From b9075660af380c0873d9034bd428ac5be0de44c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 23 Oct 2021 22:15:23 +0200 Subject: [PATCH 1/2] fix warnings --- .../compta/cashcontrol/cashcontrol_list.php | 33 ++++--------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index b46ff9433e3..85f6ff5fe11 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -22,27 +22,6 @@ * \brief List page for cashcontrol */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/cashcontrol/class/cashcontrol.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; @@ -81,7 +60,7 @@ $pagenext = $page + 1; // Initialize technical objects $object = new CashControl($db); $extrafields = new ExtraFields($db); -$diroutputmassaction = $conf->monmodule->dir_output.'/temp/massgeneration/'.$user->id; +$diroutputmassaction = $conf->takepos->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('cashcontrol')); // Note that conf->hooks_modules contains array // Fetch optionals attributes and labels @@ -141,16 +120,16 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = ($user->rights->cashdesk->run || $user->rights->takepos->run); -$permissiontoadd = ($user->rights->cashdesk->run || $user->rights->takepos->run); -$permissiontodelete = ($user->rights->cashdesk->run || $user->rights->takepos->run); +$permissiontoread = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); +$permissiontoadd = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); +$permissiontodelete = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); // Security check if ($user->socid > 0) { // Protection if external user //$socid = $user->socid; accessforbidden(); } -if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) { +if (empty($user->rights->cashdesk->run) && empty($user->rights->takepos->run)) { accessforbidden(); } @@ -341,7 +320,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $ // Output page // -------------------------------------------------------------------- -llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs'); +llxHeader('', $title, $help_url, '', 0, 0, '', '', '', 'classforhorizontalscrolloftabs'); $arrayofselected = is_array($toselect) ? $toselect : array(); From 321cfb38113dae8f580a6224ad01062b42c05c75 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 23 Oct 2021 22:44:37 +0200 Subject: [PATCH 2/2] Update cashcontrol_list.php --- htdocs/compta/cashcontrol/cashcontrol_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index 85f6ff5fe11..89781fcb211 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -60,7 +60,7 @@ $pagenext = $page + 1; // Initialize technical objects $object = new CashControl($db); $extrafields = new ExtraFields($db); -$diroutputmassaction = $conf->takepos->dir_output.'/temp/massgeneration/'.$user->id; +//$diroutputmassaction = $conf->mymodule->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('cashcontrol')); // Note that conf->hooks_modules contains array // Fetch optionals attributes and labels