills");
|
||||
|
||||
// Security check
|
||||
$socid = $_GET["socid"];
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -33,9 +33,9 @@ $id=GETPOST("id", 'int');
|
||||
|
||||
$socid = GETPOST('id', 'int')?GETPOST('id', 'int'):GETPOST('socid', 'int');
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
@ -116,7 +116,7 @@ if ($socid > 0)
|
||||
|
||||
dol_fiche_head($head, 'relativediscount', $langs->trans("ThirdParty"), -1, 'company');
|
||||
|
||||
dol_banner_tab($object, 'socid', '', ($user->societe_id?0:1), 'rowid', 'nom');
|
||||
dol_banner_tab($object, 'socid', '', ($user->socid?0:1), 'rowid', 'nom');
|
||||
|
||||
print '<div class="fichecenter">';
|
||||
|
||||
|
||||
@ -40,9 +40,9 @@ $backtopage=GETPOST('backtopage', 'alpha');
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('id', 'int')?GETPOST('id', 'int'):GETPOST('socid', 'int');
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
@ -252,7 +252,7 @@ if ($socid > 0)
|
||||
|
||||
dol_fiche_head($head, 'absolutediscount', $langs->trans("ThirdParty"), 0, 'company');
|
||||
|
||||
dol_banner_tab($object, 'socid', '', ($user->societe_id?0:1), 'rowid', 'nom');
|
||||
dol_banner_tab($object, 'socid', '', ($user->socid?0:1), 'rowid', 'nom');
|
||||
|
||||
print '<div class="fichecenter">';
|
||||
|
||||
|
||||
@ -82,8 +82,8 @@ $hidedesc = (GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (! empty(
|
||||
$hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0));
|
||||
|
||||
// Security check
|
||||
if (! empty($user->societe_id))
|
||||
$socid = $user->societe_id;
|
||||
if (! empty($user->socid))
|
||||
$socid = $user->socid;
|
||||
$result = restrictedArea($user, 'commande', $id);
|
||||
|
||||
$object = new Commande($db);
|
||||
@ -1803,7 +1803,7 @@ if ($action == 'create' && $usercancreate)
|
||||
print '</td></tr>';
|
||||
|
||||
// Note private
|
||||
if (empty($user->societe_id)) {
|
||||
if (empty($user->socid)) {
|
||||
print '<tr>';
|
||||
print '<td class="tdtop">' . $langs->trans('NotePrivate') . '</td>';
|
||||
print '<td>';
|
||||
|
||||
@ -3416,7 +3416,7 @@ class Commande extends CommonOrder
|
||||
|
||||
$sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as c";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id)
|
||||
if (!$user->rights->societe->client->voir && !$user->socid)
|
||||
{
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc";
|
||||
$sql.= " WHERE sc.fk_user = " .$user->id;
|
||||
@ -3425,7 +3425,7 @@ class Commande extends CommonOrder
|
||||
$sql.= $clause." c.entity IN (".getEntity('commande').")";
|
||||
//$sql.= " AND c.fk_statut IN (1,2,3) AND c.facture = 0";
|
||||
$sql.= " AND ((c.fk_statut IN (".self::STATUS_VALIDATED.",".self::STATUS_SHIPMENTONPROCESS.")) OR (c.fk_statut = ".self::STATUS_CLOSED." AND c.facture = 0))"; // If status is 2 and facture=1, it must be selected
|
||||
if ($user->societe_id) $sql.=" AND c.fk_soc = ".$user->societe_id;
|
||||
if ($user->socid) $sql.=" AND c.fk_soc = ".$user->socid;
|
||||
|
||||
$resql=$this->db->query($sql);
|
||||
if ($resql)
|
||||
@ -3797,7 +3797,7 @@ class Commande extends CommonOrder
|
||||
$sql = "SELECT count(co.rowid) as nb";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."commande as co";
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id)
|
||||
if (!$user->rights->societe->client->voir && !$user->socid)
|
||||
{
|
||||
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
|
||||
$sql.= " WHERE sc.fk_user = " .$user->id;
|
||||
|
||||
@ -212,7 +212,7 @@ class CommandeStats extends Stats
|
||||
|
||||
$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
|
||||
$sql.= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
|
||||
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE ".$this->where;
|
||||
$sql.= " AND c.rowid = tl.fk_commande AND tl.fk_product = product.rowid";
|
||||
$sql.= " AND c.date_commande BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'";
|
||||
|
||||
@ -40,7 +40,7 @@ $ref=GETPOST('ref', 'alpha');
|
||||
$action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'commande', $id, '');
|
||||
|
||||
$object = new Commande($db);
|
||||
|
||||
@ -33,10 +33,10 @@ require_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
|
||||
$action=GETPOST('action', 'aZ09');
|
||||
|
||||
// Secrutiy check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
if (! $user->rights->facture->creer)
|
||||
|
||||
@ -45,9 +45,9 @@ $id = GETPOST('id', 'int');
|
||||
$ref = GETPOST('ref');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id)
|
||||
if ($user->socid)
|
||||
{
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result=restrictedArea($user, 'commande', $id, '');
|
||||
|
||||
|
||||
@ -42,10 +42,10 @@ $langs->loadLangs(array('orders', 'bills'));
|
||||
|
||||
// Security check
|
||||
$socid=GETPOST('socid', 'int');
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
|
||||
@ -92,7 +92,7 @@ $sql.= ", ".MAIN_DB_PREFIX."commande as c";
|
||||
if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE c.fk_soc = s.rowid";
|
||||
$sql.= " AND c.entity IN (".getEntity('societe').")";
|
||||
if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id;
|
||||
if ($user->socid) $sql.=' AND c.fk_soc = '.$user->socid;
|
||||
if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
$sql.= " GROUP BY c.fk_statut";
|
||||
|
||||
|
||||
@ -42,7 +42,7 @@ $id = GETPOST("id", 'int');
|
||||
$ref=GETPOST('ref', 'alpha');
|
||||
|
||||
// Security check
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result=restrictedArea($user, 'commande', $comid, '');
|
||||
|
||||
$object = new Commande($db);
|
||||
|
||||
@ -88,7 +88,7 @@ $search_project=GETPOST('search_project', 'alpha');
|
||||
|
||||
// Security check
|
||||
$id = (GETPOST('orderid')?GETPOST('orderid', 'int'):GETPOST('id', 'int'));
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'commande', $id, '');
|
||||
|
||||
$diroutputmassaction=$conf->commande->multidir_output[$conf->entity] . '/temp/massgeneration/'.$user->id;
|
||||
|
||||
@ -42,7 +42,7 @@ $action=GETPOST('action', 'alpha');
|
||||
|
||||
// Security check
|
||||
$socid=0;
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result=restrictedArea($user, 'commande', $id, '');
|
||||
|
||||
|
||||
|
||||
@ -139,7 +139,7 @@ if (($action == 'create' || $action == 'add') && !$error)
|
||||
|
||||
// Security check
|
||||
$fieldid = GETPOST('ref', 'alpha')?'ref':'rowid';
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result = restrictedArea($user, 'facture', $id, '', '', 'fk_soc', $fieldid);
|
||||
|
||||
$usehm=$conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE;
|
||||
@ -503,7 +503,7 @@ if ($action == 'create' && !$error)
|
||||
|
||||
print '</textarea></td></tr>';
|
||||
// Private note
|
||||
if (empty($user->societe_id))
|
||||
if (empty($user->socid))
|
||||
{
|
||||
print '<tr>';
|
||||
print '<td class="border" valign="top">'.$langs->trans('NotePrivate').'</td>';
|
||||
|
||||
@ -43,10 +43,10 @@ $object_status=GETPOST('object_status');
|
||||
$userid=GETPOST('userid', 'int');
|
||||
$socid=GETPOST('socid', 'int');
|
||||
// Security check
|
||||
if ($user->societe_id > 0)
|
||||
if ($user->socid > 0)
|
||||
{
|
||||
$action = '';
|
||||
$socid = $user->societe_id;
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
||||
$nowyear=strftime("%Y", dol_now());
|
||||
@ -101,7 +101,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filenamenb = $dir.'/ordersnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -144,7 +144,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear);
|
||||
//var_dump($data);
|
||||
// $data = array(array('Lib',val1,val2,val3),...)
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filenameamount = $dir.'/ordersamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$user->id.'-'.$year.'.png';
|
||||
@ -185,7 +185,7 @@ if (! $mesg)
|
||||
|
||||
$data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear);
|
||||
|
||||
if (!$user->rights->societe->client->voir || $user->societe_id)
|
||||
if (!$user->rights->societe->client->voir || $user->socid)
|
||||
{
|
||||
$filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
if ($mode == 'customer') $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png';
|
||||
|
||||
@ -73,7 +73,7 @@ $arrayfields=array(
|
||||
if (empty($conf->comptabilite->enabled) && empty($conf->accounting->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if ($user->societe_id > 0) {
|
||||
if ($user->socid > 0) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ $ref=GETPOST('ref');
|
||||
// Security check
|
||||
$fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref :''));
|
||||
$fieldtype = (! empty($ref) ? 'ref' :'rowid');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
if ($user->socid) $socid=$user->socid;
|
||||
$result=restrictedArea($user, 'banque', $fieldvalue, 'bank_account&bank_account', '', '', $fieldtype);
|
||||
|
||||
$year_start=GETPOST('year_start');
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user