diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index ab39df1d0f4..aa15fbea86b 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2102,7 +2102,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->rights->contrat->lire && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 67c4d4dbfcc..d3336500263 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -78,8 +78,9 @@ class box_factures_imp extends ModeleBoxes $sql.= " f.total_ttc,"; $sql.= " f.paye, f.fk_statut, f.rowid as facid"; $sql.= ", sum(pf.amount) as am"; - $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= ", ".MAIN_DB_PREFIX."facture as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture "; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.entity = ".$conf->entity; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index c5181edf0bc..dd45222fa42 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -577,9 +577,10 @@ if (! defined('NOLOGIN')) { // We are already into an authenticated session $login=$_SESSION["dol_login"]; - dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG); + $entity=$_SESSION["dol_entity"]; + dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); - $resultFetchUser=$user->fetch('',$login); + $resultFetchUser=$user->fetch('',$login,'',1,($entity > 0 ? $entity : -1)); if ($resultFetchUser <= 0) { // Account has been removed after login diff --git a/htdocs/product/admin/price_rules.php b/htdocs/product/admin/price_rules.php index e284572e7e7..224acd9c04b 100644 --- a/htdocs/product/admin/price_rules.php +++ b/htdocs/product/admin/price_rules.php @@ -155,7 +155,6 @@ $genPriceOptions = function($level) use ($price_options) { return $return; }; - ?> @@ -173,7 +172,8 @@ $genPriceOptions = function($level) use ($price_options) { '; //if (empty($value['disableamount']) && ! in_array($tablename, array('projet_task'))) print ''; @@ -1049,8 +1051,7 @@ foreach ($listofreferent as $key => $value) print ''; print '';
trans('SellingPrice').' '.$i; // Label of price - if (! empty($conf->global->{"PRODUIT_MULTIPRICES_LABEL$i"})) { + $keyforlabel='PRODUIT_MULTIPRICES_LABEL'.$i; + if (! empty($conf->global->$keyforlabel)) { print ' - '.$langs->trans($conf->global->$keyforlabel); } ?> diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index e34e7c2cfce..48badb5623e 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -12,7 +12,7 @@ * Copyright (C) 2014 Henry Florian * Copyright (C) 2014-2016 Philippe Grand * Copyright (C) 2014 Ion agorria - * Copyright (C) 2016 Ferran Marcet + * Copyright (C) 2016-2017 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -816,7 +816,7 @@ class Product extends CommonObject // End call triggers } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->product->dir_output) diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index fc1eb7410e3..416c0fd5dcc 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -3,7 +3,8 @@ * Copyright (C) 2005-2016 Laurent Destailleur * Copyright (C) 2005-2010 Regis Houssin * Copyright (C) 2013 Florian Henry - * Copyright (C) 2014-2015 Marcos García + * Copyright (C) 2014-2017 Marcos García + * Copyright (C) 2017 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -301,7 +302,7 @@ class Project extends CommonObject } } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->projet->dir_output) @@ -1736,16 +1737,19 @@ class Project extends CommonObject */ function load_state_board() { - global $conf; + global $user; $this->nb=array(); - $sql = "SELECT count(u.rowid) as nb"; - $sql.= " FROM ".MAIN_DB_PREFIX."projet as u"; + $sql = "SELECT count(p.rowid) as nb"; + $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql.= " WHERE"; - //$sql.= " WHERE u.fk_statut > 0"; - //$sql.= " AND employee != 0"; - $sql.= " u.entity IN (".getEntity('projet', 1).")"; + $sql.= " p.entity IN (".getEntity('projet', 1).")"; + if (! $user->rights->projet->all->lire) + { + $projectsListId = $this->getProjectsAuthorizedForUser($user,0,1); + $sql .= "AND p.rowid IN (".$projectsListId.")"; + } $resql=$this->db->query($sql); if ($resql) diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index a39c05c8999..fea4093e175 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -680,7 +680,9 @@ foreach ($listofreferent as $key => $value) { $addform.='
'; if ($testnew) $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; - else $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; + elseif (empty($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED)) { + $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; + } $addform.='
'; } @@ -1041,7 +1043,7 @@ foreach ($listofreferent as $key => $value) print '
'; if (empty($value['disableamount'])) { - if (! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); } print ''.$langs->trans("TotalTTC").' : '.price($total_ttc).''; if (empty($value['disableamount'])) { - - if (! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); } print '