From f9ac2aea1199f084eade4dca503fb8a323535e59 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 29 Aug 2004 12:01:58 +0000 Subject: [PATCH] =?UTF-8?q?Fix:=20Toutes=20les=20pages=20de=20l'espace=20a?= =?UTF-8?q?dmin=20sont=20prot=E9g=E9es=20par=20"if=20(!$user->admin)=20acc?= =?UTF-8?q?essforbidden();"=20Trad:=20Toutes=20les=20pages=20d'admin=20cha?= =?UTF-8?q?rgent=20le=20fichier=20lang=20"admin".=20Doc:=20Doc=20doxygen?= =?UTF-8?q?=20pour=20toutes=20les=20pages=20d'admin.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/admin/adherent.php | 17 +++++++++---- htdocs/admin/boutique-special-all.php | 13 ++++++++++ htdocs/admin/boutique-update-all.php | 13 ++++++++++ htdocs/admin/boutique.php | 23 +++++++++++------- htdocs/admin/boxes.php | 7 ++---- htdocs/admin/commande.php | 17 +++++++++---- htdocs/admin/compta.php | 35 ++++++++++++++++++--------- htdocs/admin/const.php | 9 +++++++ htdocs/admin/dict.php | 11 +++++++-- htdocs/admin/expedition.php | 19 ++++++++++----- htdocs/admin/external_rss.php | 9 +++++++ htdocs/admin/facture.php | 3 +++ htdocs/admin/fichinter.php | 16 ++++++++---- htdocs/admin/ihm.php | 7 ++++++ htdocs/admin/index.php | 8 ++++++ htdocs/admin/ldap.php | 12 +++++++++ htdocs/admin/modules.php | 7 ++++++ htdocs/admin/osc-languages.php | 13 ++++++++++ htdocs/admin/perms.php | 8 +++++- htdocs/admin/pre.inc.php | 9 +++++++ htdocs/admin/propale.php | 9 +++++++ htdocs/admin/sql.php | 6 +++++ htdocs/admin/sqltables.php | 29 +++++++++++++++------- htdocs/admin/webcalendar.php | 7 ++++++ 24 files changed, 249 insertions(+), 58 deletions(-) diff --git a/htdocs/admin/adherent.php b/htdocs/admin/adherent.php index 791cbce300e..34b36bb33ce 100644 --- a/htdocs/admin/adherent.php +++ b/htdocs/admin/adherent.php @@ -20,14 +20,21 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/adherent.php + \ingroup adherent + \brief Page d'administration/configuration du module Adherent + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); +$langs->load("members"); + if (!$user->admin) -{ - print "Forbidden"; - llxfooter(); - exit; -} + accessforbidden(); + // positionne la variable pour le test d'affichage de l'icone diff --git a/htdocs/admin/boutique-special-all.php b/htdocs/admin/boutique-special-all.php index a37294a0000..bee9965b63d 100644 --- a/htdocs/admin/boutique-special-all.php +++ b/htdocs/admin/boutique-special-all.php @@ -20,14 +20,27 @@ * */ +/*! \file htdocs/admin/boutique-special-all.php + \ingroup boutique + \brief Page d'administration/configuration du module Boutique + \version $Revision$ +*/ + require("./pre.inc.php"); require("../boutique/livre/livre.class.php"); require("../boutique/editeur/editeur.class.php"); require("../boutique/auteur/auteur.class.php"); require("../product/promotion/promotion.class.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + llxHeader(); + print_barre_liste("Mise a jour de tous les livres", $page, "boutique-special-all.php"); $sql = "SELECT l.rowid FROM ".MAIN_DB_PREFIX."livre as l"; diff --git a/htdocs/admin/boutique-update-all.php b/htdocs/admin/boutique-update-all.php index 2469e658c7e..e57e02cd837 100644 --- a/htdocs/admin/boutique-update-all.php +++ b/htdocs/admin/boutique-update-all.php @@ -20,13 +20,26 @@ * */ +/*! \file htdocs/admin/boutique-update-all.php + \ingroup boutique + \brief Page d'administration/configuration du module Boutique + \version $Revision$ +*/ + require("./pre.inc.php"); require("../boutique/livre/livre.class.php"); require("../boutique/editeur/editeur.class.php"); require("../boutique/auteur/auteur.class.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + llxHeader(); + print_barre_liste("Mise a jour de tous les livres", $page, "boutique-update-all.php"); $sql = "SELECT l.rowid FROM ".MAIN_DB_PREFIX."livre as l"; diff --git a/htdocs/admin/boutique.php b/htdocs/admin/boutique.php index 95555e843a5..120a60a9355 100644 --- a/htdocs/admin/boutique.php +++ b/htdocs/admin/boutique.php @@ -18,23 +18,28 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/boutique.php + \ingroup boutique + \brief Page d'administration/configuration du module Boutique + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + llxHeader(); $dir = "../includes/modules/facture/"; -if (!$user->admin) -{ - print "Forbidden"; - llxfooter(); - exit; -} - // -// TODO mettre cette section dans la base de données +// \todo mettre cette section dans la base de données // - $modules["BOUTIQUE_LIVRE"][0] = "Livres"; $modules["BOUTIQUE_LIVRE"][1] = "BOUTIQUE_LIVRE"; $modules["BOUTIQUE_LIVRE"][2] = BOUTIQUE_LIVRE; diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index a184eb8d16f..68ea426d04f 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -21,16 +21,13 @@ */ /*! \file htdocs/admin/boxes.php - \brief Page d'admin des boites - \author Rodolphe Qiedeville - \author Laurent Destailleur + \brief Page d'administration/configuration des boites \version $Revision$ */ require("./pre.inc.php"); -$langs->trans("admin"); - +$langs->load("admin"); if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 92cfe6634e0..f6b2d509f07 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -19,16 +19,23 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/commande.php + \ingroup commande + \brief Page d'administration-configuration du module Commande + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); +$langs->load("orders"); + llxHeader(); if (!$user->admin) -{ - print "Forbidden"; - llxfooter(); - exit; -} + accessforbidden(); + // positionne la variable pour le test d'affichage de l'icone diff --git a/htdocs/admin/compta.php b/htdocs/admin/compta.php index 282c0e4e8fc..7b4793188a5 100644 --- a/htdocs/admin/compta.php +++ b/htdocs/admin/compta.php @@ -19,8 +19,19 @@ * $Id$ * $Source$ */ + +/*! + \file htdocs/admin/compta.php + \ingroup comptabilite + \brief Page de configuration du module comptabilité + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); +$langs->load("compta"); + if (!$user->admin) accessforbidden(); @@ -30,7 +41,7 @@ llxHeader(); $compta_mode = defined("COMPTA_MODE")?COMPTA_MODE:"RECETTES-DEPENSES"; -if ($action == 'setcomptamode') +if ($_POST["action"] == 'setcomptamode') { $compta_mode = $_POST["compta_mode"]; if (! dolibarr_set_const($db, "COMPTA_MODE",$compta_mode)) { print $db->error(); } @@ -60,28 +71,30 @@ if ($_GET["action"] == 'delete') -print_titre("Configuration du module Comptabilité"); +print_titre($langs->trans("ComptaSetup")); print "
"; print ''; +// Cas du paramètre COMPTA_MODE print ''; print ''; print ''; -print ''; -print ''; +print ''; +print ''; print "\n"; -print ""; -print "\n"; -print ""; -print "\n"; +print ""; +print "\n"; +print ""; +print "\n"; print ""; print "
Option de tenue de comptabilitéDescription'.$langs->trans("OptionMode").''.$langs->trans("Description").'
Option Recettes-DépensesDans ce mode, le CA est calculé sur la base des factures à l'état payé.\nLa validité des chiffres n'est donc assurée que si la tenue de la comptabilité passe rigoureusement par des entrées/sorties sur les comptes via des factures.\nDe plus, dans cette version, Dolibarr utilise la date de passage de la facture à l'état 'Validé' et non la date de passage à l'état 'Payé'.
Option Créances-DettesDans ce mode, le CA est calculé sur la base des factures validées. Qu'elles soient ou non payés, dès lors qu'elles sont dues, elles apparaissent dans le résultat.
".$langs->trans("OptionModeTrue")."".$langs->trans("OptionModeTrueDesc")."
".$langs->trans("OptionModeVirtual")."".$langs->trans("OptionModeVirtualDesc")."
\n"; print "
\n"; +// Cas des autres paramètres COMPTA_* $sql = "SELECT rowid, name, value, type, note FROM llx_const WHERE name like 'COMPTA_%' and name not in ('COMPTA_MODE')"; $result = $db->query($sql); if ($result) @@ -93,7 +106,7 @@ if ($result) if ($num) { print ''; print ''; - print ''; + print ''; print ''; print "\n"; } @@ -133,9 +146,9 @@ if ($result) } print '\n"; diff --git a/htdocs/admin/const.php b/htdocs/admin/const.php index 22b44b43e08..1f74833c9f3 100644 --- a/htdocs/admin/const.php +++ b/htdocs/admin/const.php @@ -19,8 +19,17 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/const.php + \ingroup setup + \brief Page d'administration/configuration des constantes autres + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index e778c80c2c3..8e87e215636 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -20,14 +20,21 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/dict.php + \ingroup setup + \brief Page d'administration des dictionnaires de données + \version $Revision$ +*/ + require("./pre.inc.php"); $langs->load("main"); $langs->load("admin"); $langs->load("companies"); -if (! $user->admin) -accessforbidden(); +if (!$user->admin) + accessforbidden(); $acts[0] = "activate"; diff --git a/htdocs/admin/expedition.php b/htdocs/admin/expedition.php index 7026aecb655..db5712637cd 100644 --- a/htdocs/admin/expedition.php +++ b/htdocs/admin/expedition.php @@ -19,8 +19,21 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/expedition.php + \ingroup expedition + \brief Page d'administration/configuration du module Expedition + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + if ($action == 'nbprod' && $user->admin) { $sql = "REPLACE INTO ".MAIN_DB_PREFIX."const SET name = 'EXPEDITION_NEW_FORM_NB_PRODUCT', value='".$value."', visible=0"; @@ -33,12 +46,6 @@ if ($action == 'nbprod' && $user->admin) llxHeader(); -if (!$user->admin) -{ - print "Forbidden"; - llxfooter(); - exit; -} if ($_GET["action"] == 'set') { diff --git a/htdocs/admin/external_rss.php b/htdocs/admin/external_rss.php index 6e1fc63223f..3c54d96ba25 100644 --- a/htdocs/admin/external_rss.php +++ b/htdocs/admin/external_rss.php @@ -20,8 +20,17 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/external_rss.php + \ingroup external_rss + \brief Page d'administration/configuration du module ExternalRss + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + llxHeader(); if (!$user->admin) diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index 8f494e29955..fbf98f2c7f6 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -28,6 +28,9 @@ require("./pre.inc.php"); +$langs->load("admin"); +$langs->load("bills"); + if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/fichinter.php b/htdocs/admin/fichinter.php index 8fa22e2a21a..ac76fa192be 100644 --- a/htdocs/admin/fichinter.php +++ b/htdocs/admin/fichinter.php @@ -19,16 +19,22 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/fichinter.php + \ingroup fichinter + \brief Page d'administration/configuration du module FicheInter + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + llxHeader(); if (!$user->admin) -{ - print "Forbidden"; - llxfooter(); - exit; -} + accessforbidden(); + // positionne la variable pour le test d'affichage de l'icone diff --git a/htdocs/admin/ihm.php b/htdocs/admin/ihm.php index ded8f940eb6..e9b7131e08d 100644 --- a/htdocs/admin/ihm.php +++ b/htdocs/admin/ihm.php @@ -19,6 +19,13 @@ * $Id$ * $Source$ */ + +/*! + \file htdocs/admin/ihm.php + \brief Page de configuration du de l'interface homme machine + \version $Revision$ +*/ + require("./pre.inc.php"); $langs->load("companies"); diff --git a/htdocs/admin/index.php b/htdocs/admin/index.php index ee8470acdcd..4b73bf8d8f5 100644 --- a/htdocs/admin/index.php +++ b/htdocs/admin/index.php @@ -19,8 +19,16 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/index.php + \brief Page d'accueil de l'espace administration/configuration + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index 1eea667441c..9a363de4af5 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -20,9 +20,21 @@ * $Source$ */ +/*! \file htdocs/admin/ldap.php + \ingroup ldap + \brief Page d'administration/configuration du module Ldap + \version $Revision$ +*/ + require("./pre.inc.php"); require (DOL_DOCUMENT_ROOT."/lib/ldap.lib.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + if ($_GET["action"] == 'setvalue' && $user->admin) { $sql = "REPLACE INTO ".MAIN_DB_PREFIX."const SET name = 'LDAP_SERVER_HOST', value='".$HTTP_POST_VARS["host"]."', visible=0"; diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 31d3966ed00..2f3d22e36ee 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -20,6 +20,13 @@ * $Id$ * $Source$ */ + +/*! + \file htdocs/admin/modules.php + \brief Page de configuration et activation des modules + \version $Revision$ +*/ + require("./pre.inc.php"); if (!$user->admin) diff --git a/htdocs/admin/osc-languages.php b/htdocs/admin/osc-languages.php index a795c879632..a49a15bbfb9 100644 --- a/htdocs/admin/osc-languages.php +++ b/htdocs/admin/osc-languages.php @@ -20,10 +20,23 @@ * */ +/*! \file htdocs/admin/osc-languages.php + \ingroup boutique + \brief Page d'administration/configuration du module Boutique + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + llxHeader(); + if (! strlen(DB_NAME_OSC)) { print "Non dispo"; diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 3373c6711c6..407f1050c3c 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -19,11 +19,17 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/perms.php + \brief Page d'administration/configuration des permissions par defaut + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); $langs->load("users"); - if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/pre.inc.php b/htdocs/admin/pre.inc.php index db6691dcbec..4f52161f2fd 100644 --- a/htdocs/admin/pre.inc.php +++ b/htdocs/admin/pre.inc.php @@ -19,8 +19,17 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/pre.inc.php + \brief Fichier gestionnaire du menu de gauche de l'espace configuration + \version $Revision$ +*/ + require("../main.inc.php"); +$langs->load("admin"); + + function llxHeader($head = "", $title="", $help_url='') { global $user, $langs; diff --git a/htdocs/admin/propale.php b/htdocs/admin/propale.php index c44ed44471b..6a3d6a60e8e 100644 --- a/htdocs/admin/propale.php +++ b/htdocs/admin/propale.php @@ -19,8 +19,17 @@ * $Id$ * $Source$ */ + +/*! \file htdocs/admin/propale.php + \ingroup propale + \brief Page d'administration/configuration du module Propale + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + if (!$user->admin) accessforbidden(); diff --git a/htdocs/admin/sql.php b/htdocs/admin/sql.php index 2855f7c9abd..f20c1e4b1f7 100644 --- a/htdocs/admin/sql.php +++ b/htdocs/admin/sql.php @@ -19,6 +19,12 @@ * $Source$ */ +/*! \file htdocs/admin/sql.php + \brief Fichier de fonction sql + \version $Revision$ + \todo A deplacer dans le gestionnaire d'abstraction de base (mysql.lib.php ou pgsql.lib.php) +*/ + function db_create_table($db, $table) { diff --git a/htdocs/admin/sqltables.php b/htdocs/admin/sqltables.php index 369adcbdb50..fbc39c47664 100644 --- a/htdocs/admin/sqltables.php +++ b/htdocs/admin/sqltables.php @@ -20,20 +20,31 @@ * */ +/*! \file htdocs/admin/sqltables.php + \brief Page d'administration/configuration des tables sql + \version $Revision$ +*/ + require("./pre.inc.php"); +$langs->load("admin"); + +if (!$user->admin) + accessforbidden(); + + llxHeader(); print_barre_liste("Liste des tables", $page, "sqltables.php"); $sql = "SELECT name, loaded FROM ".MAIN_DB_PREFIX."sqltables"; -print "

Autres option du module comptabilité  Description'.$langs->trans("OtherOptions").'  '.$langs->trans("Description").' 
'; - print ''; + print ''; print ''; - print '   '; + print '   '; print ''.img_delete().''; print "
"; -print ''; +print "
"; +print ''; print ""; print ''; print ''; - print "\n"; + print "\n"; if ( $db->query($sql) ) { $num = $db->num_rows(); @@ -43,17 +54,17 @@ if ( $db->query($sql) ) { while ($i < $num) { $objp = $db->fetch_object( $i); $var=!$var; - print ""; - print "\n"; - print '\n"; + print ""; + print "\n"; + print '\n"; if ($objp->loaded) { - print ''; + print ''; } else { - print ''; + print ''; } print "\n"; $i++; @@ -61,7 +72,7 @@ if ( $db->query($sql) ) { $db->free(); } -print "
NomChargéeAction
$objp->name'.$objp->loaded."
$objp->name'.$objp->loaded."SupprimerSupprimerCréerCréer
"; +print ""; $db->close(); diff --git a/htdocs/admin/webcalendar.php b/htdocs/admin/webcalendar.php index 19f028a0c9f..4126ca66381 100644 --- a/htdocs/admin/webcalendar.php +++ b/htdocs/admin/webcalendar.php @@ -22,6 +22,13 @@ * $Source$ */ +/*! + \file htdocs/admin/webcalendar.php + \ingroup webcal + \brief Page de configuration du module webcalendar + \version $Revision$ +*/ + require("./pre.inc.php"); if (!$user->admin)