lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX #23139

Browse Source
This commit is contained in:
Laurent Destailleur 2022-12-07 15:54:25 +01:00
parent b1b8380015
commit f52a242159
2 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/core/ajax/selectobject.php
View File

@ -43,6 +43,7 @@ $objectdesc = GETPOST('objectdesc', 'alpha');
$htmlname = GETPOST('htmlname', 'aZ09');
$outjson = (GETPOST('outjson', 'int') ? GETPOST('outjson', 'int') : 0);
$id = GETPOST('id', 'int');
$filter = GETPOST('filter', 'alphanohtml');
/*
@ -84,7 +85,7 @@ $searchkey = (($id && GETPOST($id, 'alpha')) ? GETPOST($id, 'alpha') : (($htmlna
// Add a security test to avoid to get content of all tables
restrictedArea($user, $objecttmp->element, $id);
$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1);
$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1, 0, '', $filter);
$db->close();

27
htdocs/core/class/html.form.class.php
View File

@ -7692,9 +7692,10 @@ class Form
if ($classname && class_exists($classname)) {
$objecttmp = new $classname($this->db);
// Make some replacement
$sharedentities = getEntity(strtolower($classname));
$objecttmp->filter = str_replace(
$filter = str_replace(
array('__ENTITY__', '__SHARED_ENTITIES__', '__USER_ID__'),
array($conf->entity, $sharedentities, $user->id),
$filter
@ -7706,7 +7707,7 @@ class Form
return 'Error bad setup of type for field '.join(',', $InfoFieldList);
}
//var_dump($objecttmp->filter);
//var_dump($filter);
$prefixforautocompletemode = $objecttmp->element;
if ($prefixforautocompletemode == 'societe') {
$prefixforautocompletemode = 'company';
@ -7716,7 +7717,7 @@ class Form
}
$confkeyforautocompletemode = strtoupper($prefixforautocompletemode).'_USE_SEARCH_TO_SELECT'; // For example COMPANY_USE_SEARCH_TO_SELECT
dol_syslog(get_class($this)."::selectForForms object->filter=".$objecttmp->filter, LOG_DEBUG);
dol_syslog(get_class($this)."::selectForForms filter=".$filter, LOG_DEBUG);
$out = '';
if (!empty($conf->use_javascript_ajax) && !empty($conf->global->$confkeyforautocompletemode) && !$forcecombo) {
// No immediate load of all database
@ -7731,14 +7732,14 @@ class Form
$urlforajaxcall = DOL_URL_ROOT.'/core/ajax/selectobject.php';
// No immediate load of all database
$urloption = 'htmlname='.urlencode($htmlname).'&outjson=1&objectdesc='.urlencode($objectdesc).'&filter='.urlencode($objecttmp->filter).($sortfield ? '&sortfield='.urlencode($sortfield) : '');
$urloption = 'htmlname='.urlencode($htmlname).'&outjson=1&objectdesc='.urlencode($objectdesc).'&filter='.urlencode($filter).($sortfield ? '&sortfield='.urlencode($sortfield) : '');
// Activate the auto complete using ajax call.
$out .= ajax_autocompleter($preselectedvalue, $htmlname, $urlforajaxcall, $urloption, $conf->global->$confkeyforautocompletemode, 0, array());
$out .= '<style type="text/css">.ui-autocomplete { z-index: 1003; }</style>';
$out .= '<input type="text" class="'.$morecss.'"'.($disabled ? ' disabled="disabled"' : '').' name="search_'.$htmlname.'" id="search_'.$htmlname.'" value="'.$selected_input_value.'"'.($placeholder ? ' placeholder="'.dol_escape_htmltag($placeholder).'"' : '') .' />';
} else {
// Immediate load of table record. Note: filter is inside $objecttmp->filter
$out .= $this->selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $showempty, $searchkey, $placeholder, $morecss, $moreparams, $forcecombo, 0, $disabled, $sortfield);
// Immediate load of table record.
$out .= $this->selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $showempty, $searchkey, $placeholder, $morecss, $moreparams, $forcecombo, 0, $disabled, $sortfield, $filter);
}
return $out;
@ -7789,14 +7790,15 @@ class Form
* @param int $outputmode 0=HTML select string, 1=Array
* @param int $disabled 1=Html component is disabled
* @param string $sortfield Sort field
* @param string $filter Add more filter
* @return string|array Return HTML string
* @see selectForForms()
*/
public function selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $outputmode = 0, $disabled = 0, $sortfield = '')
public function selectForFormsList($objecttmp, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $outputmode = 0, $disabled = 0, $sortfield = '', $filter = '')
{
global $conf, $langs, $user, $hookmanager;
//print "$objecttmp->filter, $htmlname, $preselectedvalue, $showempty = '', $searchkey = '', $placeholder = '', $morecss = '', $moreparams = '', $forcecombo = 0, $outputmode = 0, $disabled";
//print "$htmlname, $preselectedvalue, $showempty, $searchkey, $placeholder, $morecss, $moreparams, $forcecombo, $outputmode, $disabled";
$prefixforautocompletemode = $objecttmp->element;
if ($prefixforautocompletemode == 'societe') {
@ -7882,13 +7884,14 @@ class Form
if ($searchkey != '') {
$sql .= natural_search(explode(',', $fieldstoshow), $searchkey);
}
if ($objecttmp->filter) { // Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')"
/*if (! DolibarrApi::_checkFilters($objecttmp->filter))
if ($filter) { // Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')"
/*if (! DolibarrApi::_checkFilters($filter))
{
throw new RestException(503, 'Error when validating parameter sqlfilters '.$objecttmp->filter);
throw new RestException(503, 'Error when validating parameter sqlfilters '.$filter);
}*/
$regexstring = '\(([^:\'\(\)]+:[^:\'\(\)]+:[^\(\)]+)\)';
$sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'Form::forgeCriteriaCallback', $objecttmp->filter).")";
$sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'Form::forgeCriteriaCallback', $filter).")";
}
}
$sql .= $this->db->order($sortfield ? $sortfield : $fieldstoshow, "ASC");