';
- print '| '.$obj->name.' | '."\n";
+ print ''.dol_escape_htmltag($obj->name).' | '."\n";
print '';
if (isASecretKey($obj->name)) {
if (empty($dolibarr_main_prod)) {
diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php
index dbda8f0ae46..2791d5a0b51 100644
--- a/htdocs/comm/action/peruser.php
+++ b/htdocs/comm/action/peruser.php
@@ -898,15 +898,23 @@ while ($currentdaytoshow < $lastdaytoshow) {
}
} else {
/* Use this list to have for all users */
- $sql = "SELECT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity";
+ $sql = "SELECT DISTINCT u.rowid, u.lastname as lastname, u.firstname, u.statut, u.login, u.admin, u.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
- if ($usergroup > 0) {
- $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user";
+ if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
+ $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
+ $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")";
+ $sql .= " AND ug.fk_user = u.rowid ";
+ } else {
+ if ($usergroup > 0) {
+ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug ON u.rowid = ug.fk_user";
+ }
+ $sql .= " WHERE u.entity IN (".getEntity('user').")";
}
- $sql .= " WHERE u.statut = 1 AND u.entity IN (".getEntity('user').")";
- if ($usergroup > 0) {
+ $sql .= " AND u.statut = 1";
+ if ($usergroup > 0) {
$sql .= " AND ug.fk_usergroup = ".((int) $usergroup);
}
+
//print $sql;
$resql = $db->query($sql);
if ($resql) {
diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php
index 52b5427be16..fe074bcb9d0 100644
--- a/htdocs/compta/prelevement/create.php
+++ b/htdocs/compta/prelevement/create.php
@@ -95,7 +95,9 @@ if (empty($reshook)) {
require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
$bank = new Account($db);
$bank->fetch($conf->global->{$default_account});
- if (empty($bank->ics) || empty($bank->ics_transfer)) {
+ if ((empty($bank->ics) && $type !== 'bank-transfer')
+ || (empty($bank->ics_transfer) && $type === 'bank-transfer')
+ ) {
$errormessage = str_replace('{url}', $bank->getNomUrl(1, '', '', -1, 1), $langs->trans("ErrorICSmissing", '{url}'));
setEventMessages($errormessage, null, 'errors');
header("Location: ".DOL_URL_ROOT.'/compta/prelevement/create.php');
diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php
index ce6bd3d4d60..7b271fafdf2 100644
--- a/htdocs/core/ajax/row.php
+++ b/htdocs/core/ajax/row.php
@@ -1,5 +1,5 @@
+/* Copyright (C) 2010-2021 Regis Houssin
* Copyright (C) 2017 Laurent Destailleur
*
* This program is free software; you can redistribute it and/or modify
@@ -79,7 +79,7 @@ if (GETPOST('roworder', 'alpha', 3) && GETPOST('table_element_line', 'aZ09', 3)
$perm = 1;
} elseif ($table_element_line == 'facturedet' && $user->rights->facture->creer) {
$perm = 1;
- } elseif ($table_element_line == 'facturerecdet' && $user->rights->facture->creer) {
+ } elseif ($table_element_line == 'facturedet_rec' && $user->rights->facture->creer) {
$perm = 1;
} elseif ($table_element_line == 'ecm_files' && $user->rights->ecm->creer) {
$perm = 1;
diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php
index 9813876c031..2062f1b351c 100644
--- a/htdocs/core/class/dolreceiptprinter.class.php
+++ b/htdocs/core/class/dolreceiptprinter.class.php
@@ -388,9 +388,9 @@ class dolReceiptPrinter extends Printer
{
global $conf;
$error = 0;
- $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt';
- $sql .= ' (name, fk_type, fk_profile, parameter, entity)';
- $sql .= ' VALUES ("'.$this->db->escape($name).'", '.((int) $type).', '.((int) $profile).', "'.$this->db->escape($parameter).'", '.$conf->entity.')';
+ $sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt";
+ $sql .= " (name, fk_type, fk_profile, parameter, entity)";
+ $sql .= " VALUES ('".$this->db->escape($name)."', ".((int) $type).", ".((int) $profile).", '".$this->db->escape($parameter)."', ".((int) $conf->entity).")";
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
@@ -413,12 +413,14 @@ class dolReceiptPrinter extends Printer
{
global $conf;
$error = 0;
- $sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt';
- $sql .= ' SET name="'.$this->db->escape($name).'"';
- $sql .= ', fk_type='.((int) $type);
- $sql .= ', fk_profile='.((int) $profile);
- $sql .= ', parameter="'.$this->db->escape($parameter).'"';
- $sql .= ' WHERE rowid='.((int) $printerid);
+
+ $sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt";
+ $sql .= " SET name='".$this->db->escape($name)."'";
+ $sql .= ", fk_type=".((int) $type);
+ $sql .= ", fk_profile=".((int) $profile);
+ $sql .= ", parameter='".$this->db->escape($parameter)."'";
+ $sql .= " WHERE rowid=".((int) $printerid);
+
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
@@ -458,9 +460,9 @@ class dolReceiptPrinter extends Printer
{
global $conf;
$error = 0;
- $sql = 'INSERT INTO '.MAIN_DB_PREFIX.'printer_receipt_template';
- $sql .= ' (name, template, entity) VALUES ("'.$this->db->escape($name).'"';
- $sql .= ', "'.$this->db->escape($template).'", '.$conf->entity.')';
+ $sql = "INSERT INTO ".MAIN_DB_PREFIX."printer_receipt_template";
+ $sql .= " (name, template, entity) VALUES ('".$this->db->escape($name)."'";
+ $sql .= ", '".$this->db->escape($template)."', ".$conf->entity.")";
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
@@ -502,10 +504,11 @@ class dolReceiptPrinter extends Printer
{
global $conf;
$error = 0;
- $sql = 'UPDATE '.MAIN_DB_PREFIX.'printer_receipt_template';
- $sql .= ' SET name="'.$this->db->escape($name).'"';
- $sql .= ', template="'.$this->db->escape($template).'"';
- $sql .= ' WHERE rowid='.((int) $templateid);
+
+ $sql = "UPDATE ".MAIN_DB_PREFIX."printer_receipt_template";
+ $sql .= " SET name='".$this->db->escape($name)."'";
+ $sql .= ", template='".$this->db->escape($template)."'";
+ $sql .= " WHERE rowid=".((int) $templateid);
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php
index f0fdfaadd02..8c30d42075f 100644
--- a/htdocs/core/class/html.formother.class.php
+++ b/htdocs/core/class/html.formother.class.php
@@ -1209,7 +1209,7 @@ class FormOther
async: false
});
// We force reload to be sure to get all boxes into list
- window.location.search=\'mainmenu='.GETPOST("mainmenu", "aZ09").'&leftmenu='.GETPOST('leftmenu', "aZ09").'&action=delbox\';
+ window.location.search=\'mainmenu='.GETPOST("mainmenu", "aZ09").'&leftmenu='.GETPOST('leftmenu', "aZ09").'&action=delbox&token='.newToken().'\';
}
else
{
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index b297c81035e..4c36244a5bf 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -611,7 +611,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta
$feature = 'projet_task';
}
- $check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salary', 'website'); // Test on entity only (Objects with no link to company)
+ $check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for societe object
$checkother = array('contact', 'agenda'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...).
$checkproject = array('projet', 'project'); // Test for project object
diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php
index d960d4d52c7..b1746c31d49 100644
--- a/htdocs/core/menus/standard/eldy.lib.php
+++ b/htdocs/core/menus/standard/eldy.lib.php
@@ -382,12 +382,18 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'submenus' => array(),
);
- // Tickets and knwoledge base
+ // Tickets and knowledge base
$tmpentry = array(
- 'enabled'=>(!empty($conf->ticket->enabled) || !empty($conf->knwoledgemanagement->enabled)),
- 'perms'=>(!empty($user->rights->ticket->read) || !empty($user->rights->knwoledgemanagement->read)),
- 'module'=>'ticket|knwoledgemanagement'
+ 'enabled'=>(!empty($conf->ticket->enabled) || !empty($conf->knowledgemanagement->enabled)),
+ 'perms'=>(!empty($user->rights->ticket->read) || !empty($user->rights->knowledgemanagement->knowledgerecord->read)),
+ 'module'=>'ticket|knowledgemanagement'
);
+ $link = '';
+ if (!empty($conf->ticket->enabled)) {
+ $link = '/ticket/index.php?mainmenu=ticket&leftmenu=';
+ } else {
+ $link = '/knowledgemanagement/knowledgerecord_list.php?mainmenu=ticket&leftmenu=';
+ }
$menu_arr[] = array(
'name' => 'Ticket',
'link' => '/ticket/index.php?mainmenu=ticket&leftmenu=',
diff --git a/htdocs/core/tpl/extrafields_view.tpl.php b/htdocs/core/tpl/extrafields_view.tpl.php
index 3f2ab773b06..f50276821b1 100644
--- a/htdocs/core/tpl/extrafields_view.tpl.php
+++ b/htdocs/core/tpl/extrafields_view.tpl.php
@@ -194,6 +194,9 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l
if ($object->element == 'contact') {
$permok = $user->rights->societe->contact->creer;
}
+ if ($object->element == 'salary') {
+ $permok = $user->rights->salaries->read;
+ }
$isdraft = ((isset($object->statut) && $object->statut == 0) || (isset($object->status) && $object->status == 0));
if (($isdraft || !empty($extrafields->attributes[$object->table_element]['alwayseditable'][$tmpkeyextra]))
diff --git a/htdocs/fourn/class/api_supplier_orders.class.php b/htdocs/fourn/class/api_supplier_orders.class.php
index d4eedcd0fd9..f221035a2ab 100644
--- a/htdocs/fourn/class/api_supplier_orders.class.php
+++ b/htdocs/fourn/class/api_supplier_orders.class.php
@@ -224,7 +224,7 @@ class SupplierOrders extends DolibarrApi
*/
public function post($request_data = null)
{
- if (!DolibarrApiAccess::$user->rights->fournisseur->commande->creer || !DolibarrApiAccess::$user->rights->supplier_order->creer) {
+ if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401, "Insuffisant rights");
}
// Check mandatory fields
@@ -260,7 +260,7 @@ class SupplierOrders extends DolibarrApi
*/
public function put($id, $request_data = null)
{
- if (!DolibarrApiAccess::$user->rights->fournisseur->commande->creer || !DolibarrApiAccess::$user->rights->supplier_order->creer) {
+ if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401);
}
@@ -340,7 +340,7 @@ class SupplierOrders extends DolibarrApi
*/
public function validate($id, $idwarehouse = 0, $notrigger = 0)
{
- if (!DolibarrApiAccess::$user->rights->fournisseur->commande->creer || !DolibarrApiAccess::$user->rights->supplier_order->creer) {
+ if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401);
}
$result = $this->order->fetch($id);
diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql
index ee1ad6b9f2e..89d0d2d0ce1 100644
--- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql
+++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql
@@ -12,8 +12,8 @@
-- To change type of field: ALTER TABLE llx_table MODIFY COLUMN name varchar(60);
-- To drop a foreign key: ALTER TABLE llx_table DROP FOREIGN KEY fk_name;
-- To create a unique index ALTER TABLE llx_table ADD UNIQUE INDEX uk_table_field (field);
--- To drop an index: -- VMYSQL4.1 DROP INDEX nomindex on llx_table
--- To drop an index: -- VPGSQL8.2 DROP INDEX nomindex
+-- To drop an index: -- VMYSQL4.1 DROP INDEX nomindex on llx_table;
+-- To drop an index: -- VPGSQL8.2 DROP INDEX nomindex;
-- To make pk to be auto increment (mysql): -- VMYSQL4.3 ALTER TABLE llx_table CHANGE COLUMN rowid rowid INTEGER NOT NULL AUTO_INCREMENT;
-- To make pk to be auto increment (postgres):
-- -- VPGSQL8.2 CREATE SEQUENCE llx_table_rowid_seq OWNED BY llx_table.rowid;
@@ -349,6 +349,13 @@ UPDATE llx_payment_salary SET ref = rowid WHERE ref IS NULL;
ALTER TABLE llx_salary ALTER COLUMN paye set default 0;
+UPDATE llx_extrafields SET elementtype = 'salary' WHERE elementtype = 'payment_salary';
+ALTER TABLE llx_payment_salary_extrafields RENAME TO llx_salary_extrafields;
+-- VMYSQL4.1 DROP INDEX idx_payment_salary_extrafields on llx_salary_extrafields;
+-- VPGSQL8.2 DROP INDEX idx_payment_salary_extrafields;
+ALTER TABLE llx_salary_extrafields ADD INDEX idx_salary_extrafields (fk_object);
+
+
DELETE FROM llx_boxes WHERE box_id IN (SELECT rowid FROM llx_boxes_def WHERE file IN ('box_graph_ticket_by_severity', 'box_ticket_by_severity.php', 'box_nb_ticket_last_x_days.php', 'box_nb_tickets_type.php', 'box_new_vs_close_ticket.php'));
DELETE FROM llx_boxes_def WHERE file IN ('box_graph_ticket_by_severity', 'box_ticket_by_severity.php', 'box_nb_ticket_last_x_days.php', 'box_nb_tickets_type.php', 'box_new_vs_close_ticket.php');
@@ -589,7 +596,7 @@ DROP TABLE llx_categorie_association;
DROP TABLE llx_cond_reglement;
DROP TABLE llx_zapier_hook_extrafields;
-create table llx_onlinesignature
+CREATE TABLE llx_onlinesignature
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
entity integer DEFAULT 1 NOT NULL,
@@ -604,3 +611,6 @@ create table llx_onlinesignature
-- VMYSQL4.3 ALTER TABLE llx_partnership MODIFY COLUMN date_partnership_end date NULL;
-- VPGSQL8.2 ALTER TABLE llx_partnership ALTER COLUMN date_partnership_end DROP NOT NULL;
+
+ALTER TABLE llx_facture_fourn CHANGE COLUMN fk_mode_transport fk_transport_mode integer;
+
diff --git a/htdocs/install/mysql/tables/llx_payment_salary_extrafields.key.sql b/htdocs/install/mysql/tables/llx_salary_extrafields.key.sql
similarity index 89%
rename from htdocs/install/mysql/tables/llx_payment_salary_extrafields.key.sql
rename to htdocs/install/mysql/tables/llx_salary_extrafields.key.sql
index 9231351a749..9c6e047d9ee 100644
--- a/htdocs/install/mysql/tables/llx_payment_salary_extrafields.key.sql
+++ b/htdocs/install/mysql/tables/llx_salary_extrafields.key.sql
@@ -17,4 +17,4 @@
-- ===================================================================
-ALTER TABLE llx_payment_salary_extrafields ADD INDEX idx_payment_salary_extrafields (fk_object);
+ALTER TABLE llx_salary_extrafields ADD INDEX idx_salary_extrafields (fk_object);
diff --git a/htdocs/install/mysql/tables/llx_payment_salary_extrafields.sql b/htdocs/install/mysql/tables/llx_salary_extrafields.sql
similarity index 91%
rename from htdocs/install/mysql/tables/llx_payment_salary_extrafields.sql
rename to htdocs/install/mysql/tables/llx_salary_extrafields.sql
index 5f15918ef18..bedab6757b4 100644
--- a/htdocs/install/mysql/tables/llx_payment_salary_extrafields.sql
+++ b/htdocs/install/mysql/tables/llx_salary_extrafields.sql
@@ -16,10 +16,10 @@
--
-- ===================================================================
-create table llx_payment_salary_extrafields
+create table llx_salary_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- fk_object integer NOT NULL, -- salary payment id
+ fk_object integer NOT NULL, -- salary id
import_key varchar(14) -- import key
)ENGINE=innodb;
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 6bb5b39507b..d3d70a8e6aa 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -1998,6 +1998,8 @@ function top_menu_user($hideloginname = 0, $urllogout = '')
global $dolibarr_main_authentication, $dolibarr_main_demo;
global $menumanager;
+ $langs->load('companies');
+
$userImage = $userDropDownImage = '';
if (!empty($user->photo)) {
$userImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1);
diff --git a/htdocs/reception/list.php b/htdocs/reception/list.php
index 33a32cea0a8..76eb78b856a 100644
--- a/htdocs/reception/list.php
+++ b/htdocs/reception/list.php
@@ -85,7 +85,7 @@ $extrafields = new ExtraFields($db);
// fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
-$search_array_options = (array) $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
+$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
// List of fields to search into when doing a "search in all"
$fieldstosearchall = array(
@@ -543,21 +543,7 @@ if ($sall) {
}
// Add where from extra fields
-foreach ($search_array_options as $key => $val) {
- $crit = $val;
- $tmpkey = preg_replace('/search_options_/', '', $key);
- $typ = $extrafields->attributes[$object->table_element]['type'][$tmpkey];
- $mode = 0;
- if (in_array($typ, array('int', 'double', 'real'))) {
- $mode = 1; // Search on a numeric
- }
- if (in_array($typ, array('sellist')) && $crit != '0' && $crit != '-1') {
- $mode = 2; // Search on a foreign key int
- }
- if ($crit != '' && (!in_array($typ, array('select', 'sellist')) || $crit != '0')) {
- $sql .= natural_search("ef.".$tmpkey, $crit, $mode);
- }
-}
+include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php';
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook
diff --git a/htdocs/salaries/admin/salaries_extrafields.php b/htdocs/salaries/admin/salaries_extrafields.php
index 38303518ac4..2354da8048a 100644
--- a/htdocs/salaries/admin/salaries_extrafields.php
+++ b/htdocs/salaries/admin/salaries_extrafields.php
@@ -42,7 +42,7 @@ foreach ($tmptype2label as $key => $val) {
$action = GETPOST('action', 'aZ09');
$attrname = GETPOST('attrname', 'alpha');
-$elementtype = 'payment_salary'; //Must be the $table_element of the class that manage extrafield
+$elementtype = 'salary'; //Must be the $table_element of the class that manage extrafield
if (!$user->admin) {
accessforbidden();
diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php
index 9b46008fe09..699b0ec35ba 100755
--- a/htdocs/salaries/card.php
+++ b/htdocs/salaries/card.php
@@ -67,6 +67,8 @@ $fk_user = GETPOSTINT('userid');
$object = new Salary($db);
$extrafields = new ExtraFields($db);
+$childids = $user->getAllChildIds(1);
+
// fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
@@ -76,6 +78,18 @@ $hookmanager->initHooks(array('salarycard', 'globalcard'));
$object = new Salary($db);
if ($id > 0 || !empty($ref)) {
$object->fetch($id, $ref);
+
+ // Check current user can read this salary
+ $canread = 0;
+ if (!empty($user->rights->salaries->readall)) {
+ $canread = 1;
+ }
+ if (!empty($user->rights->salaries->read) && $object->fk_user > 0 && in_array($object->fk_user, $childids)) {
+ $canread = 1;
+ }
+ if (!$canread) {
+ accessforbidden();
+ }
}
// Security check
@@ -354,6 +368,30 @@ if ($action == 'confirm_clone' && $confirm == 'yes' && ($user->rights->salaries-
}
}
+// Action to update one extrafield
+if ($action == "update_extras" && !empty($user->rights->salaries->read)) {
+ $object->fetch(GETPOST('id', 'int'));
+
+ $attributekey = GETPOST('attribute', 'alpha');
+ $attributekeylong = 'options_'.$attributekey;
+
+ if (GETPOSTISSET($attributekeylong.'day') && GETPOSTISSET($attributekeylong.'month') && GETPOSTISSET($attributekeylong.'year')) {
+ // This is properties of a date
+ $object->array_options['options_'.$attributekey] = dol_mktime(GETPOST($attributekeylong.'hour', 'int'), GETPOST($attributekeylong.'min', 'int'), GETPOST($attributekeylong.'sec', 'int'), GETPOST($attributekeylong.'month', 'int'), GETPOST($attributekeylong.'day', 'int'), GETPOST($attributekeylong.'year', 'int'));
+ //var_dump(dol_print_date($object->array_options['options_'.$attributekey]));exit;
+ } else {
+ $object->array_options['options_'.$attributekey] = GETPOST($attributekeylong, 'alpha');
+ }
+
+ $result = $object->insertExtraFields(empty($triggermodname) ? '' : $triggermodname, $user);
+ if ($result > 0) {
+ setEventMessages($langs->trans('RecordSaved'), null, 'mesgs');
+ $action = 'view';
+ } else {
+ setEventMessages($object->error, $object->errors, 'errors');
+ $action = 'edit_extras';
+ }
+}
/*
* View
diff --git a/htdocs/user/card.php b/htdocs/user/card.php
index ee1ebf71493..8d03d1d1cfb 100644
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@@ -3,7 +3,7 @@
* Copyright (C) 2002-2003 Jean-Louis Bergamo
* Copyright (C) 2004-2020 Laurent Destailleur
* Copyright (C) 2004 Eric Seigne
- * Copyright (C) 2005-2018 Regis Houssin
+ * Copyright (C) 2005-2021 Regis Houssin
* Copyright (C) 2005 Lionel Cousteix
* Copyright (C) 2011 Herve Prot
* Copyright (C) 2012-2018 Juanjo Menent
@@ -2309,7 +2309,7 @@ if ($action == 'create' || $action == 'adduserldap') {
}
if (preg_match('/dolibarr/', $dolibarr_main_authentication)) {
if ($caneditpassword) {
- $valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').'';
+ $valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').'';
} else {
$valuetoshow .= ($valuetoshow ? (' '.$langs->trans("or").' ') : '').preg_replace('/./i', '*', $object->pass);
}
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index f229cd80637..fe1c6993558 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -3380,14 +3380,21 @@ class User extends CommonObject
public function load_state_board()
{
// phpcs:enable
+ global $conf;
$this->nb = array();
- $sql = "SELECT count(u.rowid) as nb";
+ $sql = "SELECT COUNT(DISTINCT u.rowid) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
- $sql .= " WHERE u.statut > 0";
+ if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
+ $sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
+ $sql .= " WHERE ug.entity IN (".getEntity('usergroup').")";
+ $sql .= " AND ug.fk_user = u.rowid";
+ } else {
+ $sql .= " WHERE u.entity IN (".getEntity('user').")";
+ }
+ $sql .= " AND u.statut > 0";
//$sql.= " AND employee != 0";
- $sql .= " AND u.entity IN (".getEntity('user').")";
$resql = $this->db->query($sql);
if ($resql) {
|