diff --git a/ChangeLog b/ChangeLog index 3f5fad835f7..1c0e96fc27c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,7 @@ For users: NEW: Online proposal signature NEW: Can define some max limit on expense report (per period, per type or expense, ...) NEW: Allow the use of __NEWREF__ to get for example the new reference a draft order will get after validation. +NEW: Add option to disable globaly some notifications emails. NEW: #18326 Workflow: Close order on shipment closing. NEW: #18401 Add __NEWREF__ subtitute to get new object reference. NEW: #18403 Add __URL_SHIPMENT__ substitute to get the URL of a shipment diff --git a/htdocs/accountancy/admin/account.php b/htdocs/accountancy/admin/account.php index c9849f9f54f..c2ac133069d 100644 --- a/htdocs/accountancy/admin/account.php +++ b/htdocs/accountancy/admin/account.php @@ -38,6 +38,7 @@ $cancel = GETPOST('cancel', 'alpha'); $id = GETPOST('id', 'int'); $rowid = GETPOST('rowid', 'int'); $massaction = GETPOST('massaction', 'aZ09'); +$optioncss = GETPOST('optioncss', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'accountingaccountlist'; // To manage different context of search $search_account = GETPOST('search_account', 'alpha'); @@ -51,14 +52,14 @@ $confirm = GETPOST('confirm', 'alpha'); $chartofaccounts = GETPOST('chartofaccounts', 'int'); -$permissiontoadd = $user->rights->accounting->chartofaccount; -$permissiontodelete = $user->rights->accounting->chartofaccount; +$permissiontoadd = !empty($user->rights->accounting->chartofaccount); +$permissiontodelete = !empty($user->rights->accounting->chartofaccount); // Security check if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -438,43 +439,37 @@ if ($resql) { print $searchpicto; print ''; print ''; - $totalarray = array(); print ''; if (!empty($arrayfields['aa.account_number']['checked'])) { print_liste_field_titre($arrayfields['aa.account_number']['label'], $_SERVER["PHP_SELF"], "aa.account_number", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.label']['checked'])) { print_liste_field_titre($arrayfields['aa.label']['label'], $_SERVER["PHP_SELF"], "aa.label", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.labelshort']['checked'])) { print_liste_field_titre($arrayfields['aa.labelshort']['label'], $_SERVER["PHP_SELF"], "aa.labelshort", "", $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.account_parent']['checked'])) { print_liste_field_titre($arrayfields['aa.account_parent']['label'], $_SERVER["PHP_SELF"], "aa.account_parent", "", $param, '', $sortfield, $sortorder, 'left '); - $totalarray['nbfield']++; } if (!empty($arrayfields['aa.pcg_type']['checked'])) { print_liste_field_titre($arrayfields['aa.pcg_type']['label'], $_SERVER["PHP_SELF"], 'aa.pcg_type,aa.account_number', '', $param, '', $sortfield, $sortorder, '', $arrayfields['aa.pcg_type']['help'], 1); - $totalarray['nbfield']++; } if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { if (!empty($arrayfields['aa.reconcilable']['checked'])) { print_liste_field_titre($arrayfields['aa.reconcilable']['label'], $_SERVER["PHP_SELF"], 'aa.reconcilable', '', $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } } if (!empty($arrayfields['aa.active']['checked'])) { print_liste_field_titre($arrayfields['aa.active']['label'], $_SERVER["PHP_SELF"], 'aa.active', '', $param, '', $sortfield, $sortorder); - $totalarray['nbfield']++; } print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); print "\n"; $accountstatic = new AccountingAccount($db); $accountparent = new AccountingAccount($db); + $totalarray = array(); + $totalarray['nbfield'] = 0; $i = 0; while ($i < min($num, $limit)) { diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index f19afb12899..97a460beaac 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -78,7 +78,7 @@ $search_country_id = GETPOST('search_country_id', 'int'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/card.php b/htdocs/accountancy/admin/card.php index 4d69eae7db8..9430bf33439 100644 --- a/htdocs/accountancy/admin/card.php +++ b/htdocs/accountancy/admin/card.php @@ -48,7 +48,7 @@ $label = GETPOST('label', 'alpha'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index 999f81ef683..d914b825b7f 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -744,7 +744,7 @@ if ($resql) { print ''; } else { $tmpaction = 'view'; - $parameters = array('var'=>$var, 'fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); + $parameters = array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); $reshook = $hookmanager->executeHooks('viewDictionaryFieldlist', $parameters, $obj, $tmpaction); // Note that $action and $object may have been modified by some hooks $error = $hookmanager->error; $errors = $hookmanager->errors; diff --git a/htdocs/accountancy/admin/closure.php b/htdocs/accountancy/admin/closure.php index 8efb869ffaf..437ff1b7116 100644 --- a/htdocs/accountancy/admin/closure.php +++ b/htdocs/accountancy/admin/closure.php @@ -109,7 +109,7 @@ foreach ($list_account_main as $key) { print ''; // Value print ''; // Do not force class=right, or it align also the content of the select box - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); print ''; print ''; } diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 061752c11c5..5d78036159a 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -186,7 +186,7 @@ foreach ($list_account as $key) { print ''.$label.''; // Value print ''; // Do not force class=right, or it align also the content of the select box - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 'accounts'); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 'accounts'); print ''; print ''; } diff --git a/htdocs/accountancy/admin/fiscalyear.php b/htdocs/accountancy/admin/fiscalyear.php index 4338d7ad803..44c5309f531 100644 --- a/htdocs/accountancy/admin/fiscalyear.php +++ b/htdocs/accountancy/admin/fiscalyear.php @@ -52,7 +52,7 @@ $langs->loadLangs(array("admin", "compta")); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { // If we can read accounting records, we should be able to see fiscal year. +if (empty($user->rights->accounting->fiscalyear->write)) { // If we can read accounting records, we should be able to see fiscal year. accessforbidden(); } diff --git a/htdocs/accountancy/admin/fiscalyear_info.php b/htdocs/accountancy/admin/fiscalyear_info.php index d472350fab7..77ec988143a 100644 --- a/htdocs/accountancy/admin/fiscalyear_info.php +++ b/htdocs/accountancy/admin/fiscalyear_info.php @@ -33,7 +33,7 @@ $langs->loadLangs(array("admin", "compta")); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { +if (empty($user->rights->accounting->fiscalyear->write)) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index 66e3f3b73e4..e60deef59a3 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -612,7 +612,7 @@ if ($id) { print ''; } else { $tmpaction = 'view'; - $parameters = array('var'=>$var, 'fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); + $parameters = array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); $reshook = $hookmanager->executeHooks('viewDictionaryFieldlist', $parameters, $obj, $tmpaction); // Note that $action and $object may have been modified by some hooks $error = $hookmanager->error; $errors = $hookmanager->errors; diff --git a/htdocs/accountancy/admin/productaccount.php b/htdocs/accountancy/admin/productaccount.php index a842c294937..d98357bc93c 100644 --- a/htdocs/accountancy/admin/productaccount.php +++ b/htdocs/accountancy/admin/productaccount.php @@ -41,7 +41,7 @@ $langs->loadLangs(array("companies", "compta", "accountancy", "products")); if (empty($conf->accounting->enabled)) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } @@ -70,6 +70,7 @@ $search_onpurchase = GETPOST('search_onpurchase', 'alpha'); $accounting_product_mode = GETPOST('accounting_product_mode', 'alpha'); $btn_changeaccount = GETPOST('changeaccount', 'alpha'); $btn_changetype = GETPOST('changetype', 'alpha'); +$optioncss = GETPOST('optioncss', 'alpha'); if (empty($accounting_product_mode)) { $accounting_product_mode = 'ACCOUNTANCY_SELL'; @@ -253,35 +254,35 @@ $form = new FormAccounting($db); // so we need to get those the rowid of those default value first $accounting = new AccountingAccount($db); // TODO: we should need to check if result is already exists accountaccount rowid..... -$aarowid_servbuy = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT, 1); -$aarowid_servbuy_intra = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT, 1); -$aarowid_servbuy_export = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT, 1); -$aarowid_prodbuy = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT, 1); -$aarowid_prodbuy_intra = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT, 1); -$aarowid_prodbuy_export = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT, 1); -$aarowid_servsell = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT, 1); -$aarowid_servsell_intra = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT, 1); -$aarowid_servsell_export = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT, 1); -$aarowid_prodsell = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT, 1); -$aarowid_prodsell_intra = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT, 1); -$aarowid_prodsell_export = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT, 1); +$aarowid_servbuy = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_ACCOUNT'), 1); +$aarowid_servbuy_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT'), 1); +$aarowid_servbuy_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT'), 1); +$aarowid_prodbuy = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_ACCOUNT'), 1); +$aarowid_prodbuy_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT'), 1); +$aarowid_prodbuy_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT'), 1); +$aarowid_servsell = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_ACCOUNT'), 1); +$aarowid_servsell_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT'), 1); +$aarowid_servsell_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT'), 1); +$aarowid_prodsell = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_ACCOUNT'), 1); +$aarowid_prodsell_intra = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT'), 1); +$aarowid_prodsell_export = $accounting->fetch('', getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT'), 1); -$aacompta_servbuy = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_servbuy_intra = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_servbuy_export = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodbuy = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodbuy_intra = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodbuy_export = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_servsell = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_servsell_intra = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_servsell_export = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodsell = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodsell_intra = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT : $langs->trans("CodeNotDef")); -$aacompta_prodsell_export = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT : $langs->trans("CodeNotDef")); +$aacompta_servbuy = getDolGlobalString('ACCOUNTING_SERVICE_BUY_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_servbuy_intra = getDolGlobalString('ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_servbuy_export = getDolGlobalString('ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodbuy = getDolGlobalString('ACCOUNTING_PRODUCT_BUY_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodbuy_intra = getDolGlobalString('ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodbuy_export = getDolGlobalString('ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_servsell = getDolGlobalString('ACCOUNTING_SERVICE_SOLD_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_servsell_intra = getDolGlobalString('ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_servsell_export = getDolGlobalString('ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodsell = getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodsell_intra = getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT', $langs->trans("CodeNotDef")); +$aacompta_prodsell_export = getDolGlobalString('ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT', $langs->trans("CodeNotDef")); llxHeader('', $langs->trans("ProductsBinding")); -$pcgverid = $conf->global->CHARTOFACCOUNTS; +$pcgverid = getDolGlobalString('CHARTOFACCOUNTS'); $pcgvercode = dol_getIdFromCode($db, $pcgverid, 'accounting_system', 'rowid', 'pcg_version'); if (empty($pcgvercode)) { $pcgvercode = $pcgverid; diff --git a/htdocs/accountancy/admin/subaccount.php b/htdocs/accountancy/admin/subaccount.php index c3308393c27..cc0d4de9f31 100644 --- a/htdocs/accountancy/admin/subaccount.php +++ b/htdocs/accountancy/admin/subaccount.php @@ -36,6 +36,7 @@ $cancel = GETPOST('cancel', 'alpha'); $id = GETPOST('id', 'int'); $rowid = GETPOST('rowid', 'int'); $massaction = GETPOST('massaction', 'aZ09'); +$optioncss = GETPOST('optioncss', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'accountingsubaccountlist'; // To manage different context of search $search_subaccount = GETPOST('search_subaccount', 'alpha'); @@ -46,7 +47,7 @@ $search_type = GETPOST('search_type', 'int'); if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->chartofaccount) { +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -367,6 +368,7 @@ if ($resql) { print "\n"; $totalarray = array(); + $totalarray['nbfield'] = 0; $i = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index c71958691bd..b772da3ce08 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -512,10 +512,10 @@ if ($action == 'create') { print ''; - print '
'; + print '
'; print '
'; - print ''; + print '
'; // Doc type if (!empty($object->doc_type)) { @@ -591,7 +591,7 @@ if ($action == 'create') { */ print "
\n"; - print '
'; + print '
'; print dol_get_fiche_end(); diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index ed3c69c18bc..50116b94b23 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -1,10 +1,10 @@ - * Copyright (C) 2013-2020 Alexandre Spangaro - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Alexandre Spangaro + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2015 Ari Elbaz (elarifr) - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -738,10 +738,11 @@ class AccountingAccount extends CommonObject * @param Facture $facture Facture * @param FactureLigne $factureDet Facture Det * @param array $accountingAccount array of Account account + * @param string $type Customer / Supplier * * @return array Accounting accounts suggested */ - public function getAccountingCodeToBind(Societe $buyer, $seller, Product $product, Facture $facture, FactureLigne $factureDet, $accountingAccount = array()) + public function getAccountingCodeToBind(Societe $buyer, $seller, Product $product, Facture $facture, FactureLigne $factureDet, $accountingAccount = array(), $type = '') { global $conf; global $hookmanager; @@ -750,84 +751,116 @@ class AccountingAccount extends CommonObject $hookmanager->initHooks(array('accoutancyBindingCalculation')); // Execute hook accoutancyBindingCalculation - $parameters = array('buyer' => $buyer, 'seller' => $seller, 'product' => $product, 'facture' => $facture, 'factureDet' => $factureDet ,'accountingAccount'=>$accountingAccount); + $parameters = array('buyer' => $buyer, 'seller' => $seller, 'product' => $product, 'facture' => $facture, 'factureDet' => $factureDet ,'accountingAccount'=>$accountingAccount, $type); $reshook = $hookmanager->executeHooks('accoutancyBindingCalculation', $parameters); // Note that $action and $object may have been modified by some hooks if (empty($reshook)) { + if ($type=='customer') { + $const_name = "SOLD"; + } elseif ($type=='supplier') { + $const_name = "BUY"; + } + require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php'; $isBuyerInEEC = isInEEC($buyer); $isSellerInEEC = isInEEC($seller); - $code_sell_l = ''; - $code_sell_p = ''; - $code_sell_t = ''; + $code_l = ''; + $code_p = ''; + $code_t = ''; $suggestedid = ''; // Level 1: Search suggested default account for product/service $suggestedaccountingaccountbydefaultfor = ''; if ($factureDet->product_type == 1) { if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = ''; } else { if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithvat'; } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber'; } elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_INTRA_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_INTRA_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eec'; } else { // Foreign sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_EXPORT_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_SERVICE_' . $const_name . '_EXPORT_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'export'; } } } elseif ($factureDet->product_type == 0) { if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = ''; } else { if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithvat'; } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber'; } elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_INTRA_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_INTRA_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'eec'; } else { - $code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT : ''); + $code_l = (!empty($conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_EXPORT_ACCOUNT'}) ? $conf->global->{'ACCOUNTING_PRODUCT_' . $const_name . '_EXPORT_ACCOUNT'} : ''); $suggestedaccountingaccountbydefaultfor = 'export'; } } } - if ($code_sell_l == -1) { - $code_sell_l = ''; + if ($code_l == -1) { + $code_l = ''; } // Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding) $suggestedaccountingaccountfor = ''; - if ((($buyer->country_code == $seller->country_code) || empty($buyer->country_code)) && !empty($product->accountancy_code_sell)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $code_sell_p = $product->accountancy_code_sell; + if ((($buyer->country_code == $seller->country_code) || empty($buyer->country_code))) { + // If buyer in same country than seller (if not defined, we assume it is same country) + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; $suggestedaccountingaccountfor = 'prodserv'; } else { - if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0 && !empty($product->accountancy_code_sell)) { // European intravat sale, but with VAT - $code_sell_p = $product->accountancy_code_sell; + if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { + // European intravat sale, but with VAT + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; $suggestedaccountingaccountfor = 'eecwithvat'; - } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra) && !empty($product->accountancy_code_sell)) { // European intravat sale, without VAT intra community number - $code_sell_p = $product->accountancy_code_sell; + } elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { + // European intravat sale, without VAT intra community number + if ($type=='customer' && !empty($product->accountancy_code_sell)) { + $code_p = $product->accountancy_code_sell; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy)) { + $code_p = $product->accountancy_code_sell; + } $suggestedid = $accountingAccount['dom']; // There is a doubt for this case. Is it an error on vat or we just forgot to fill vat number ? $suggestedaccountingaccountfor = 'eecwithoutvatnumber'; - } elseif ($isSellerInEEC && $isBuyerInEEC && !empty($product->accountancy_code_sell_intra)) { // European intravat sale - $code_sell_p = $product->accountancy_code_sell_intra; + } elseif ($isSellerInEEC && $isBuyerInEEC && !empty($product->accountancy_code_sell_intra)) { + // European intravat sale + if ($type=='customer' && !empty($product->accountancy_code_sell_intra)) { + $code_p = $product->accountancy_code_sell_intra; + } elseif ($type=='supplier' && !empty($product->accountancy_code_buy_intra)) { + $code_p = $product->accountancy_code_buy_intra; + } $suggestedid = $accountingAccount['intra']; $suggestedaccountingaccountfor = 'eec'; - } elseif (!empty($product->accountancy_code_sell_export)) { // Foreign sale - $code_sell_p = $product->accountancy_code_sell_export; + } else { + // Foreign sale + // European intravat sale + if ($type=='customer' && !empty($product->accountancy_code_sell_export)) { + $code_p = $product->accountancy_code_sell_export; + } elseif ($type=='supplier' && !empty($product->accountancy_code_sell_export)) { + $code_p = $product->accountancy_code_sell_export; + } $suggestedid = $accountingAccount['export']; $suggestedaccountingaccountfor = 'export'; } @@ -836,7 +869,7 @@ class AccountingAccount extends CommonObject // Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding) if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { if (!empty($buyer->code_compta)) { - $code_sell_t = $buyer->code_compta; + $code_t = $buyer->code_compta; $suggestedid = $accountingAccount['thirdparty']; $suggestedaccountingaccountfor = 'thridparty'; } @@ -850,33 +883,33 @@ class AccountingAccount extends CommonObject return -1; } - $code_sell_l = $accountdeposittoventilated->ref; + $code_l = $accountdeposittoventilated->ref; $suggestedid = $accountdeposittoventilated->rowid; $suggestedaccountingaccountfor = 'deposit'; } - if (empty($suggestedid) && empty($code_sell_p) && !empty($code_sell_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { - if (empty($this->accountingaccount_codetotid_cache[$code_sell_l])) { + if (empty($suggestedid) && empty($code_p) && !empty($code_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { + if (empty($this->accountingaccount_codetotid_cache[$code_l])) { $tmpaccount = new self($this->db); - $result = $tmpaccount->fetch(0, $code_sell_l, 1); + $result = $tmpaccount->fetch(0, $code_l, 1); if ($result < 0) { return -1; } if ($tmpaccount->id > 0) { $suggestedid = $tmpaccount->id; } - $this->accountingaccount_codetotid_cache[$code_sell_l] = $tmpaccount->id; + $this->accountingaccount_codetotid_cache[$code_l] = $tmpaccount->id; } else { - $suggestedid = $this->accountingaccount_codetotid_cache[$code_sell_l]; + $suggestedid = $this->accountingaccount_codetotid_cache[$code_l]; } } return array( 'suggestedaccountingaccountbydefaultfor' => $suggestedaccountingaccountbydefaultfor, 'suggestedaccountingaccountfor' => $suggestedaccountingaccountfor, 'suggestedid' => $suggestedid, - 'code_sell_l' => $code_sell_l, - 'code_sell_p' => $code_sell_p, - 'code_sell_t' => $code_sell_t, + 'code_l' => $code_l, + 'code_p' => $code_p, + 'code_t' => $code_t, ); } else { if (is_array($hookmanager->resArray) && !empty($hookmanager->resArray)) { diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php index a7220d01a28..fdcc6f54ab3 100644 --- a/htdocs/accountancy/closure/index.php +++ b/htdocs/accountancy/closure/index.php @@ -63,7 +63,7 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->fiscalyear->write) { +if (empty($user->rights->accounting->fiscalyear->write)) { accessforbidden(); } diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index aa1abde5fa5..23958820b64 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -43,7 +43,7 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } @@ -73,12 +73,23 @@ $action = GETPOST('action', 'aZ09'); $chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version'); +// Security check +if (empty($conf->accounting->enabled)) { + accessforbidden(); +} +if ($user->socid > 0) { + accessforbidden(); +} +if (empty($user->rights->accounting->mouvements->lire)) { + accessforbidden(); +} + /* * Actions */ -if ($action == 'clean' || $action == 'validatehistory') { +if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) { // Clean database $db->begin(); $sql1 = "UPDATE ".MAIN_DB_PREFIX."facturedet as fd"; @@ -165,6 +176,7 @@ if ($action == 'validatehistory') { } dol_syslog('htdocs/accountancy/customer/index.php'); + $result = $db->query($sql); if (!$result) { $error++; @@ -209,7 +221,6 @@ if ($action == 'validatehistory') { $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; $product_static->tva_tx = $objp->tva_tx_prod; - $product_static->tva_tx = $objp->tva_tx_prod; $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; @@ -223,7 +234,7 @@ if ($action == 'validatehistory') { $facture_static_det->product_type = $objp->type_l; $facture_static_det->desc = $objp->description; - $accoutinAccountArray = array( + $accountingAccountArray = array( 'dom'=>$objp->aarowid, 'intra'=>$objp->aarowid_intra, 'export'=>$objp->aarowid_export, @@ -232,7 +243,7 @@ if ($action == 'validatehistory') { $code_sell_p_notset = ''; $code_sell_t_notset = ''; - $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray); + $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'customer'); if (!is_array($return) && $return<0) { setEventMessage($accountingAccount->error, 'errors'); } else { diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 97a885f97b9..020fbab1e4d 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -2,7 +2,7 @@ /* Copyright (C) 2013-2014 Olivier Geffroy * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014-2015 Ari Elbaz (elarifr) - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2016 Laurent Destailleur * @@ -192,10 +192,10 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) { dol_syslog("accountancy/customer/list.php", LOG_DEBUG); if ($db->query($sql)) { - $msg .= '
'.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; + $msg .= '
'.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("VentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'; $ok++; } else { - $msg .= '
'.$langs->trans("ErrorDB").' : '.$langs->trans("Lineofinvoice", $monId).' - '.$langs->trans("NotVentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'.$sql.'
'; + $msg .= '
'.$langs->trans("ErrorDB").' : '.$langs->trans("Lineofinvoice").' '.$monId.' - '.$langs->trans("NotVentilatedinAccount").' : '.length_accountg($accountventilated->account_number).'
'.$sql.'
'; $ko++; } } @@ -554,7 +554,6 @@ if ($result) { $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; $product_static->tva_tx = $objp->tva_tx_prod; - $product_static->tva_tx = $objp->tva_tx_prod; $facture_static->ref = $objp->ref; $facture_static->id = $objp->facid; @@ -568,7 +567,7 @@ if ($result) { $facture_static_det->product_type = $objp->type_l; $facture_static_det->desc = $objp->description; - $accoutinAccountArray = array( + $accountingAccountArray = array( 'dom'=>$objp->aarowid, 'intra'=>$objp->aarowid_intra, 'export'=>$objp->aarowid_export, @@ -577,7 +576,7 @@ if ($result) { $code_sell_p_notset = ''; $code_sell_t_notset = ''; - $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray); + $return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'customer'); if (!is_array($return) && $return<0) { setEventMessage($accountingAccount->error, 'errors'); } else { @@ -614,7 +613,7 @@ if ($result) { // Ref Invoice print ''.$facture_static->getNomUrl(1).''; - print ''.dol_print_date($db->jdate($facture_static->datef), 'day').''; + print ''.dol_print_date($db->jdate($facture_static->date), 'day').''; // Ref Product print ''; diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index 5e409f303ea..4147762aff4 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -1,7 +1,7 @@ - * Copyright (C) 2013-2014 Florian Henry - * Copyright (C) 2013-2020 Alexandre Spangaro + * Copyright (C) 2013-2021 Florian Henry + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014 Juanjo Menent * * This program is free software; you can redistribute it and/or modify @@ -29,6 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; +require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php'; // Load translation files required by the page $langs->loadLangs(array("compta", "bills", "other", "accountancy")); @@ -40,10 +41,11 @@ if (empty($conf->accounting->enabled)) { if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->accounting->bind->write) { +if (empty($user->rights->accounting->bind->write)) { accessforbidden(); } +$accountingAccount = new AccountingAccount($db); $month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1); if (GETPOST("year", 'int')) { @@ -97,6 +99,7 @@ if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accou $sql1 .= ' ON accnt.fk_pcg_version = syst.pcg_version AND syst.rowid='.$conf->global->CHARTOFACCOUNTS.' AND accnt.entity = '.$conf->entity.')'; $sql1 .= ' AND fd.fk_facture_fourn IN (SELECT rowid FROM '.MAIN_DB_PREFIX.'facture_fourn WHERE entity = '.$conf->entity.')'; $sql1 .= ' AND fk_code_ventilation <> 0'; + dol_syslog("htdocs/accountancy/customer/index.php fixaccountancycode", LOG_DEBUG); $resql1 = $db->query($sql1); if (!$resql1) { @@ -163,7 +166,7 @@ if ($action == 'validatehistory') { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity; - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_product_perentity . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_societe_perentity . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity; $sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0"; $sql .= " AND l.product_type <= 2"; if (!empty($conf->global->ACCOUNTING_DATE_START_BINDING)) { @@ -181,27 +184,74 @@ if ($action == 'validatehistory') { $isBuyerInEEC = isInEEC($mysoc); + $thirdpartystatic = new Societe($db); + $facture_static = new FactureFournisseur($db); + $facture_static_det = new SupplierInvoiceLine($db); + $product_static = new Product($db); + $i = 0; while ($i < min($num_lines, 10000)) { // No more than 10000 at once $objp = $db->fetch_object($result); - $isSellerInEEC = isInEEC($objp); + $thirdpartystatic->id = $objp->socid; + $thirdpartystatic->name = $objp->name; + $thirdpartystatic->client = $objp->client; + $thirdpartystatic->fournisseur = $objp->fournisseur; + $thirdpartystatic->code_client = $objp->code_client; + $thirdpartystatic->code_compta_client = $objp->code_compta_client; + $thirdpartystatic->code_fournisseur = $objp->code_fournisseur; + $thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur; + $thirdpartystatic->email = $objp->email; + $thirdpartystatic->country_code = $objp->country_code; + $thirdpartystatic->tva_intra = $objp->tva_intra; + $thirdpartystatic->code_compta = $objp->company_code_sell; - // Level 2: Search suggested account for product/service (similar code exists in page list.php to make manual binding) - $suggestedaccountingaccountfor = ''; - if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_p = $objp->code_buy; - $objp->aarowid_suggest = $objp->aarowid; - $suggestedaccountingaccountfor = ''; + $product_static->ref = $objp->product_ref; + $product_static->id = $objp->product_id; + $product_static->type = $objp->type; + $product_static->label = $objp->product_label; + $product_static->status = $objp->status; + $product_static->status_buy = $objp->status_buy; + $product_static->accountancy_code_sell = $objp->code_sell; + $product_static->accountancy_code_sell_intra = $objp->code_sell_intra; + $product_static->accountancy_code_sell_export = $objp->code_sell_export; + $product_static->accountancy_code_buy = $objp->code_buy; + $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; + $product_static->accountancy_code_buy_export = $objp->code_buy_export; + $product_static->tva_tx = $objp->tva_tx_prod; + + $facture_static->ref = $objp->ref; + $facture_static->id = $objp->facid; + $facture_static->type = $objp->ftype; + $facture_static->datef = $objp->datef; + + $facture_static_det->id = $objp->rowid; + $facture_static_det->total_ht = $objp->total_ht; + $facture_static_det->tva_tx = $objp->tva_tx_line; + $facture_static_det->vat_src_code = $objp->vat_src_code; + $facture_static_det->product_type = $objp->type_l; + $facture_static_det->desc = $objp->description; + + $accountingAccountArray = array( + 'dom'=>$objp->aarowid, + 'intra'=>$objp->aarowid_intra, + 'export'=>$objp->aarowid_export, + 'thirdparty' =>$objp->aarowid_thirdparty); + + $code_buy_p_notset = ''; + $code_buy_t_notset = ''; + + $return = $accountingAccount->getAccountingCodeToBind($mysoc, $thirdpartystatic, $product_static, $facture_static, $facture_static_det, $accountingAccountArray, 'supplier'); + if (!is_array($return) && $return<0) { + setEventMessage($accountingAccount->error, 'errors'); } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_p = $objp->code_buy_intra; - $objp->aarowid_suggest = $objp->aarowid_intra; - $suggestedaccountingaccountfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_p = $objp->code_buy_export; - $objp->aarowid_suggest = $objp->aarowid_export; - $suggestedaccountingaccountfor = 'export'; + $suggestedid=$return['suggestedid']; + $suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor']; + + if (!empty($suggestedid) && $suggestedaccountingaccountfor<>'') { + $suggestedid=$return['suggestedid']; + } else { + $suggestedid=0; } } @@ -216,8 +266,8 @@ if ($action == 'validatehistory') { if ($objp->aarowid_suggest > 0) { $sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det"; - $sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest); - $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $objp->rowid); + $sqlupdate .= " SET fk_code_ventilation = ".((int) $suggestedid); + $sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $facture_static_det->id); $resqlupdate = $db->query($sqlupdate); if (!$resqlupdate) { diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index e02a1ab6b54..20230c7cfad 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -2,7 +2,7 @@ /* Copyright (C) 2013-2014 Olivier Geffroy * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2014-2015 Ari Elbaz (elarifr) - * Copyright (C) 2013-2014 Florian Henry + * Copyright (C) 2013-2021 Florian Henry * Copyright (C) 2014 Juanjo Menent s * Copyright (C) 2016 Laurent Destailleur * @@ -46,6 +46,7 @@ $massaction = GETPOST('massaction', 'alpha'); $show_files = GETPOST('show_files', 'int'); $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); +$optioncss = GETPOST('optioncss', 'alpha'); // Select Box $mesCasesCochees = GETPOST('toselect', 'array'); @@ -97,10 +98,7 @@ if (!$sortorder) { $hookmanager->initHooks(array('accountancysupplierlist')); $formaccounting = new FormAccounting($db); -$accounting = new AccountingAccount($db); -// TODO: we should need to check if result is a really exist accountaccount rowid..... -$aarowid_s = $accounting->fetch('', $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT, 1); -$aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT, 1); +$accountingAccount = new AccountingAccount($db); $chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version'); @@ -522,9 +520,9 @@ if ($result) { $thirdpartystatic = new Societe($db); $facturefourn_static = new FactureFournisseur($db); + $facturefourn_static_det = new SupplierInvoiceLine($db); $product_static = new Product($db); - $isBuyerInEEC = isInEEC($mysoc); $accountingaccount_codetotid_cache = array(); @@ -547,6 +545,8 @@ if ($result) { $thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur; $thirdpartystatic->email = $objp->email; $thirdpartystatic->country_code = $objp->country_code; + $thirdpartystatic->tva_intra = $objp->tva_intra; + $thirdpartystatic->code_compta_fournisseur = $objp->company_code_buy; $product_static->ref = $objp->product_ref; $product_static->id = $objp->product_id; @@ -560,95 +560,63 @@ if ($result) { $product_static->accountancy_code_buy = $objp->code_buy; $product_static->accountancy_code_buy_intra = $objp->code_buy_intra; $product_static->accountancy_code_buy_export = $objp->code_buy_export; + $product_static->tva_tx = $objp->tva_tx_prod; $facturefourn_static->ref = $objp->ref; $facturefourn_static->id = $objp->facid; $facturefourn_static->type = $objp->ftype; $facturefourn_static->label = $objp->invoice_label; + $facturefourn_static_det->id = $objp->rowid; + $facturefourn_static_det->total_ht = $objp->total_ht; + $facturefourn_static_det->tva_tx_line = $objp->tva_tx_line; + $facturefourn_static_det->vat_src_code = $objp->vat_src_code; + $facturefourn_static_det->product_type = $objp->type_l; + $facturefourn_static_det->desc = $objp->description; + $code_buy_p_notset = ''; $code_buy_t_notset = ''; $objp->aarowid_suggest = ''; // Will be set later - $isSellerInEEC = isInEEC($objp); + $accountingAccountArray = array( + 'dom'=>$objp->aarowid, + 'intra'=>$objp->aarowid_intra, + 'export'=>$objp->aarowid_export, + 'thirdparty' =>$objp->aarowid_thirdparty); - // Level 1: Search suggested default account for product/service - $suggestedaccountingaccountbydefaultfor = ''; - if ($objp->type_l == 1) { - if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = ''; - } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'export'; - } - } - } elseif ($objp->type_l == 0) { - if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = ''; - } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_INTRA_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'eec'; - } else { - $objp->code_buy_l = (!empty($conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_BUY_EXPORT_ACCOUNT : ''); - $suggestedaccountingaccountbydefaultfor = 'export'; - } - } - } - if ($objp->code_sell_l == -1) { - $objp->code_sell_l = ''; - } + $code_buy_p_notset = ''; + $code_buy_t_notset = ''; - // Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding) - $suggestedaccountingaccountfor = ''; - if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country) - $objp->code_buy_p = $objp->code_buy; - $objp->aarowid_suggest = $objp->aarowid; - $suggestedaccountingaccountfor = ''; + $return=$accountingAccount->getAccountingCodeToBind($mysoc, $thirdpartystatic, $product_static, $facturefourn_static, $facturefourn_static_det, $accountingAccountArray, 'supplier'); + if (!is_array($return) && $return<0) { + setEventMessage($accountingAccount->error, 'errors'); } else { - if ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale - $objp->code_buy_p = $objp->code_buy_intra; - $objp->aarowid_suggest = $objp->aarowid_intra; - $suggestedaccountingaccountfor = 'eec'; - } else { // Foreign sale - $objp->code_buy_p = $objp->code_buy_export; - $objp->aarowid_suggest = $objp->aarowid_export; - $suggestedaccountingaccountfor = 'export'; - } + $suggestedid=$return['suggestedid']; + $suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor']; + $suggestedaccountingaccountbydefaultfor=$return['suggestedaccountingaccountbydefaultfor']; + $code_buy_l=$return['code_buy_l']; + $code_buy_p=$return['code_buy_p']; + $code_buy_t=$return['code_buy_t']; } + //var_dump($return); - // Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding) - if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { - if (!empty($objp->company_code_buy)) { - $objp->code_buy_t = $objp->company_code_buy; - $objp->aarowid_suggest = $objp->aarowid_thirdparty; - $suggestedaccountingaccountfor = ''; - } - } - - if (!empty($objp->code_buy_p)) { + if (!empty($code_buy_p)) { // Value was defined previously } else { $code_buy_p_notset = 'color:orange'; } - if (empty($objp->code_buy_l) && empty($objp->code_buy_p)) { + if (empty($code_buy_l) && empty($code_buy_p)) { $code_buy_p_notset = 'color:red'; } - // $objp->code_buy_l is now default code of product/service - // $objp->code_buy_p is now code of product/service - // $objp->code_buy_t is now code of thirdparty + // $code_buy_l is now default code of product/service + // $code_buy_p is now code of product/service + // $code_buy_t is now code of thirdparty print ''; // Line id - print ''.$objp->rowid.''; + print ''.$facturefourn_static_det->id.''; // Ref Invoice print ''.$facturefourn_static->getNomUrl(1).''; @@ -658,23 +626,23 @@ if ($result) { print ''; */ - print ''.dol_print_date($db->jdate($objp->datef), 'day').''; + print ''.dol_print_date($db->jdate($facturefourn_static_det->datef), 'day').''; // Ref Product print ''; if ($product_static->id > 0) { print $product_static->getNomUrl(1); } - if ($objp->product_label) { - print '
'.$objp->product_label.''; + if ($product_static->product_label) { + print '
'.$product_static->product_label.''; } print ''; // Description print ''; - $text = dolGetFirstLineOfText(dol_string_nohtmltag($objp->description)); + $text = dolGetFirstLineOfText(dol_string_nohtmltag($facturefourn_static_det->desc)); $trunclength = empty($conf->global->ACCOUNTING_LENGTH_DESCRIPTION) ? 32 : $conf->global->ACCOUNTING_LENGTH_DESCRIPTION; - print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); + print $form->textwithtooltip(dol_trunc($text, $trunclength), $facturefourn_static_det->desc); print ''; print ''; @@ -686,7 +654,7 @@ if ($result) { $code_vat_differ = 'font-weight:bold; text-decoration:blink; color:red'; } print ''; - print vatrate($objp->tva_tx_line.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')); + print vatrate($facturefourn_static_det->tva_tx_line.($facturefourn_static_det->vat_src_code ? ' ('.$facturefourn_static_det->vat_src_code.')' : '')); print ''; // Thirdparty @@ -703,26 +671,26 @@ if ($result) { // Found accounts print ''; - $s = '1. '.(($objp->type_l == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': '; + $s = '1. '.(($facturefourn_static_det->type_l == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': '; $shelp = ''; if ($suggestedaccountingaccountbydefaultfor == 'eec') { $shelp .= $langs->trans("SaleEEC"); } elseif ($suggestedaccountingaccountbydefaultfor == 'export') { $shelp .= $langs->trans("SaleExport"); } - $s .= ($objp->code_buy_l > 0 ? length_accountg($objp->code_buy_l) : ''.$langs->trans("NotDefined").''); + $s .= ($code_buy_l > 0 ? length_accountg($code_buy_l) : ''.$langs->trans("NotDefined").''); print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); - if ($objp->product_id > 0) { + if ($product_static->id > 0) { print '
'; - $s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; - $shelp = ''; + $s = '2. '.(($facturefourn_static_det->product_type == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; + $shelp = ''; $ttype = 'help'; if ($suggestedaccountingaccountfor == 'eec') { $shelp = $langs->trans("SaleEEC"); } elseif ($suggestedaccountingaccountfor == 'export') { $shelp = $langs->trans("SaleExport"); } - $s .= (empty($objp->code_buy_p) ? ''.$langs->trans("NotDefined").'' : length_accountg($objp->code_buy_p)); - print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); + $s .= (empty($code_buy_p) ? ''.$langs->trans("NotDefined").'' : length_accountg($code_buy_p)); + print $form->textwithpicto($s, $shelp, 1, $ttype, '', 0, 2, '', 1); } else { print '
'; $s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': '; @@ -732,35 +700,26 @@ if ($result) { } if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) { print '
'; - $s = '3. '.(($objp->type_l == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; + $s = '3. '.(($facturefourn_static_det->product_type == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': '; $shelp = ''; - $s .= ($objp->code_buy_t > 0 ? length_accountg($objp->code_buy_t) : ''.$langs->trans("NotDefined").''); + $s .= ($code_buy_t > 0 ? length_accountg($code_buy_t) : ''.$langs->trans("NotDefined").''); print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1); } print ''; // Suggested accounting account print ''; - $suggestedid = $objp->aarowid_suggest; - if (empty($suggestedid) && empty($objp->code_buy_p) && !empty($objp->code_buy_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) { - if (empty($accountingaccount_codetotid_cache[$objp->code_buy_l])) { - $tmpaccount = new AccountingAccount($db); - $tmpaccount->fetch(0, $objp->code_buy_l, 1); - if ($tmpaccount->id > 0) { - $suggestedid = $tmpaccount->id; - } - $accountingaccount_codetotid_cache[$objp->code_buy_l] = $tmpaccount->id; - } else { - $suggestedid = $accountingaccount_codetotid_cache[$objp->code_buy_l]; - } - } - print $formaccounting->select_account($suggestedid, 'codeventil'.$objp->rowid, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone'); + print $formaccounting->select_account($suggestedid, 'codeventil'.$facturefourn_static_det->id, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone'); print ''; // Column with checkbox print ''; - $ischecked = $objp->aarowid_suggest; - print ''; + if (!empty($suggestedid)) { + $ischecked = 1; + } else { + $ischecked = 0; + } + print ''; print ''; print ''; diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index c4ac6ef1472..cf0d82b2c7b 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -935,8 +935,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $object->country = $tmparray['label']; } + $soc = new Societe($db); if (!empty($socid)) { - $soc = new Societe($db); if ($socid > 0) { $soc->fetch($socid); } @@ -1783,10 +1783,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; - print '
'; + print '
'; print '
'; - print ''; + print '
'; // Birth Date print ''; @@ -1872,7 +1872,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "
'.$langs->trans("DateOfBirth").''.dol_print_date($object->birth, 'day').'
\n"; - print "
\n"; + print "\n"; print '
'; print dol_get_fiche_end(); @@ -2045,7 +2045,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print showOnlinePaymentUrl('membersubscription', $object->ref); } - print '
'; + print '
'; $MAX = 10; @@ -2056,7 +2056,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, $socid, 1, 'listactions', $MAX, '', $morehtmlcenter); - print '
'; + print ''; } // Presend form diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index e777108c491..38ad3f037b9 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -70,7 +70,7 @@ class AdherentStats extends Stats $this->where .= " m.statut != -1"; $this->where .= " AND p.fk_adherent = m.rowid AND m.entity IN (".getEntity('adherent').")"; - //if (!$user->rights->societe->client->voir && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .((int) $user->id); if ($this->memberid) { $this->where .= " AND m.rowid = ".((int) $this->memberid); } @@ -91,7 +91,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -111,7 +111,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%Y') as dm, count(*)"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -132,7 +132,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -153,7 +153,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; @@ -174,7 +174,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " GROUP BY year"; $sql .= $this->db->order('year', 'DESC'); diff --git a/htdocs/adherents/htpasswd.php b/htdocs/adherents/htpasswd.php index e1f580a3656..60639193295 100644 --- a/htdocs/adherents/htpasswd.php +++ b/htdocs/adherents/htpasswd.php @@ -36,7 +36,7 @@ $sortorder = GETPOST('sortorder', 'aZ09'); if (empty($conf->adherent->enabled)) { accessforbidden(); } -if (!$user->rights->adherent->export) { +if (empty($user->rights->adherent->export)) { accessforbidden(); } diff --git a/htdocs/adherents/stats/index.php b/htdocs/adherents/stats/index.php index ed79978552f..d0776bc3459 100644 --- a/htdocs/adherents/stats/index.php +++ b/htdocs/adherents/stats/index.php @@ -210,7 +210,7 @@ print ''; print ''; -print '
'; +print '
'; // Show graphs @@ -225,7 +225,7 @@ if ($mesg) { print ''; -print '
'; +print ''; print '
'; diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index c51fa86cec6..4c7a24afc44 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -557,10 +557,10 @@ if ($rowid > 0) { print ''; print ''; - print '
'; + print '
'; print '
'; - print ''; + print '
'; // Birthday print ''; @@ -652,7 +652,7 @@ if ($rowid > 0) { print "
'.$langs->trans("DateOfBirth").''.dol_print_date($object->birth, 'day').'
\n"; - print "
\n"; + print "\n"; print '
'; print dol_get_fiche_end(); @@ -963,7 +963,7 @@ if ($rowid > 0) { if ($adht->subscription) { // Amount - print ''.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).''; + print ''.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency) .''; // Label print ''.$langs->trans("Label").''; diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php index b0a6e40d3ca..0dca0d86193 100644 --- a/htdocs/adherents/subscription/card.php +++ b/htdocs/adherents/subscription/card.php @@ -48,7 +48,7 @@ $note = GETPOST('note', 'alpha'); $typeid = (int) GETPOST('typeid', 'int'); $amount = price2num(GETPOST('amount', 'alpha'), 'MT'); -if (!$user->rights->adherent->cotisation->lire) { +if (empty($user->rights->adherent->cotisation->lire)) { accessforbidden(); } @@ -388,7 +388,7 @@ if ($rowid && $action != 'edit') { if ($linktoelem) print ($somethingshown?'':'
').$linktoelem; */ - print '
'; + print '
'; // List of actions on element /* @@ -397,7 +397,7 @@ if ($rowid && $action != 'edit') { $somethingshown = $formactions->showactions($object, $object->element, $socid, 1); */ - print '
'; + print ''; } // End of page diff --git a/htdocs/adherents/subscription/info.php b/htdocs/adherents/subscription/info.php index 080e2c0330c..9eb431320cd 100644 --- a/htdocs/adherents/subscription/info.php +++ b/htdocs/adherents/subscription/info.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php'; // Load translation files required by the page $langs->loadLangs(array("companies", "members", "bills", "users")); -if (!$user->rights->adherent->lire) { +if (empty($user->rights->adherent->lire)) { accessforbidden(); } diff --git a/htdocs/adherents/type_translation.php b/htdocs/adherents/type_translation.php index 88f45c9c20e..256f29b6b81 100644 --- a/htdocs/adherents/type_translation.php +++ b/htdocs/adherents/type_translation.php @@ -76,11 +76,11 @@ if ($action == 'vadd' && $cancel != $langs->trans("Cancel") && $user->rights->ad if ($forcelangprod == $current_lang) { $object->label = GETPOST("libelle", 'alphanohtml'); $object->description = dol_htmlcleanlastbr(GETPOST("desc", 'restricthtml')); - $object->other = dol_htmlcleanlastbr(GETPOST("other", 'restricthtml')); + //$object->other = dol_htmlcleanlastbr(GETPOST("other", 'restricthtml')); } else { $object->multilangs[$forcelangprod]["label"] = GETPOST("libelle", 'alphanohtml'); $object->multilangs[$forcelangprod]["description"] = dol_htmlcleanlastbr(GETPOST("desc", 'restricthtml')); - $object->multilangs[$forcelangprod]["other"] = dol_htmlcleanlastbr(GETPOST("other", 'restricthtml')); + //$object->multilangs[$forcelangprod]["other"] = dol_htmlcleanlastbr(GETPOST("other", 'restricthtml')); } // backup into database diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 775e2cd2093..4a5a09a3461 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -220,7 +220,7 @@ $tabsql[21] = "SELECT c.rowid as rowid, c.code, c.label, c.active, c.position FR $tabsql[22] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_input_reason"; $tabsql[23] = "SELECT t.rowid as rowid, t.taux, t.revenuestamp_type, c.label as country, c.code as country_code, t.fk_pays as country_id, t.note, t.active, t.accountancy_code_sell, t.accountancy_code_buy FROM ".MAIN_DB_PREFIX."c_revenuestamp as t, ".MAIN_DB_PREFIX."c_country as c WHERE t.fk_pays=c.rowid"; $tabsql[24] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_type_resource"; -$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity IN (".getEntity('c_type_container').")"; +$tabsql[25] = "SELECT rowid as rowid, code, label, active, module FROM ".MAIN_DB_PREFIX."c_type_container as t WHERE t.entity = ".getEntity($tabname[25]); //$tabsql[26]= "SELECT rowid as rowid, code, label, short_label, active FROM ".MAIN_DB_PREFIX."c_units"; $tabsql[27] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcomm"; $tabsql[28] = "SELECT h.rowid as rowid, h.code, h.label, h.affect, h.delay, h.newbymonth, h.fk_country as country_id, c.code as country_code, c.label as country, h.active FROM ".MAIN_DB_PREFIX."c_holiday_types as h LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON h.fk_country=c.rowid"; @@ -233,7 +233,7 @@ $tabsql[34] = "SELECT rowid, pos, code, label, c_level, active FROM ".MAIN_DB_PR $tabsql[35] = "SELECT c.rowid, c.label, c.active, c.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_cat c"; $tabsql[36] = "SELECT r.rowid, r.fk_c_exp_tax_cat, r.range_ik, r.active, r.entity FROM ".MAIN_DB_PREFIX."c_exp_tax_range r"; $tabsql[37] = "SELECT r.rowid, r.code, r.sortorder, r.label, r.short_label, r.unit_type, r.scale, r.active FROM ".MAIN_DB_PREFIX."c_units r"; -$tabsql[38] = "SELECT rowid, entity, code, label, url, icon, active FROM ".MAIN_DB_PREFIX."c_socialnetworks"; +$tabsql[38] = "SELECT s.rowid, s.entity, s.code, s.label, s.url, s.icon, s.active FROM ".MAIN_DB_PREFIX."c_socialnetworks as s WHERE s.entity = ".getEntity($tabname[38]); $tabsql[39] = "SELECT code, label as libelle, sortorder, active FROM ".MAIN_DB_PREFIX."c_prospectcontactlevel"; $tabsql[40] = "SELECT id as rowid, code, libelle, picto, active FROM ".MAIN_DB_PREFIX."c_stcommcontact"; $tabsql[41] = "SELECT rowid as rowid, code, label, active FROM ".MAIN_DB_PREFIX."c_transport_mode"; diff --git a/htdocs/admin/loan.php b/htdocs/admin/loan.php index 0769ee5c0a0..59b7eb8b463 100644 --- a/htdocs/admin/loan.php +++ b/htdocs/admin/loan.php @@ -105,7 +105,7 @@ foreach ($list as $key) { // Value print ''; if (!empty($conf->accounting->enabled)) { - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); } else { print ''; } diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index 2c35faea3b1..b896c8962b4 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -894,7 +894,7 @@ if ($resql) { $valuetoshow = $langs->trans("Content"); $showfield = 0; } if ($fieldlist[$field] == 'content_lines') { - $valuetoshow = $langs->trans("ContentLines"); $showfield = 0; + $valuetoshow = $langs->trans("ContentForLines"); $showfield = 0; } // Show fields @@ -973,6 +973,14 @@ if ($resql) { $doleditor = new DolEditor($tmpfieldlist.'-'.$rowid, (!empty($obj->{$tmpfieldlist}) ? $obj->{$tmpfieldlist} : ''), '', 500, 'dolibarr_mailings', 'In', 0, false, $okforextended, ROWS_6, '90%'); print $doleditor->Create(1); } + if ($tmpfieldlist == 'content_lines') { + print $form->textwithpicto($langs->trans("ContentForLines"), $tabhelp[$id][$tmpfieldlist], 1, 'help', '', 0, 2, $tmpfieldlist).'
'; + $okforextended = true; + if (empty($conf->global->FCKEDITOR_ENABLE_MAIL)) + $okforextended = false; + $doleditor = new DolEditor($tmpfieldlist.'-'.$rowid, (! empty($obj->{$tmpfieldlist}) ? $obj->{$tmpfieldlist} : ''), '', 140, 'dolibarr_mailings', 'In', 0, false, $okforextended, ROWS_6, '90%'); + print $doleditor->Create(1); + } print ''; print ''; print ''; @@ -1114,35 +1122,6 @@ if ($resql) { //else print ''.img_delete().''; // Some dictionary can be edited by other profile than admin } print ''; - - /* - $fieldsforcontent = array('content'); - if (! empty($conf->global->MAIN_EMAIL_TEMPLATES_FOR_OBJECT_LINES)) - { - $fieldsforcontent = array('content', 'content_lines'); - } - foreach ($fieldsforcontent as $tmpfieldlist) - { - $showfield = 1; - $align = "left"; - $valuetoshow = $obj->{$tmpfieldlist}; - - $class = 'tddict'; - // Show value for field - if ($showfield) { - - print ''; // To create an artificial CR for the current tr we are on - $okforextended = true; - if (empty($conf->global->FCKEDITOR_ENABLE_MAIL)) - $okforextended = false; - $doleditor = new DolEditor($tmpfieldlist.'-'.$i, (! empty($obj->{$tmpfieldlist}) ? $obj->{$tmpfieldlist} : ''), '', 140, 'dolibarr_mailings', 'In', 0, false, $okforextended, ROWS_6, '90%', 1); - print $doleditor->Create(1); - print ''; - print ''; - - } - }*/ - print "\n"; } diff --git a/htdocs/admin/notification.php b/htdocs/admin/notification.php index 8137c34e1e6..1b06e9dd25e 100644 --- a/htdocs/admin/notification.php +++ b/htdocs/admin/notification.php @@ -97,6 +97,10 @@ if ($action == 'setvalue' && $user->admin) { $error++; } + $result = dolibarr_set_const($db, "NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE", GETPOST("notif_disable", "alphawithlgt"), 'chaine', 0, '', $conf->entity); + if ($result < 0) { + $error++; + } if (!$error) { $db->commit(); @@ -199,6 +203,29 @@ if (!empty($conf->global->NOTIFICATION_EMAIL_FROM) && !isValidEmail($conf->globa } print ''; print ''; + +print ''; +print $langs->trans("NotificationDisableConfirmMessageUser").''; +print ''; +if ($conf->use_javascript_ajax) { + print ajax_constantonoff('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER'); +} else { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); + print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER", $arrval, $conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER); +} +print ''; +print ''; +print ''; +print $langs->trans("NotificationDisableConfirmMessageFix").''; +print ''; +if ($conf->use_javascript_ajax) { + print ajax_constantonoff('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX'); +} else { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); + print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX", $arrval, $conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX); +} +print ''; +print ''; print ''; print $form->buttonsSaveCancel("Save", ''); diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index f03246a6bdf..9c643d54583 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -163,7 +163,7 @@ print '
'; // XDebug print ''.$langs->trans("XDebug").': '; -$test = !function_exists('xdebug_is_enabled'); +$test = !function_exists('xdebug_is_enabled') && !extension_loaded('xdebug'); if ($test) { print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis"); } else { diff --git a/htdocs/admin/tools/dolibarr_export.php b/htdocs/admin/tools/dolibarr_export.php index 6215de6396a..0785b6a91cb 100644 --- a/htdocs/admin/tools/dolibarr_export.php +++ b/htdocs/admin/tools/dolibarr_export.php @@ -539,13 +539,11 @@ print " \n"; print '
'; -print '
'; $filearray = dol_dir_list($conf->admin->dir_output.'/backup', 'files', 0, '', '', $sortfield, (strtolower($sortorder) == 'asc' ?SORT_ASC:SORT_DESC), 1); $result = $formfile->list_of_documents($filearray, null, 'systemtools', '', 1, 'backup/', 1, 0, $langs->trans("NoBackupFileAvailable"), 0, $langs->trans("PreviousDumpFiles")); print '
'; -print '
'; print '
'; print ''; print ''; @@ -620,13 +618,11 @@ print ''; print ''; print '
'; -print '
'; $filearray = dol_dir_list($conf->admin->dir_output.'/documents', 'files', 0, '', '', $sortfield, (strtolower($sortorder) == 'asc' ?SORT_ASC:SORT_DESC), 1); $result = $formfile->list_of_documents($filearray, null, 'systemtools', '', 1, 'documents/', 1, 0, $langs->trans("NoBackupFileAvailable"), 0, $langs->trans("PreviousArchiveFiles")); print '
'; -print '
'; print '
'; print ''; diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php index b2473409b5b..524b92a080e 100644 --- a/htdocs/asset/card.php +++ b/htdocs/asset/card.php @@ -325,7 +325,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $linktoelem = $form->showLinkToObjectBlock($object, null, array('asset')); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
'; + print '
'; $MAXEVENT = 10; @@ -336,7 +336,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, $socid, 1, '', $MAXEVENT, '', $morehtmlright); - print '
'; + print ''; } } diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 2a15aa0965b..4698222bda8 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Load translation files required by the page $langs->loadLangs(array("admin", "other", "blockedlog", "bills")); -if ((!$user->admin && !$user->rights->blockedlog->read) || empty($conf->blockedlog->enabled)) { +if ((!$user->admin && empty($user->rights->blockedlog->read)) || empty($conf->blockedlog->enabled)) { accessforbidden(); } diff --git a/htdocs/blockedlog/ajax/block-info.php b/htdocs/blockedlog/ajax/block-info.php index 9fde03e1e5e..eb851af169a 100644 --- a/htdocs/blockedlog/ajax/block-info.php +++ b/htdocs/blockedlog/ajax/block-info.php @@ -43,7 +43,7 @@ require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php'; $id = GETPOST('id', 'int'); $block = new BlockedLog($db); -if ((!$user->admin && !$user->rights->blockedlog->read) || empty($conf->blockedlog->enabled)) { +if ((!$user->admin && empty($user->rights->blockedlog->read)) || empty($conf->blockedlog->enabled)) { accessforbidden(); } diff --git a/htdocs/bom/ajax/interface.php b/htdocs/bom/ajax/interface.php new file mode 100644 index 00000000000..23b208e25ba --- /dev/null +++ b/htdocs/bom/ajax/interface.php @@ -0,0 +1,28 @@ +'. (int) $current_bom_id; + $resql = $db->query($sql); + if ($resql && $db->num_rows($resql) > 0) { + $options = array(); + $cpt=0; + while ($obj = $db->fetch_object($resql)) { + $options[$obj->rowid] = $obj->ref.' - '.$obj->label; + $cpt++; + } + print json_encode($options); + } + + break; +} diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index c649b207ef5..5e86611507b 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -149,6 +149,7 @@ if (empty($reshook)) { // Set if we used free entry or predefined product $idprod = (int) GETPOST('idprod', 'int'); + $bom_child = (int) GETPOST('bom_select', 'int'); $qty = price2num(GETPOST('qty', 'alpha'), 'MS'); $qty_frozen = price2num(GETPOST('qty_frozen', 'alpha'), 'MS'); $disable_stock_change = GETPOST('disable_stock_change', 'int'); @@ -172,6 +173,7 @@ if (empty($reshook)) { $bomline = new BOMLine($db); $bomline->fk_bom = $id; $bomline->fk_product = $idprod; + $bomline->fk_bom_child = $bom_child; $bomline->qty = $qty; $bomline->qty_frozen = (int) $qty_frozen; $bomline->disable_stock_change = (int) $disable_stock_change; @@ -571,9 +573,78 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea if (!empty($object->lines) || ($object->status == $object::STATUS_DRAFT && $permissiontoadd && $action != 'selectlines' && $action != 'editline')) { print ''; } + ?> + + '; print "\n"; + ?> + + + + id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
'; + print '
'; $MAXEVENT = 10; @@ -703,7 +774,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, $socid, 1, '', $MAXEVENT, '', $morehtmlright); - print '
'; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index a4ab56c2a66..fd8d4a19a75 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -1139,6 +1139,7 @@ class BOMLine extends CommonObjectLine 'rowid' => array('type'=>'integer', 'label'=>'LineID', 'enabled'=>1, 'visible'=>-1, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), 'fk_bom' => array('type'=>'integer:BillOfMaterials:societe/class/bom.class.php', 'label'=>'BillOfMaterials', 'enabled'=>1, 'visible'=>1, 'position'=>10, 'notnull'=>1, 'index'=>1,), 'fk_product' => array('type'=>'integer:Product:product/class/product.class.php', 'label'=>'Product', 'enabled'=>1, 'visible'=>1, 'position'=>20, 'notnull'=>1, 'index'=>1,), + 'fk_bom_child' => array('type'=>'integer:BOM:bom/class/bom.class.php', 'label'=>'BillOfMaterials', 'enabled'=>1, 'visible'=>-1, 'position'=>40, 'notnull'=>-1,), 'description' => array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>60, 'notnull'=>-1,), 'qty' => array('type'=>'double(24,8)', 'label'=>'Quantity', 'enabled'=>1, 'visible'=>1, 'position'=>100, 'notnull'=>1, 'isameasure'=>'1',), 'qty_frozen' => array('type'=>'smallint', 'label'=>'QuantityFrozen', 'enabled'=>1, 'visible'=>1, 'default'=>0, 'position'=>105, 'css'=>'maxwidth50imp', 'help'=>'QuantityConsumedInvariable'), @@ -1163,6 +1164,11 @@ class BOMLine extends CommonObjectLine */ public $fk_product; + /** + * @var int Id of parent bom + */ + public $fk_bom_child; + /** * @var string description */ diff --git a/htdocs/bom/tpl/objectline_create.tpl.php b/htdocs/bom/tpl/objectline_create.tpl.php index 210ab695ec8..d96f8da2791 100644 --- a/htdocs/bom/tpl/objectline_create.tpl.php +++ b/htdocs/bom/tpl/objectline_create.tpl.php @@ -61,6 +61,8 @@ if ($nolinesbefore) { print ''; print '
'.$langs->trans('AddNewLine').''; print ''; + // Linked BOM + print ''.$langs->trans('BOM').''; print ''.$langs->trans('Qty').''; if (!empty($conf->global->PRODUCT_USE_UNITS)) { print ''; @@ -107,6 +109,10 @@ if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { echo ''; } +$coldisplay++; +print ''; +print ''; +print ''; $coldisplay++; print ''; diff --git a/htdocs/bom/tpl/objectline_edit.tpl.php b/htdocs/bom/tpl/objectline_edit.tpl.php index 46b57e89243..54e145ad2ee 100644 --- a/htdocs/bom/tpl/objectline_edit.tpl.php +++ b/htdocs/bom/tpl/objectline_edit.tpl.php @@ -97,6 +97,8 @@ print ''; */ $coldisplay++; +// For BOM +print ''; print ''; if (($line->info_bits & 2) != 2) { diff --git a/htdocs/bom/tpl/objectline_title.tpl.php b/htdocs/bom/tpl/objectline_title.tpl.php index d1b29ee03b0..0656f23aed9 100644 --- a/htdocs/bom/tpl/objectline_title.tpl.php +++ b/htdocs/bom/tpl/objectline_title.tpl.php @@ -43,6 +43,8 @@ print "\n"; print "\n"; print ''; +print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'  '; +print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").' '; // Adds a line numbering column if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER)) { @@ -52,6 +54,9 @@ if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER)) { // Description print ''.$langs->trans('Description').''; +// Linked BOM +print ''.$langs->trans('BOM').''; + // Qty print ''.$form->textwithpicto($langs->trans('Qty'), $langs->trans("QtyRequiredIfNoLoss")).''; diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index 9ef77fb0d98..8256019bd98 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -80,9 +80,22 @@ print '
'; $coldisplay++; $tmpproduct = new Product($object->db); $tmpproduct->fetch($line->fk_product); +$tmpbom = new BOM($object->db); +$res = $tmpbom->fetch($line->fk_bom_child); +if (!empty($tmpbom->id)) { + print '' . (empty($conf->global->BOM_SHOW_ALL_BOM_BY_DEFAULT) ? '(+)' : '(-)') . ' '; +} print $tmpproduct->getNomUrl(1); print ' - '.$tmpproduct->label; print ''; + +// To show BOM links in the list +if ($res > 0) { + print ''.$tmpbom->getNomUrl(1).''; +} else { + print ' '; +} + print ''; $coldisplay++; echo price($line->qty, 0, '', 0, 0); // Yes, it is a quantity, not a price, but we just want the formating role of function price @@ -111,7 +124,8 @@ $coldisplay++; echo $line->efficiency; print ''; -print ''; +$total_cost = 0; +print ''; $coldisplay++; echo price($line->total_cost); print ''; @@ -166,6 +180,93 @@ if ($action == 'selectlines') { print ''; +// Select of all the sub-BOM lines +$sql = 'SELECT rowid, fk_bom_child, fk_product FROM '.MAIN_DB_PREFIX.'bom_bomline AS bl'; +$sql.= ' WHERE fk_bom ='. (int) $tmpbom->id; +$resql = $object->db->query($sql); + +if ($resql) { + // Loop on all the sub-BOM lines if they exist + while ($obj = $object->db->fetch_object($resql)) { + $sub_bom_product = new Product($object->db); + $sub_bom_product->fetch($obj->fk_product); + + $sub_bom = new BOM($object->db); + $sub_bom->fetch($obj->fk_bom_child); + + $sub_bom_line = new BOMLine($object->db); + $sub_bom_line->fetch($obj->rowid); + + //If hidden conf is set, we show directly all the sub-BOM lines + if (empty($conf->global->BOM_SHOW_ALL_BOM_BY_DEFAULT)) { + print ''; + } else { + print ''; + } + + // Product + print ''.$sub_bom_product->getNomUrl(1).''; + + // Sub-BOM + if ($sub_bom_line->fk_bom_child > 0) { + print ''.$sub_bom->getNomUrl(1).''; + } else { + print ' '; + } + + // Qty + print ''.price($sub_bom_line->qty * $line->qty, 0, '', 0, 0).''; + if ($sub_bom_line->qty_frozen > 0) { + print ''.$sub_bom_line->qty_frozen.''; + } else { + print ' '; + } + + // Disable stock change + if ($sub_bom_line->disable_stock_change > 0) { + print ''.$sub_bom_line->disable_stock_change.''; + } else { + print ' '; + } + + // Efficiency + print ''.$sub_bom_line->efficiency.''; + + // Cost price if it's defined + if ($sub_bom_product->cost_price > 0) { + print ''.price($sub_bom_product->cost_price * $line->qty).''; + $total_cost.= $sub_bom_product->cost_price * $line->qty; + } elseif ($sub_bom_product->pmp > 0) { // PMP if cost price isn't defined + print ''.price($sub_bom_product->pmp * $line->qty).''; + $total_cost.= $sub_bom_product->pmp * $line->qty; + } else { // Minimum purchase price if cost price and PMP aren't defined + $sql_supplier_price = 'SELECT MIN(price) AS min_price FROM '.MAIN_DB_PREFIX.'product_fournisseur_price'; + $sql_supplier_price.= ' WHERE fk_product = '. (int) $sub_bom_product->id; + $resql_supplier_price = $object->db->query($sql_supplier_price); + if ($resql_supplier_price) { + $obj = $object->db->fetch_object($resql_supplier_price); + print ''.price($obj->min_price * $line->qty).''; + $total_cost+= $obj->min_price * $line->qty; + } + } + + print ''; + print ''; + print ''; + } +} + +// Replace of the total_cost value by the sum of all sub-BOM lines total_cost +if ($total_cost > 0) { + $line->total_cost = price($total_cost); + ?> + + showOptionals($extrafields, 'view', array('style'=>'class="drag drop oddeven"', 'colspan'=>$coldisplay), '', '', 1, 'line'); diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index 74d2284c4b5..289916a07c2 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/bookmarks/class/bookmark.class.php'; $langs->loadLangs(array('bookmarks', 'other')); // Security check -if (!$user->rights->bookmark->lire) { +if (empty($user->rights->bookmark->lire)) { restrictedArea($user, 'bookmarks'); } diff --git a/htdocs/bookmarks/list.php b/htdocs/bookmarks/list.php index 17be6be9cef..8a5de8f4d91 100644 --- a/htdocs/bookmarks/list.php +++ b/htdocs/bookmarks/list.php @@ -35,7 +35,7 @@ $toselect = GETPOST('toselect', 'array'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'bookmarklist'; // To manage different context of search // Security check -if (!$user->rights->bookmark->lire) { +if (empty($user->rights->bookmark->lire)) { restrictedArea($user, 'bookmarks'); } $optioncss = GETPOST('optioncss', 'alpha'); diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index e7c361322bc..4f8c6b28d41 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -626,12 +626,18 @@ class Categorie extends CommonObject } $arraydelete = array( - 'categorie_societe' => 'fk_categorie', - 'categorie_fournisseur' => 'fk_categorie', 'categorie_product' => 'fk_categorie', + 'categorie_fournisseur' => 'fk_categorie', + 'categorie_societe' => 'fk_categorie', 'categorie_member' => 'fk_categorie', 'categorie_contact' => 'fk_categorie', + 'categorie_user' => 'fk_categorie', + 'categorie_project' => 'fk_categorie', 'categorie_account' => 'fk_categorie', + 'categorie_website_page' => 'fk_categorie', + 'categorie_warehouse' => 'fk_categorie', + 'categorie_actioncomm' => 'fk_categorie', + 'categorie_ticket' => 'fk_categorie', 'bank_class' => 'fk_categ', 'categorie_lang' => 'fk_category', 'categorie' => 'rowid', @@ -753,8 +759,6 @@ class Categorie extends CommonObject } return -1; } - - return 0; } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps @@ -810,8 +814,6 @@ class Categorie extends CommonObject $this->error = $this->db->lasterror(); return -1; } - - return 0; } /** diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index bf089e0cd5b..d6b663a8804 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -173,7 +173,12 @@ if ($elemid && $action == 'addintocategory' && (($type == Categorie::TYPE_PRODUCT && ($user->rights->produit->creer || $user->rights->service->creer)) || ($type == Categorie::TYPE_CUSTOMER && $user->rights->societe->creer) || ($type == Categorie::TYPE_SUPPLIER && $user->rights->societe->creer) || - ($type == Categorie::TYPE_TICKET && $user->rights->ticket->write) + ($type == Categorie::TYPE_TICKET && $user->rights->ticket->write) || + ($type == Categorie::TYPE_PROJECT && $user->rights->projet->creer) || + ($type == Categorie::TYPE_MEMBER && $user->rights->projet->creer) || + ($type == Categorie::TYPE_CONTACT && $user->rights->societe->creer) || + ($type == Categorie::TYPE_USER && $user->rights->user->user->creer) || + ($type == Categorie::TYPE_ACCOUNT && $user->rights->banque->configurer) )) { if ($type == Categorie::TYPE_PRODUCT) { require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; @@ -191,6 +196,26 @@ if ($elemid && $action == 'addintocategory' && require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php'; $newobject = new Ticket($db); $elementtype = 'ticket'; + } elseif ($type == Categorie::TYPE_PROJECT) { + require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + $newobject = new Project($db); + $elementtype = 'project'; + } elseif ($type == Categorie::TYPE_MEMBER) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + $newobject = new Adherent($db); + $elementtype = 'member'; + } elseif ($type == Categorie::TYPE_CONTACT) { + require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; + $newobject = new Contact($db); + $elementtype = 'contact'; + } elseif ($type == Categorie::TYPE_USER) { + require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; + $newobject = new User($db); + $elementtype = 'user'; + } elseif ($type == Categorie::TYPE_ACCOUNT) { + require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; + $newobject = new User($db); + $elementtype = 'bank_account'; } $result = $newobject->fetch($elemid); @@ -199,7 +224,7 @@ if ($elemid && $action == 'addintocategory' && if ($result >= 0) { setEventMessages($langs->trans("WasAddedSuccessfully", $newobject->ref), null, 'mesgs'); } else { - if ($cat->error == 'DB_ERROR_RECORD_ALREADY_EXISTS') { + if ($object->error == 'DB_ERROR_RECORD_ALREADY_EXISTS') { setEventMessages($langs->trans("ObjectAlreadyLinkedToCategory"), null, 'warnings'); } else { setEventMessages($object->error, $object->errors, 'errors'); @@ -538,6 +563,7 @@ if ($type == Categorie::TYPE_PRODUCT) { } } +// List of customers if ($type == Categorie::TYPE_CUSTOMER) { $permission = $user->rights->societe->creer; @@ -611,7 +637,7 @@ if ($type == Categorie::TYPE_CUSTOMER) { } } - +// List of suppliers if ($type == Categorie::TYPE_SUPPLIER) { $permission = $user->rights->societe->creer; @@ -696,6 +722,26 @@ if ($type == Categorie::TYPE_MEMBER) { if ($prods < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddMemberIntoCategory").'  '; + print $form->selectMembers('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -752,6 +798,25 @@ if ($type == Categorie::TYPE_CONTACT) { if (!is_array($contacts) && $contacts < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddContactIntoCategory").'  '; + print $form->selectContacts('', '', 'elemid'); + print '
'; + print '
'; + } print '
'; print ''; print ''; @@ -817,6 +882,26 @@ if ($type == Categorie::TYPE_ACCOUNT) { if ($accounts < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddAccountIntoCategory").'  '; + $form->select_comptes('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -874,6 +959,26 @@ if ($type == Categorie::TYPE_PROJECT) { if ($objects < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddProjectIntoCategory").'  '; + $form->selectProjects('', 'elemid'); + print '
'; + print '
'; + } + print '
'; print ''; print ''; @@ -930,6 +1035,25 @@ if ($type == Categorie::TYPE_USER) { if ($users < 0) { dol_print_error($db, $object->error, $object->errors); } else { + // Form to add record into a category + $showclassifyform = 1; + if ($showclassifyform) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
'; + print $langs->trans("AddProjectIntoCategory").'  '; + print $form->select_dolusers('', 'elemid'); + print '
'; + print '
'; + } print '
'; print ''; print ''; diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 03cf1f90f33..54a33417854 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -2214,10 +2214,10 @@ if ($id > 0) { print $formfile->showdocuments('actions', $object->id, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 0, 0, '', '', '', $object->default_lang); - print '
'; + print '
'; - print '
'; + print ''; } } } diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 6d1b53cbca0..3e2520f43da 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1327,10 +1327,10 @@ class ActionComm extends CommonObject $sql = "SELECT count(a.id) as nb"; } $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".((int) $user->id); } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; @@ -1339,13 +1339,13 @@ class ActionComm extends CommonObject $sql .= " AND a.percent >= 0 AND a.percent < 100"; } $sql .= " AND a.entity IN (".getEntity('agenda').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { $sql .= " AND a.fk_soc = ".((int) $user->socid); } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " AND (a.fk_user_author = ".((int) $user->id)." OR a.fk_user_action = ".((int) $user->id)." OR a.fk_user_done = ".((int) $user->id); $sql .= " OR ar.fk_element = ".((int) $user->id); $sql .= ")"; diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 4c4d44c3a6e..855571e834b 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -201,9 +201,9 @@ if ($object->id > 0) { // Date start print ''.$langs->trans("DateActionStart").''; if (!$object->fulldayevent) { - print dol_print_date($object->datep, 'dayhour'); + print dol_print_date($object->datep, 'dayhour', 'tzuser'); } else { - print dol_print_date($object->datep, 'day'); + print dol_print_date($object->datep, 'day', 'tzuser'); } if ($object->percentage == 0 && $object->datep && $object->datep < ($now - $delay_warning)) { print img_warning($langs->trans("Late")); @@ -214,9 +214,9 @@ if ($object->id > 0) { // Date end print ''.$langs->trans("DateActionEnd").''; if (!$object->fulldayevent) { - print dol_print_date($object->datef, 'dayhour'); + print dol_print_date($object->datef, 'dayhour', 'tzuser'); } else { - print dol_print_date($object->datef, 'day'); + print dol_print_date($object->datef, 'day', 'tzuser'); } if ($object->percentage > 0 && $object->percentage < 100 && $object->datef && $object->datef < ($now - $delay_warning)) { print img_warning($langs->trans("Late")); diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 18b751a368c..5f7349fab3c 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -86,13 +86,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -660,7 +660,7 @@ $sql .= ' a.fk_soc, a.fk_contact, a.fk_project,'; $sql .= ' a.fk_element, a.elementtype,'; $sql .= ' ca.code as type_code, ca.libelle as type_label, ca.color as type_color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -711,7 +711,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index c7d28a1bcc7..985a403b086 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -136,13 +136,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -414,7 +414,7 @@ $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields as ef ON (a.id = ef.fk_object)"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; @@ -468,7 +468,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/pertype.php b/htdocs/comm/action/pertype.php index 08cef7dd80a..55540b3006f 100644 --- a/htdocs/comm/action/pertype.php +++ b/htdocs/comm/action/pertype.php @@ -80,13 +80,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -506,7 +506,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,'; $sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,'; $sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -557,7 +557,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project=".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 18d75dba42b..0148170d316 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -80,13 +80,13 @@ if ($socid < 0) { } $canedit = 1; -if (!$user->rights->agenda->myactions->read) { +if (empty($user->rights->agenda->myactions->read)) { accessforbidden(); } -if (!$user->rights->agenda->allactions->read) { +if (empty($user->rights->agenda->allactions->read)) { $canedit = 0; } -if (!$user->rights->agenda->allactions->read || $filter == 'mine') { // If no permission to see all, we show only affected to me +if (empty($user->rights->agenda->allactions->read) || $filter == 'mine') { // If no permission to see all, we show only affected to me $filtert = $user->id; } @@ -533,7 +533,7 @@ $sql .= ' a.transparency, a.priority, a.fulldayevent, a.location,'; $sql .= ' a.fk_soc, a.fk_contact, a.fk_element, a.elementtype, a.fk_project,'; $sql .= ' ca.code, ca.libelle as type_label, ca.color, ca.type as type_type, ca.picto as type_picto'; $sql .= ' FROM '.MAIN_DB_PREFIX.'c_actioncomm as ca, '.MAIN_DB_PREFIX."actioncomm as a"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } // We must filter on resource table @@ -584,7 +584,7 @@ if ($resourceid > 0) { if ($pid) { $sql .= " AND a.fk_project = ".((int) $pid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($socid > 0) { diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index c8ec0621394..aaab987fd9c 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -682,7 +682,7 @@ if ($object->id > 0) { print ""; } - print '
'; + print '
'; print '
'; $boxstat = ''; @@ -1341,7 +1341,7 @@ if ($object->id > 0) { print $hookmanager->resPrint; } - print '
'; + print ''; print '
'; print dol_get_fiche_end(); diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php index 52f6e675c5f..57a88bef157 100644 --- a/htdocs/comm/contact.php +++ b/htdocs/comm/contact.php @@ -82,14 +82,14 @@ if ($type == "f") { $sql = "SELECT s.rowid, s.nom as name, st.libelle as stcomm"; $sql .= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone"; $sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."socpeople as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc"; $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND p.entity IN (".getEntity('socpeople').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($type == "c") { diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 2603b520c77..aad02f2bd07 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -129,13 +129,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_DRAFT; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -226,13 +226,13 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($supplierproposalstatic->element).")"; $sql .= " AND p.fk_statut = ".SupplierProposal::STATUS_DRAFT; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -322,13 +322,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_statut = ".Commande::STATUS_DRAFT; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -419,13 +419,13 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.entity IN (".getEntity($supplierorderstatic->element).")"; $sql .= " AND cf.fk_statut = ".CommandeFournisseur::STATUS_DRAFT; $sql .= " AND cf.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -511,7 +511,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -520,7 +520,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -548,7 +548,6 @@ if (!empty($conf->ficheinter->enabled)) { } print '
'; -print '
'; /* * Last modified customers or prospects @@ -561,12 +560,12 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { $sql .= ", s.canvas"; $sql .= ", s.datec, s.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.client IN (".Societe::CUSTOMER.", ".Societe::PROSPECT.", ".Societe::CUSTOMER_AND_PROSPECT.")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -657,12 +656,12 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S $sql .= ", s.canvas"; $sql .= ", s.datec as dc, s.tms as dm"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.fournisseur = ".Societe::SUPPLIER; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -762,13 +761,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire && 0) { // T $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."product as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($staticcontrat->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -837,13 +836,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -953,13 +952,13 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_SHIPMENTONPROCESS.")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1057,7 +1056,6 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { } } -print '
'; print '
'; print ''; diff --git a/htdocs/comm/mailing/index.php b/htdocs/comm/mailing/index.php index 66860669e2d..bd1a83e9959 100644 --- a/htdocs/comm/mailing/index.php +++ b/htdocs/comm/mailing/index.php @@ -141,8 +141,7 @@ if (is_resource($handle)) { print "
"; -//print ''; -print '
'; +print '
'; /* @@ -193,7 +192,7 @@ if ($result) { } -print '
'; +print ''; $parameters = array('user' => $user); diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 8f92184d4ca..222f6ab8a87 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1559,8 +1559,6 @@ if ($action == 'create') { } } - $object = new Propal($db); - print ''; print ''; print ''; @@ -2398,7 +2396,6 @@ if ($action == 'create') { print ''; print '
'; - print '
'; print '
'; print ''; @@ -2457,7 +2454,6 @@ if ($action == 'create') { $formmargin->displayMarginInfos($object); } - print ''; print ''; print ''; @@ -2690,14 +2686,14 @@ if ($action == 'create') { print showOnlineSignatureUrl('proposal', $object->ref).'
'; } - print '
'; + print '
'; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'propal', $socid, 1); - print '
'; + print ''; } // Presend form diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 6ae93695f8c..2f055f54a42 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2779,17 +2779,17 @@ class Propal extends CommonObject $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " p.rowid as propalid, p.fk_statut, p.total_ht, p.ref, p.remise, "; $sql .= " p.datep as dp, p.fin_validite as datelimite"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3293,7 +3293,7 @@ class Propal extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.fin_validite as datefin, p.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3470,7 +3470,7 @@ class Propal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/comm/propal/class/propalestats.class.php b/htdocs/comm/propal/class/propalestats.class.php index 181e5b545f8..2b8c5d9047d 100644 --- a/htdocs/comm/propal/class/propalestats.class.php +++ b/htdocs/comm/propal/class/propalestats.class.php @@ -93,7 +93,7 @@ class PropaleStats extends Stats } //$this->where.= " AND p.fk_soc = s.rowid AND p.entity = ".$conf->entity; $this->where .= ($this->where ? ' AND ' : '')."p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -129,7 +129,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -154,7 +154,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -178,7 +178,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, SUM(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -203,7 +203,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, AVG(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -226,7 +226,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as year, COUNT(*) as nb, SUM(".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -252,7 +252,7 @@ class PropaleStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/comm/propal/index.php b/htdocs/comm/propal/index.php index de2e4a1d64c..e170f873961 100644 --- a/htdocs/comm/propal/index.php +++ b/htdocs/comm/propal/index.php @@ -81,13 +81,13 @@ if (!empty($conf->propal->enabled)) { $sql .= ", s.rowid as socid, s.nom as name, s.client, s.canvas, s.code_client, s.email, s.entity, s.code_compta"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut =".Propal::STATUS_DRAFT; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -146,7 +146,6 @@ if (!empty($conf->propal->enabled)) { print ''; print '
'; -print '
'; /* * Last modified proposals @@ -156,7 +155,7 @@ $sql = "SELECT c.rowid, c.entity, c.ref, c.fk_statut, date_cloture as datec"; $sql .= ", s.nom as socname, s.rowid as socid, s.canvas, s.client, s.email, s.code_compta"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($propalstatic->element).")"; @@ -165,7 +164,7 @@ $sql .= " AND c.fk_soc = s.rowid"; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -232,13 +231,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= ", p.rowid as propalid, p.entity, p.total_ttc, p.total_ht, p.ref, p.fk_statut, p.datep as dp, p.fin_validite as dfv"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -317,12 +316,12 @@ if (! empty($conf->propal->enabled)) $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid"; $sql.=" FROM ".MAIN_DB_PREFIX."propal as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 1"; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); @@ -392,12 +391,12 @@ if (! empty($conf->propal->enabled)) $sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom as name, s.rowid as socid"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 2 "; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); - if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); @@ -456,7 +455,6 @@ if (! empty($conf->propal->enabled)) } */ -print '
'; print '
'; print ''; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 269cf9cfd91..3535ae0cde1 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -509,7 +509,7 @@ $sql .= ' p.note_public, p.note_private,'; $sql .= ' p.fk_cond_reglement,p.fk_mode_reglement,p.fk_shipping_method,p.fk_input_reason,'; $sql .= " pr.rowid as project_id, pr.ref as project_ref, pr.title as project_label,"; $sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity as user_entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } if (!empty($search_categ_cus) && $search_categ_cus != '-1') { @@ -547,7 +547,7 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON p.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as pr ON pr.rowid = p.fk_projet"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_availability as ava on (ava.rowid = p.fk_availability)"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -562,7 +562,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE p.fk_soc = s.rowid'; $sql .= ' AND p.entity IN ('.getEntity('propal').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php index c1975e309f5..36d9af8f9b4 100644 --- a/htdocs/comm/propal/stats/index.php +++ b/htdocs/comm/propal/stats/index.php @@ -111,7 +111,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/proposalsnbinyear-'.$user->id.'-'.$year.'.png'; $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsnbinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -147,7 +147,7 @@ if (!$mesg) { $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear, 0); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/proposalsamountinyear-'.$user->id.'-'.$year.'.png'; $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=proposalsamountinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -182,7 +182,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); $fileurl_avg = ''; -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; @@ -347,7 +347,7 @@ foreach ($data as $val) { print '
'; print '
'; -print '
'; +print '
'; // Show graphs @@ -364,7 +364,7 @@ if ($mesg) { print ''; -print '
'; +print ''; print '
'; diff --git a/htdocs/comm/prospect/index.php b/htdocs/comm/prospect/index.php index d2f60c36212..1e1caa796b5 100644 --- a/htdocs/comm/prospect/index.php +++ b/htdocs/comm/prospect/index.php @@ -80,13 +80,13 @@ if (!empty($conf->propal->enabled)) { $sql = "SELECT count(*) as cc, st.libelle, st.picto, st.id"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY st.id"; @@ -122,13 +122,13 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql = "SELECT p.rowid, p.ref, p.price, s.nom as sname"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_statut = 0"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -163,8 +163,7 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { } -//print ''; -print '
'; +print '
'; /* @@ -183,14 +182,14 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; $sql .= " AND p.fk_statut = 1"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -244,12 +243,12 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { */ $sql = "SELECT s.nom as name, s.rowid as socid, s.client, s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = 1"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY s.tms ASC"; @@ -280,8 +279,7 @@ if ($resql) { } -//print ''; -print '
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/comm/remise.php b/htdocs/comm/remise.php index bcb0fefa7b8..b2900e65575 100644 --- a/htdocs/comm/remise.php +++ b/htdocs/comm/remise.php @@ -250,7 +250,6 @@ if ($socid > 0) { if ($isCustomer) { print ''; // class="fichehalfleft" print '
'; - print '
'; print load_fiche_titre($langs->trans("SupplierDiscounts"), '', ''); } @@ -298,7 +297,6 @@ if ($socid > 0) { } if ($isCustomer) { - print '
'; // class="ficheaddleft" print '
'; // class="fichehalfright" print ''; // class="fichecenter" } diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index e9419480ed6..4404f9758a6 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -532,7 +532,6 @@ if ($socid > 0) { if ($isCustomer) { print ''; // class="fichehalfleft" print '
'; - print '
'; print load_fiche_titre($langs->trans("SupplierDiscounts"), '', ''); } @@ -667,7 +666,6 @@ if ($socid > 0) { } if ($isCustomer) { - print '
'; // class="ficheaddleft" print '
'; // class="fichehalfright" print ''; // class="fichecenter" } @@ -843,7 +841,6 @@ if ($socid > 0) { if ($isCustomer) { print ''; // class="fichehalfleft" print '
'; - print '
'; print load_fiche_titre($langs->trans("SupplierDiscounts"), '', ''); } @@ -1000,7 +997,6 @@ if ($socid > 0) { } if ($isCustomer) { - print '
'; // class="ficheaddleft" print '
'; // class="fichehalfright" print ''; // class="fichecenter" } diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 5b818f7abce..cb62cf0094f 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2367,7 +2367,6 @@ if ($action == 'create' && $usercancreate) { print ''; print '
'; - print '
'; print '
'; print ''; @@ -2424,7 +2423,6 @@ if ($action == 'create' && $usercancreate) { } - print ''; print ''; print ''; // Close fichecenter @@ -2663,14 +2661,14 @@ if ($action == 'create' && $usercancreate) { print showOnlinePaymentUrl('order', $object->ref).'
'; } - print '
'; + print '
'; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'order', $socid, 1); - print '
'; + print ''; } // Presend form diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index 0887c22a8f3..6d0b5a5d297 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -981,6 +981,7 @@ class Orders extends DolibarrApi if (!DolibarrApiAccess::$user->rights->expedition->lire) { throw new RestException(401); } + $obj_ret = array(); $sql = "SELECT e.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " JOIN ".MAIN_DB_PREFIX."expeditiondet as edet"; @@ -1054,7 +1055,6 @@ class Orders extends DolibarrApi if ($result <= 0) { throw new RestException(500, 'Error on creating expedition lines:'.$this->db->lasterror()); } - $i++; } return $shipment->id; } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index e3675129198..9b315698527 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2678,16 +2678,16 @@ class Commande extends CommonOrder $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " c.rowid as cid, c.ref"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3505,7 +3505,7 @@ class Commande extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3915,7 +3915,7 @@ class Commande extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index 8ac89d5a18f..d02d56175ff 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -93,7 +93,7 @@ class CommandeStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= ($this->where ? ' AND ' : '').'c.entity IN ('.getEntity('commande').')'; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -128,7 +128,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -153,7 +153,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -177,7 +177,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -202,7 +202,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, AVG(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -225,7 +225,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -249,7 +249,7 @@ class CommandeStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/commande/customer.php b/htdocs/commande/customer.php index 3ecaa0fbee1..96efda7c187 100644 --- a/htdocs/commande/customer.php +++ b/htdocs/commande/customer.php @@ -77,16 +77,16 @@ $thirdpartystatic = new Societe($db); $sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea"; $sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."commande as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id AND c.fk_soc = s.rowid"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (GETPOST("search_nom")) { diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index a794d79e743..03644fe5690 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -94,7 +94,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -103,7 +103,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -146,7 +146,7 @@ if (!empty($conf->commande->enabled)) { } -print '
'; +print '
'; $max = 5; @@ -162,7 +162,7 @@ $sql .= ", s.code_client"; $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -171,7 +171,7 @@ $sql .= " AND c.entity IN (".getEntity('commande').")"; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -246,7 +246,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -255,7 +255,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; @@ -335,7 +335,7 @@ if (!empty($conf->commande->enabled)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -344,7 +344,7 @@ if (!empty($conf->commande->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; @@ -414,7 +414,7 @@ if (!empty($conf->commande->enabled)) { } -print '
'; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardOrders', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 4e8a18821ff..503c125b59c 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -465,7 +465,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = c.fk_projet"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON c.fk_user_author = u.rowid'; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -486,7 +486,7 @@ if ($search_product_category > 0) { if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php index a9c38e1531c..8a3a6a142aa 100644 --- a/htdocs/commande/stats/index.php +++ b/htdocs/commande/stats/index.php @@ -42,7 +42,7 @@ $mode = GETPOSTISSET("mode") ? GETPOST("mode", 'aZ09') : 'customer'; if ($mode == 'customer' && !$user->rights->commande->lire) { accessforbidden(); } -if ($mode == 'supplier' && !$user->rights->fournisseur->commande->lire) { +if ($mode == 'supplier' && empty($user->rights->fournisseur->commande->lire)) { accessforbidden(); } @@ -112,7 +112,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/ordersnbinyear-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersnbinyear-'.$user->id.'-'.$year.'.png'; @@ -158,7 +158,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/ordersamountinyear-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersamountinyear-'.$user->id.'-'.$year.'.png'; @@ -202,7 +202,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; @@ -401,7 +401,7 @@ print '
'; print '
'; -print '
'; +print '
'; // Show graphs @@ -418,7 +418,7 @@ if ($mesg) { print ''; -print '
'; +print ''; print '
'; print dol_get_fiche_end(); diff --git a/htdocs/compta/bank/account_statement_document.php b/htdocs/compta/bank/account_statement_document.php index 03209ad7673..0a979e01d39 100644 --- a/htdocs/compta/bank/account_statement_document.php +++ b/htdocs/compta/bank/account_statement_document.php @@ -120,6 +120,8 @@ if (GETPOST("rel") == 'prev') { $found = true; } +$permissiontoadd = $user->rights->banque->modifier; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/compta/bank/annuel.php b/htdocs/compta/bank/annuel.php index d771b307234..36a9d17315a 100644 --- a/htdocs/compta/bank/annuel.php +++ b/htdocs/compta/bank/annuel.php @@ -448,9 +448,9 @@ if ($result < 0) { print '
'; // do not use class="center" here, it will have no effect for the js graph inside. print $show1; - print '
'; // do not use class="center" here, it will have no effect for the js graph inside. + print '
'; // do not use class="center" here, it will have no effect for the js graph inside. print $show2; - print '
'; + print ''; print '
'; } diff --git a/htdocs/compta/bank/bilan.php b/htdocs/compta/bank/bilan.php index 94ae0134a9d..6edee79f86b 100644 --- a/htdocs/compta/bank/bilan.php +++ b/htdocs/compta/bank/bilan.php @@ -28,7 +28,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; // Load translation files required by the page $langs->loadLangs(array('banks', 'categories')); -if (!$user->rights->banque->lire) { +if (empty($user->rights->banque->lire)) { accessforbidden(); } diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index d2a29a98f30..c543b9edd9b 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -698,7 +698,6 @@ if ($action == 'create') { print ''; print '
'; - print '
'; print '
'; print ''; @@ -795,7 +794,6 @@ if ($action == 'create') { print '
'; } - print '
'; print '
'; print ''; diff --git a/htdocs/compta/bank/document.php b/htdocs/compta/bank/document.php index ec46002b031..7dce00005f3 100644 --- a/htdocs/compta/bank/document.php +++ b/htdocs/compta/bank/document.php @@ -74,6 +74,8 @@ if ($id > 0 || !empty($ref)) { $result = restrictedArea($user, 'banque', $object->id, 'bank_account', '', ''); +$permissiontoadd = $user->rights->banque->modifier; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/compta/bank/info.php b/htdocs/compta/bank/info.php index c61f6e50bff..e8514c1e96e 100644 --- a/htdocs/compta/bank/info.php +++ b/htdocs/compta/bank/info.php @@ -39,7 +39,7 @@ if ($user->socid) { $socid = $user->socid; } $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype); -if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) { +if (empty($user->rights->banque->lire) && !$user->rights->banque->consolidate) { accessforbidden(); } diff --git a/htdocs/compta/bank/line.php b/htdocs/compta/bank/line.php index 05aed6a215e..5567678c366 100644 --- a/htdocs/compta/bank/line.php +++ b/htdocs/compta/bank/line.php @@ -67,7 +67,7 @@ if ($user->socid) { $socid = $user->socid; } $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype); -if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) { +if (empty($user->rights->banque->lire) && !$user->rights->banque->consolidate) { accessforbidden(); } diff --git a/htdocs/compta/bank/list.php b/htdocs/compta/bank/list.php index cd6e6cfd365..ea656141639 100644 --- a/htdocs/compta/bank/list.php +++ b/htdocs/compta/bank/list.php @@ -506,6 +506,8 @@ print "\n"; $totalarray = array(); $totalarray['nbfield'] = 0; +$totalarray['val'] = array('balance'=>0); +$total = array(); $found = 0; $i = 0; $lastcurrencycode = ''; @@ -714,7 +716,11 @@ foreach ($accounts as $key => $type) { print ''; - $total[$objecttmp->currency_code] += $solde; + if (empty($total[$objecttmp->currency_code])) { + $total[$objecttmp->currency_code] = $solde; + } else { + $total[$objecttmp->currency_code] += $solde; + } $i++; } diff --git a/htdocs/compta/bank/various_payment/document.php b/htdocs/compta/bank/various_payment/document.php index 5f55f4c2559..ad199caaf5a 100644 --- a/htdocs/compta/bank/various_payment/document.php +++ b/htdocs/compta/bank/various_payment/document.php @@ -69,6 +69,9 @@ $object->fetch($id, $ref); $upload_dir = $conf->bank->dir_output.'/'.dol_sanitizeFileName($object->id); $modulepart = 'banque'; +$permissiontoadd = $user->rights->banque->modifier; // Used by the include of actions_dellink.inc.php + + /* * Actions diff --git a/htdocs/compta/cashcontrol/cashcontrol_card.php b/htdocs/compta/cashcontrol/cashcontrol_card.php index eebe3e4832f..c7b74abfc39 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_card.php +++ b/htdocs/compta/cashcontrol/cashcontrol_card.php @@ -647,9 +647,10 @@ if (empty($action) || $action == "view" || $action == "close") { print ''; print ''; - print '
'; + print '
>'; print '
'; - print ''; + + print '
'; print '
'; print $langs->trans("DateCreationShort"); @@ -667,7 +668,7 @@ if (empty($action) || $action == "view" || $action == "close") { } print "
\n"; - print '
'; + print '
'; print '
'; diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index 21a6c56689e..89781fcb211 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -22,27 +22,6 @@ * \brief List page for cashcontrol */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/cashcontrol/class/cashcontrol.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; @@ -81,7 +60,7 @@ $pagenext = $page + 1; // Initialize technical objects $object = new CashControl($db); $extrafields = new ExtraFields($db); -$diroutputmassaction = $conf->monmodule->dir_output.'/temp/massgeneration/'.$user->id; +//$diroutputmassaction = $conf->mymodule->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('cashcontrol')); // Note that conf->hooks_modules contains array // Fetch optionals attributes and labels @@ -141,16 +120,16 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = ($user->rights->cashdesk->run || $user->rights->takepos->run); -$permissiontoadd = ($user->rights->cashdesk->run || $user->rights->takepos->run); -$permissiontodelete = ($user->rights->cashdesk->run || $user->rights->takepos->run); +$permissiontoread = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); +$permissiontoadd = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); +$permissiontodelete = (!empty($user->rights->cashdesk->run) || !empty($user->rights->takepos->run)); // Security check if ($user->socid > 0) { // Protection if external user //$socid = $user->socid; accessforbidden(); } -if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) { +if (empty($user->rights->cashdesk->run) && empty($user->rights->takepos->run)) { accessforbidden(); } @@ -223,7 +202,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -341,7 +320,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $ // Output page // -------------------------------------------------------------------- -llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs'); +llxHeader('', $title, $help_url, '', 0, 0, '', '', '', 'classforhorizontalscrolloftabs'); $arrayofselected = is_array($toselect) ? $toselect : array(); diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php index 504e5638abc..b39364690a6 100644 --- a/htdocs/compta/clients.php +++ b/htdocs/compta/clients.php @@ -94,16 +94,16 @@ if ($mode == 'search') { $sql = "SELECT s.rowid, s.nom as name, s.client, s.town, s.datec, s.datea"; $sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id AND s.client in (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (dol_strlen($stcomm)) { diff --git a/htdocs/compta/deplacement/document.php b/htdocs/compta/deplacement/document.php index cdb4b5f0f0f..2a16d6e4f49 100644 --- a/htdocs/compta/deplacement/document.php +++ b/htdocs/compta/deplacement/document.php @@ -42,12 +42,6 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'deplacement', $id, ''); - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; @@ -74,6 +68,14 @@ $object->fetch($id, $ref); $upload_dir = $conf->deplacement->dir_output.'/'.dol_sanitizeFileName($object->ref); $modulepart = 'trip'; +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'deplacement', $id, ''); + +$permissiontoadd = $user->rights->deplacement->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/compta/deplacement/index.php b/htdocs/compta/deplacement/index.php index 12351032b53..d588b7bff80 100644 --- a/htdocs/compta/deplacement/index.php +++ b/htdocs/compta/deplacement/index.php @@ -141,7 +141,7 @@ print ''; -print '
'; +print '
'; $max = 10; @@ -150,7 +150,7 @@ $langs->load("boxes"); $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, d.rowid, d.dated as date, d.tms as dm, d.km, d.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."deplacement as d, ".MAIN_DB_PREFIX."user as u"; -if (!$user->rights->societe->client->voir && !$user->socid) { +if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE u.rowid = d.fk_user"; @@ -158,7 +158,7 @@ $sql .= " AND d.entity = ".$conf->entity; if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) { $sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } -if (!$user->rights->societe->client->voir && !$user->socid) { +if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND d.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -212,7 +212,7 @@ if ($result) { } -print '
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/compta/deplacement/list.php b/htdocs/compta/deplacement/list.php index 428eacbc93a..e7593406ad6 100644 --- a/htdocs/compta/deplacement/list.php +++ b/htdocs/compta/deplacement/list.php @@ -96,7 +96,7 @@ $sql .= " u.lastname, u.firstname"; // Qui $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; $sql .= ", ".MAIN_DB_PREFIX."deplacement as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON d.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE d.fk_user = u.rowid"; @@ -104,7 +104,7 @@ $sql .= " AND d.entity = ".$conf->entity; if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) { $sql .= ' AND d.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id)." OR d.fk_soc IS NULL) "; } if ($socid) { diff --git a/htdocs/compta/deplacement/stats/index.php b/htdocs/compta/deplacement/stats/index.php index edc590119ef..8e4860bd2f2 100644 --- a/htdocs/compta/deplacement/stats/index.php +++ b/htdocs/compta/deplacement/stats/index.php @@ -163,7 +163,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; @@ -302,7 +302,7 @@ foreach ($data as $val) { print ''; print ''; -print '
'; +print '
'; // Show graphs @@ -319,7 +319,7 @@ if ($mesg) { print ''; -print '
'; +print ''; print '
'; diff --git a/htdocs/compta/facture/card-rec.php b/htdocs/compta/facture/card-rec.php index 28143d0340a..fe534e3dd82 100644 --- a/htdocs/compta/facture/card-rec.php +++ b/htdocs/compta/facture/card-rec.php @@ -1443,7 +1443,6 @@ if ($action == 'create') { print ''; print '
'; - print '
'; print '
'; @@ -1591,7 +1590,6 @@ if ($action == 'create') { print '
'; } - print '
'; print '
'; print ''; diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index c71f022d2dc..602757522b2 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -4093,6 +4093,8 @@ if ($action == 'create') { $i++; $close[$i]['code'] = 'badcustomer'; $i++; + $close[$i]['code'] = 'bankcharge'; + $i++; $close[$i]['code'] = 'other'; $i++; // Help @@ -4101,6 +4103,8 @@ if ($action == 'create') { $i++; $close[$i]['label'] = $langs->trans("ConfirmClassifyPaidPartiallyReasonBadCustomerDesc"); $i++; + $close[$i]['label'] = $langs->trans("ConfirmClassifyPaidPartiallyReasonBankChargeDesc"); + $i++; $close[$i]['label'] = $langs->trans("Other"); $i++; // Texte @@ -4109,6 +4113,8 @@ if ($action == 'create') { $i++; $close[$i]['reason'] = $form->textwithpicto($langs->transnoentities("ConfirmClassifyPaidPartiallyReasonBadCustomer", $resteapayer, $langs->trans("Currency".$conf->currency)), $close[$i]['label'], 1); $i++; + $close[$i]['reason'] = $form->textwithpicto($langs->transnoentities("ConfirmClassifyPaidPartiallyReasonBankCharge", $resteapayer, $langs->trans("Currency".$conf->currency)), $close[$i]['label'], 1); + $i++; $close[$i]['reason'] = $form->textwithpicto($langs->transnoentities("Other"), $close[$i]['label'], 1); $i++; // arrayreasons[code]=reason @@ -4634,7 +4640,6 @@ if ($action == 'create') { print ''; print '
'; - print '
'; print ''."\n"; print ''; @@ -5196,7 +5201,6 @@ if ($action == 'create') { $formmargin->displayMarginInfos($object); } - print ''; print ''; print ''; @@ -5607,14 +5611,14 @@ if ($action == 'create') { print showOnlinePaymentUrl('invoice', $object->ref).'
'; } - print '
'; + print '
'; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'invoice', $socid, 1); - print '
'; + print ''; } diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 4b49c88f8ca..90641062b40 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -4055,16 +4055,16 @@ class Facture extends CommonInvoice $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " f.rowid as fid, f.ref as ref, f.datef as df"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('invoice').")"; $sql .= " AND f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -4254,7 +4254,7 @@ class Facture extends CommonInvoice $sql = "SELECT f.rowid, f.date_lim_reglement as datefin,f.fk_statut, f.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -4501,7 +4501,7 @@ class Facture extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/compta/facture/class/facturestats.class.php b/htdocs/compta/facture/class/facturestats.class.php index 1e6457104ea..a54cd1a6668 100644 --- a/htdocs/compta/facture/class/facturestats.class.php +++ b/htdocs/compta/facture/class/facturestats.class.php @@ -85,7 +85,7 @@ class FactureStats extends Stats $this->where = " f.fk_statut >= 0"; $this->where .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($mode == 'customer') { @@ -129,7 +129,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -155,7 +155,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%Y') as dm, COUNT(*), SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -180,7 +180,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -206,7 +206,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -229,7 +229,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -253,7 +253,7 @@ class FactureStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -281,7 +281,7 @@ class FactureStats extends Stats $startYear = $endYear - $numberYears; $sql = "SELECT date_format(datef,'%Y') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/compta/facture/index.php b/htdocs/compta/facture/index.php index 790b9d334c3..0a526e39e1e 100644 --- a/htdocs/compta/facture/index.php +++ b/htdocs/compta/facture/index.php @@ -73,7 +73,6 @@ if ($tmp) { print ''; print '
'; -print '
'; $tmp = getCustomerInvoiceLatestEditTable($maxLatestEditCount, $socid); if ($tmp) { @@ -87,7 +86,6 @@ if ($tmp) { print '
'; } -print '
'; print '
'; print ''; diff --git a/htdocs/compta/facture/invoicetemplate_list.php b/htdocs/compta/facture/invoicetemplate_list.php index e5c7fdafd0c..12f554f4c5c 100644 --- a/htdocs/compta/facture/invoicetemplate_list.php +++ b/htdocs/compta/facture/invoicetemplate_list.php @@ -291,12 +291,12 @@ $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture_rec_extrafields as ef ON ef.fk_object = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 852589dbd1a..84ad5bd0f31 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -116,7 +116,7 @@ $search_date_startyear = GETPOST('search_date_startyear', 'int'); $search_date_endday = GETPOST('search_date_endday', 'int'); $search_date_endmonth = GETPOST('search_date_endmonth', 'int'); $search_date_endyear = GETPOST('search_date_endyear', 'int'); -$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver +$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver $search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); $search_date_valid_startday = GETPOST('search_date_valid_startday', 'int'); $search_date_valid_startmonth = GETPOST('search_date_valid_startmonth', 'int'); @@ -124,7 +124,7 @@ $search_date_valid_startyear = GETPOST('search_date_valid_startyear', 'int'); $search_date_valid_endday = GETPOST('search_date_valid_endday', 'int'); $search_date_valid_endmonth = GETPOST('search_date_valid_endmonth', 'int'); $search_date_valid_endyear = GETPOST('search_date_valid_endyear', 'int'); -$search_date_valid_start = dol_mktime(0, 0, 0, $search_date_valid_startmonth, $search_date_valid_startday, $search_date_valid_startyear); // Use tzserver +$search_date_valid_start = dol_mktime(0, 0, 0, $search_date_valid_startmonth, $search_date_valid_startday, $search_date_valid_startyear); // Use tzserver $search_date_valid_end = dol_mktime(23, 59, 59, $search_date_valid_endmonth, $search_date_valid_endday, $search_date_valid_endyear); $search_datelimit_startday = GETPOST('search_datelimit_startday', 'int'); $search_datelimit_startmonth = GETPOST('search_datelimit_startmonth', 'int'); @@ -242,10 +242,10 @@ $arrayfields = array( 'f.multicurrency_total_ttc'=>array('label'=>'MulticurrencyAmountTTC', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>292), 'multicurrency_dynamount_payed'=>array('label'=>'MulticurrencyAlreadyPaid', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>295), 'multicurrency_rtp'=>array('label'=>'MulticurrencyRemainderToPay', 'checked'=>0, 'enabled'=>(empty($conf->multicurrency->enabled) ? 0 : 1), 'position'=>296), // Not enabled by default because slow - 'total_pa' => array('label' => ($conf->global->MARGIN_TYPE == '1' ? 'BuyingPrice' : 'CostPrice'), 'checked' => 0, 'position' => 300, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous ? 0 : 1)), - 'total_margin' => array('label' => 'Margin', 'checked' => 0, 'position' => 301, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous ? 0 : 1)), - 'total_margin_rate' => array('label' => 'MarginRate', 'checked' => 0, 'position' => 302, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARGIN_RATES) ? 0 : 1)), - 'total_mark_rate' => array('label' => 'MarkRate', 'checked' => 0, 'position' => 303, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARK_RATES) ? 0 : 1)), + 'total_pa' => array('label' => ($conf->global->MARGIN_TYPE == '1' ? 'BuyingPrice' : 'CostPrice'), 'checked' => 0, 'position' => 300, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) ? 0 : 1)), + 'total_margin' => array('label' => 'Margin', 'checked' => 0, 'position' => 301, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) ? 0 : 1)), + 'total_margin_rate' => array('label' => 'MarginRate', 'checked' => 0, 'position' => 302, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) || empty($conf->global->DISPLAY_MARGIN_RATES) ? 0 : 1)), + 'total_mark_rate' => array('label' => 'MarkRate', 'checked' => 0, 'position' => 303, 'enabled' => (empty($conf->margin->enabled) || empty($user->rights->margins->liretous) || empty($conf->global->DISPLAY_MARK_RATES) ? 0 : 1)), 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>502), 'f.note_public'=>array('label'=>'NotePublic', 'checked'=>0, 'position'=>510, 'enabled'=>(empty($conf->global->MAIN_LIST_ALLOW_PUBLIC_NOTES))), @@ -380,11 +380,11 @@ if ($action == 'makepayment_confirm' && $user->rights->facture->paiement) { require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php'; $arrayofselected = is_array($toselect) ? $toselect : array(); if (!empty($arrayofselected)) { - $bankid=GETPOST('bankid', 'int'); - $paiementid=GETPOST('paiementid', 'int'); - $paiementdate=dol_mktime(12, 0, 0, GETPOST('datepaimentmonth', 'int'), GETPOST('datepaimentday', 'int'), GETPOST('datepaimentyear', 'year')); + $bankid = GETPOST('bankid', 'int'); + $paiementid = GETPOST('paiementid', 'int'); + $paiementdate = dol_mktime(12, 0, 0, GETPOST('datepaimentmonth', 'int'), GETPOST('datepaimentday', 'int'), GETPOST('datepaimentyear', 'year')); foreach ($arrayofselected as $toselectid) { - $errorpayment=0; + $errorpayment = 0; $facture = new Facture($db); $result = $facture->fetch($toselectid); if ($result < 0) { @@ -397,7 +397,7 @@ if ($action == 'makepayment_confirm' && $user->rights->facture->paiement) { $totaldeposits = $facture->getSumDepositsUsed(); $totalpay = $paiementAmount + $totalcreditnotes + $totaldeposits; $remaintopay = price2num($facture->total_ttc - $totalpay); - if ($remaintopay!=0) { + if ($remaintopay != 0) { $resultBank = $facture->setBankAccount($bankid); if ($resultBank < 0) { setEventMessage($facture->error, 'errors'); @@ -410,12 +410,12 @@ if ($action == 'makepayment_confirm' && $user->rights->facture->paiement) { $paiement->paiementid = $paiementid; $paiement_id = $paiement->create($user, 1, $facture->thirdparty); if ($paiement_id < 0) { - setEventMessage($facture->ref . ' ' . $paiement->error, 'errors'); + setEventMessage($facture->ref.' '.$paiement->error, 'errors'); $errorpayment++; } else { $result = $paiement->addPaymentToBank($user, 'payment', '', $bankid, '', ''); if ($result < 0) { - setEventMessages($facture->ref . ' ' . $paiement->error, $paiement->errors, 'errors'); + setEventMessages($facture->ref.' '.$paiement->error, $paiement->errors, 'errors'); $errorpayment++; } } @@ -555,7 +555,7 @@ $sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as u if (!$sall) { $sql .= ', SUM(pf.amount) as dynamount_payed, SUM(pf.multicurrency_amount) as multicurrency_dynamount_payed'; } -if ($search_categ_cus && $search_categ_cus!=-1) { +if ($search_categ_cus && $search_categ_cus != -1) { $sql .= ", cc.fk_categorie, cc.fk_soc"; } // Add fields from extrafields @@ -592,7 +592,7 @@ if ($search_product_category > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = f.fk_projet"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user AS u ON f.fk_user_author = u.rowid'; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -606,7 +606,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_product_category > 0) { @@ -801,7 +801,7 @@ if (!$sall) { $sql .= ' country.code,'; $sql .= " p.rowid, p.ref, p.title,"; $sql .= " u.login, u.lastname, u.firstname, u.email, u.statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender"; - if ($search_categ_cus && $search_categ_cus!=-1) { + if ($search_categ_cus && $search_categ_cus != -1) { $sql .= ", cc.fk_categorie, cc.fk_soc"; } // Add fields from extrafields @@ -821,7 +821,7 @@ if (!$sall) { // Add HAVING from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListHaving', $parameters, $object); // Note that $action and $object may have been modified by hook -$sql .= !empty($hookmanager->resPrint) ? (" HAVING 1=1 " . $hookmanager->resPrint) : ""; +$sql .= !empty($hookmanager->resPrint) ? (" HAVING 1=1 ".$hookmanager->resPrint) : ""; $sql .= ' ORDER BY '; $listfield = explode(',', $sortfield); @@ -914,7 +914,7 @@ if ($resql) { if ($search_date_valid_endyear) { $param .= '&search_date_valid_endyear='.urlencode($search_date_valid_endyear); } - if ($search_datelimit_startday) { + if ($search_datelimit_startday) { $param .= '&search_datelimit_startday='.urlencode($search_datelimit_startday); } if ($search_datelimit_startmonth) { @@ -1059,7 +1059,7 @@ if ($resql) { $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); } } - if (in_array($massaction, array('presend', 'predelete' ,'makepayment'))) { + if (in_array($massaction, array('presend', 'predelete', 'makepayment'))) { $arrayofmassactions = array(); } $massactionbutton = $form->selectMassAction('', $arrayofmassactions); @@ -1097,7 +1097,7 @@ if ($resql) { $trackid = 'inv'.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php'; - if ($massaction=='makepayment') { + if ($massaction == 'makepayment') { $formconfirm = ''; $formquestion = array( // 'text' => $langs->trans("ConfirmClone"), @@ -1719,7 +1719,13 @@ if ($resql) { print 'ref)); + print 'parent.place=\''.$place.'\''; + } + print '});"'; } print '>'; diff --git a/htdocs/compta/facture/prelevement.php b/htdocs/compta/facture/prelevement.php index 084d24ebfdb..c49d98baafe 100644 --- a/htdocs/compta/facture/prelevement.php +++ b/htdocs/compta/facture/prelevement.php @@ -71,7 +71,7 @@ $hookmanager->initHooks(array('directdebitcard', 'globalcard')); if ($type == 'bank-transfer') { $result = restrictedArea($user, 'fournisseur', $id, 'facture_fourn', 'facture', 'fk_soc', $fieldid, $isdraft); - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } } else { @@ -607,7 +607,6 @@ if ($object->id > 0) { print ''; print '
'; - print '
'; print '
'; print '
'; @@ -672,7 +671,6 @@ if ($object->id > 0) { print '
'; - print '
'; print '
'; print ''; diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index a8228e29d2a..babadfe7366 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -46,7 +46,7 @@ $mode = GETPOST("mode") ? GETPOST("mode") : 'customer'; if ($mode == 'customer' && !$user->rights->facture->lire) { accessforbidden(); } -if ($mode == 'supplier' && !$user->rights->fournisseur->facture->lire) { +if ($mode == 'supplier' && empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } @@ -192,7 +192,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; @@ -392,7 +392,7 @@ foreach ($data as $val) { print ''; print ''; -print '
'; +print '
'; // Show graphs @@ -409,7 +409,7 @@ if ($mesg) { print ''; -print '
'; +print ''; print '
'; diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 7f3865906c8..332f68c1293 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -112,7 +112,7 @@ print getCustomerInvoiceDraftTable($max, $socid); print '
'; print getDraftSupplierTable($max, $socid); -print '
'; +print '
'; // Latest modified customer invoices @@ -129,12 +129,12 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays, ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -279,12 +279,12 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= ", SUM(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -589,7 +589,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user $sql .= ", c.rowid, c.ref, c.facture, c.fk_statut as status, c.total_ht, c.total_tva, c.total_ttc,"; $sql .= " cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."commande as c"; @@ -597,7 +597,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture AS f ON el.fk_target = f.rowid AND el.targettype = 'facture'"; $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -749,7 +749,7 @@ if ($resql) { } -print '
'; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardAccountancy', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/compta/localtax/card.php b/htdocs/compta/localtax/card.php index e2a96f4fb5b..35c6aa399fe 100644 --- a/htdocs/compta/localtax/card.php +++ b/htdocs/compta/localtax/card.php @@ -64,7 +64,7 @@ if ($cancel && !$id) { exit; } -if ($action == 'add' && $cancel) { +if ($action == 'add' && !$cancel) { $db->begin(); $datev = dol_mktime(12, 0, 0, GETPOST("datevmonth"), GETPOST("datevday"), GETPOST("datevyear")); diff --git a/htdocs/compta/localtax/index.php b/htdocs/compta/localtax/index.php index f9ea0ac02d9..234073cdb38 100644 --- a/htdocs/compta/localtax/index.php +++ b/htdocs/compta/localtax/index.php @@ -568,8 +568,7 @@ print ''; print ''; -print '
'; - +print '
'; /* diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 0f49b8d5823..2740b09427a 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -131,7 +131,7 @@ if (empty($reshook)) { } elseif (substr($key, 0, 21) == 'multicurrency_amount_') { $cursorfacid = substr($key, 21); $multicurrency_amounts[$cursorfacid] = price2num(GETPOST($key)); - $multicurrency_totalpayment += $multicurrency_amounts[$cursorfacid]; + $multicurrency_totalpayment += floatval($multicurrency_amounts[$cursorfacid]); if (!empty($multicurrency_amounts[$cursorfacid])) { $atleastonepaymentnotnull++; } diff --git a/htdocs/compta/paiement/cheque/index.php b/htdocs/compta/paiement/cheque/index.php index 8bde7fac19e..e4aad2c5bf4 100644 --- a/htdocs/compta/paiement/cheque/index.php +++ b/htdocs/compta/paiement/cheque/index.php @@ -83,7 +83,7 @@ if ($resql) { } -print '
'; +print '
'; $max = 10; @@ -145,7 +145,7 @@ if ($resql) { } -print '
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php index 59aae0a4015..f5160c51757 100644 --- a/htdocs/compta/paiement/list.php +++ b/htdocs/compta/paiement/list.php @@ -201,11 +201,11 @@ if (GETPOST("orphelins", "alpha")) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE p.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { diff --git a/htdocs/compta/paiement/rapport.php b/htdocs/compta/paiement/rapport.php index 492404a9380..cf02c2aeb74 100644 --- a/htdocs/compta/paiement/rapport.php +++ b/htdocs/compta/paiement/rapport.php @@ -39,7 +39,7 @@ if ($user->socid > 0) { } $dir = $conf->facture->dir_output.'/payments'; -if (!$user->rights->societe->client->voir || $socid) { +if (empty($user->rights->societe->client->voir) || $socid) { $dir .= '/private/'.$user->id; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/compta/paymentbybanktransfer/index.php b/htdocs/compta/paymentbybanktransfer/index.php index 009f99fccf1..b939c59a053 100644 --- a/htdocs/compta/paymentbybanktransfer/index.php +++ b/htdocs/compta/paymentbybanktransfer/index.php @@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,"; $sql .= " s.nom as name, s.email, s.rowid as socid, s.tva_intra"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; @@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) { $sql .= " AND pfd.traite = 0"; $sql .= " AND pfd.ext_payment_id IS NULL"; $sql .= " AND pfd.fk_facture_fourn = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -174,7 +174,7 @@ if ($resql) { } -print '
'; +print '
'; /* @@ -233,7 +233,7 @@ if ($result) { } -print '
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index cb10e9248f1..5ac0c07ede7 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -137,12 +137,12 @@ if ($type != 'bank-transfer') { } $sql .= " ".MAIN_DB_PREFIX."societe as s,"; $sql .= " ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php index 93f2305c60f..92ae9b827e0 100644 --- a/htdocs/compta/prelevement/index.php +++ b/htdocs/compta/prelevement/index.php @@ -98,7 +98,7 @@ $sql .= " pfd.date_demande, pfd.amount,"; $sql .= " s.nom as name, s.email, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; @@ -111,7 +111,7 @@ if (empty($conf->global->WITHDRAWAL_ALLOW_ANY_INVOICE_STATUS)) { $sql .= " AND pfd.traite = 0"; $sql .= " AND pfd.ext_payment_id IS NULL"; $sql .= " AND pfd.fk_facture = f.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -174,7 +174,7 @@ if ($resql) { } -print '
'; +print '
'; /* @@ -235,7 +235,7 @@ if ($result) { } -print '
'; +print ''; // End of page llxFooter(); diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index f2f192271ac..b5aca49aaae 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -9,6 +9,7 @@ * Copyright (C) 2014 Florian Henry * Copyright (C) 2018 Frédéric France * Copyright (C) 2020 Maxime DEMAREST + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -33,6 +34,7 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/sociales/class/chargesociales.class.php'; +require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/report.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/tax.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -366,7 +368,7 @@ if ($modecompta == 'BOOKKEEPING') { } } else { /* - * Factures clients + * Customer invoices */ print ''.$langs->trans("CustomersInvoices").''; @@ -386,8 +388,8 @@ if ($modecompta == 'BOOKKEEPING') { } } elseif ($modecompta == 'RECETTES-DEPENSES') { /* - * Liste des paiements (les anciens paiements ne sont pas vus par cette requete car, sur les - * vieilles versions, ils n'etaient pas lies via paiement_facture. On les ajoute plus loin) + * List of payments (old payments are not seen by this query because, on older versions, they were not linked via payment_invoice. + * old versions, they were not linked via payment_invoice. They are added later) */ $sql = "SELECT s.nom as name, s.rowid as socid, sum(pf.amount) as amount_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; @@ -434,7 +436,7 @@ if ($modecompta == 'BOOKKEEPING') { dol_print_error($db); } - // On ajoute les paiements clients anciennes version, non lie par paiement_facture + // We add the old customer payments, not linked by payment_invoice if ($modecompta == 'RECETTES-DEPENSES') { $sql = "SELECT 'Autres' as name, '0' as idp, sum(p.amount) as amount_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."bank as b"; @@ -673,7 +675,7 @@ if ($modecompta == 'BOOKKEEPING') { /* - * Charges sociales non deductibles + * Social / Fiscal contributions who are not deductible */ print ''.$langs->trans("SocialContributionsNondeductibles").''; @@ -760,7 +762,7 @@ if ($modecompta == 'BOOKKEEPING') { /* - * Charges sociales deductibles + * Social / Fiscal contributions who are deductible */ print ''.$langs->trans("SocialContributionsDeductibles").''; @@ -860,15 +862,27 @@ if ($modecompta == 'BOOKKEEPING') { $column = 'p.datep'; } - $sql = "SELECT u.rowid, u.firstname, u.lastname, p.fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; + $sql = "SELECT u.rowid, u.firstname, u.lastname, s.fk_user as fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."salary as s ON s.rowid=p.fk_salary"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=s.fk_user"; + $sql .= " WHERE p.entity IN (".getEntity('payment_salary').")"; + if (!empty($date_start) && !empty($date_end)) { + $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; + } + $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, s.fk_user, p.label, dm"; + + // For backward compatibility with old module salary + $sql .= " UNION "; + $sql .= " SELECT u.rowid, u.firstname, u.lastname, p.fk_user as fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=p.fk_user"; $sql .= " WHERE p.entity IN (".getEntity('payment_salary').")"; if (!empty($date_start) && !empty($date_end)) { $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; } - $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, p.fk_user, p.label, dm"; + $newsortfield = $sortfield; if ($newsortfield == 's.nom, s.rowid') { $newsortfield = 'u.firstname, u.lastname'; @@ -900,7 +914,10 @@ if ($modecompta == 'BOOKKEEPING') { print ' '; - print "".$langs->trans("Salary")." fk_user."\">".$obj->firstname." ".$obj->lastname."\n"; + $userstatic = new User($db); + $userstatic->fetch($obj->fk_user); + + print "".$langs->trans("Salary")." getFullName($langs))."\">".$obj->firstname." ".$obj->lastname."\n"; if ($modecompta == 'CREANCES-DETTES') { print ''.price(-$obj->amount).''; @@ -931,7 +948,7 @@ if ($modecompta == 'BOOKKEEPING') { /* - * Expense + * Expense report */ if (!empty($conf->expensereport->enabled)) { @@ -1087,7 +1104,7 @@ if ($modecompta == 'BOOKKEEPING') { } /* - * Payement Loan + * Payment Loan */ if (!empty($conf->global->ACCOUNTING_REPORTS_INCLUDE_LOAN) && !empty($conf->loan->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecompta == "RECETTES-DEPENSES")) { @@ -1208,7 +1225,7 @@ if ($modecompta == 'BOOKKEEPING') { print ''.price($amount)."\n"; print "\n"; - // VAT to retreive + // VAT to retrieve $amount = 0; $sql = "SELECT date_format(f.datef,'%Y-%m') as dm, sum(f.total_tva) as amount"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; diff --git a/htdocs/compta/sociales/card.php b/htdocs/compta/sociales/card.php index 1223ad3ec36..e7e9840af61 100644 --- a/htdocs/compta/sociales/card.php +++ b/htdocs/compta/sociales/card.php @@ -612,7 +612,6 @@ if ($id > 0) { print ''; print '
'; - print '
'; $nbcols = 3; if (!empty($conf->banque->enabled)) { @@ -722,7 +721,6 @@ if ($id > 0) { dol_print_error($db); } - print '
'; print '
'; print ''; diff --git a/htdocs/compta/sociales/document.php b/htdocs/compta/sociales/document.php index 1fbfdfa296a..d0cf3a1f34c 100644 --- a/htdocs/compta/sociales/document.php +++ b/htdocs/compta/sociales/document.php @@ -78,6 +78,8 @@ if ($user->socid) { } $result = restrictedArea($user, 'tax', $object->id, 'chargesociales', 'charges'); +$permissiontoadd = $user->rights->tax->charges->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/compta/tva/card.php b/htdocs/compta/tva/card.php index 83740385f2b..4264f786d3a 100755 --- a/htdocs/compta/tva/card.php +++ b/htdocs/compta/tva/card.php @@ -614,7 +614,6 @@ if ($id) { print ''; print '
'; - print '
'; $nbcols = 3; if (!empty($conf->banque->enabled)) { @@ -717,7 +716,6 @@ if ($id) { dol_print_error($db); } - print '
'; print '
'; print ''; diff --git a/htdocs/compta/tva/document.php b/htdocs/compta/tva/document.php index e2f0dcec96d..67de87d0c21 100644 --- a/htdocs/compta/tva/document.php +++ b/htdocs/compta/tva/document.php @@ -79,6 +79,8 @@ if ($user->socid) { } $result = restrictedArea($user, 'tax', '', 'tva', 'charges'); +$permissiontoadd = $user->rights->tax->charges->creer; // Used by the include of actions_dellink.inc.php + /* * Actions @@ -86,7 +88,7 @@ $result = restrictedArea($user, 'tax', '', 'tva', 'charges'); include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; -if ($action == 'setlib' && $user->rights->tax->charges->creer) { +if ($action == 'setlib' && $permissiontoadd) { $object->fetch($id); $result = $object->setValueFrom('label', GETPOST('lib', 'alpha'), '', '', 'text', '', $user, 'TAX_MODIFY'); if ($result < 0) { diff --git a/htdocs/compta/tva/index.php b/htdocs/compta/tva/index.php index e1ac3f96a2d..fed0cf209c1 100644 --- a/htdocs/compta/tva/index.php +++ b/htdocs/compta/tva/index.php @@ -514,7 +514,7 @@ if ($refresh === true) { print ''; - print '
'; + print '
'; /* @@ -544,7 +544,7 @@ if ($refresh === true) { pt($db, $sql, $langs->trans("Month")); - print '
'; + print ''; } llxFooter(); diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 8ae2deae1cf..9e9895444b8 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -296,7 +296,7 @@ if (empty($reshook)) { if (empty($error) && $id > 0) { $db->commit(); if (!empty($backtopage)) { - $url = $backtopage; + $url = str_replace('__ID__', $id, $backtopage); } else { $url = 'card.php?id='.$id; } @@ -545,8 +545,8 @@ $formcompany = new FormCompany($db); $countrynotdefined = $langs->trans("ErrorSetACountryFirst").' ('.$langs->trans("SeeAbove").')'; +$objsoc = new Societe($db); if ($socid > 0) { - $objsoc = new Societe($db); $objsoc->fetch($socid); } @@ -1381,10 +1381,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } } - print '
'; + print '
'; print '
'; - print ''; + print '
'; // Categories if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { @@ -1462,7 +1462,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "
"; - print '
'; + print ''; print '
'; print dol_get_fiche_end(); @@ -1518,7 +1518,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($action != 'presend') { print '
'; - print '
'; + print '
'; $MAXEVENT = 10; @@ -1529,7 +1529,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'contact', $object->socid, 1, '', $MAXEVENT, '', $morehtmlright); // Show all action for thirdparty - print '
'; + print ''; } // Presend form diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 5dec2ade61e..fa1dfb93c7a 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -383,7 +383,7 @@ class Contact extends CommonObject $sql = "SELECT count(sp.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as sp"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE sp.fk_soc = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); diff --git a/htdocs/contact/document.php b/htdocs/contact/document.php index 3005c6b7827..1870e7b8d9c 100644 --- a/htdocs/contact/document.php +++ b/htdocs/contact/document.php @@ -49,12 +49,6 @@ if (!empty($canvas)) { $objcanvas->getCanvas('contact', 'contactcard', $canvas); } -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -91,6 +85,15 @@ $modulepart = 'contact'; // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('contactdocument')); +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission + +$permissiontoadd = $user->rights->societe->contact->creer; // Used by the include of actions_dellink.inc.php + + /* * Actions */ diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 71e888540b2..e005d6cfb1e 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -386,11 +386,11 @@ if (!empty($search_categ_thirdparty) && $search_categ_thirdparty != '-1') { if (!empty($search_categ_supplier) && $search_categ_supplier != '-1') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_fournisseur as cs2 ON s.rowid = cs2.fk_soc"; // We need this table joined to the select in order to filter by categ } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= ' WHERE p.entity IN ('.getEntity('socpeople').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND (sc.fk_user = ".((int) $user->id)." OR p.fk_soc IS NULL)"; } if (!empty($userid)) { // propre au commercial diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index 9d8cdb78912..f30ff3ead4c 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -2137,7 +2137,7 @@ if ($action == 'create') { $linktoelem = $form->showLinkToObjectBlock($object, null, array('contrat')); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
'; + print '
'; $MAXEVENT = 10; @@ -2148,7 +2148,7 @@ if ($action == 'create') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'contract', $socid, 1, 'listactions', $MAXEVENT, '', $morehtmlcenter); - print '
'; + print ''; } // Presend form diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index a23a620359e..fe8edd30ea4 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -1729,85 +1729,77 @@ class Contrat extends CommonObject } } - $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet set description='".$this->db->escape($desc)."'"; - $sql .= ",price_ht='".price2num($price)."'"; - $sql .= ",subprice='".price2num($subprice)."'"; - $sql .= ",remise='".price2num($remise)."'"; - $sql .= ",remise_percent='".price2num($remise_percent)."'"; - $sql .= ",qty='".$qty."'"; - $sql .= ",tva_tx='".price2num($tvatx)."'"; - $sql .= ",localtax1_tx='".price2num($localtax1tx)."'"; - $sql .= ",localtax2_tx='".price2num($localtax2tx)."'"; - $sql .= ",localtax1_type='".$this->db->escape($localtax1_type)."'"; - $sql .= ",localtax2_type='".$this->db->escape($localtax2_type)."'"; - $sql .= ", total_ht='".price2num($total_ht)."'"; - $sql .= ", total_tva='".price2num($total_tva)."'"; - $sql .= ", total_localtax1='".price2num($total_localtax1)."'"; - $sql .= ", total_localtax2='".price2num($total_localtax2)."'"; - $sql .= ", total_ttc='".price2num($total_ttc)."'"; + $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet set description = '".$this->db->escape($desc)."'"; + $sql .= ",price_ht = ".((float) price2num($price)); + $sql .= ",subprice = ".((float) price2num($subprice)); + $sql .= ",remise = ".((float) price2num($remise)); + $sql .= ",remise_percent = ".((float) price2num($remise_percent)); + $sql .= ",qty = ".((float) $qty); + $sql .= ",tva_tx = ".((float) price2num($tvatx)); + $sql .= ",localtax1_tx = ".((float) price2num($localtax1tx)); + $sql .= ",localtax2_tx = ".((float) price2num($localtax2tx)); + $sql .= ",localtax1_type='".$this->db->escape($localtax1_type); + $sql .= ",localtax2_type='".$this->db->escape($localtax2_type); + $sql .= ", total_ht = ".((float) price2num($total_ht)); + $sql .= ", total_tva = ".((float) price2num($total_tva)); + $sql .= ", total_localtax1 = ".((float) price2num($total_localtax1)); + $sql .= ", total_localtax2 = ".((float) price2num($total_localtax2)); + $sql .= ", total_ttc = ".((float) price2num($total_ttc)); $sql .= ", fk_product_fournisseur_price=".($fk_fournprice > 0 ? $fk_fournprice : "null"); - $sql .= ", buy_price_ht='".price2num($pa_ht)."'"; + $sql .= ", buy_price_ht = ".((float) price2num($pa_ht)); if ($date_start > 0) { - $sql .= ",date_ouverture_prevue='".$this->db->idate($date_start)."'"; + $sql .= ",date_ouverture_prevue = '".$this->db->idate($date_start)."'"; } else { - $sql .= ",date_ouverture_prevue=null"; + $sql .= ",date_ouverture_prevue = null"; } if ($date_end > 0) { - $sql .= ",date_fin_validite='".$this->db->idate($date_end)."'"; + $sql .= ",date_fin_validite = '".$this->db->idate($date_end)."'"; } else { - $sql .= ",date_fin_validite=null"; + $sql .= ",date_fin_validite = null"; } if ($date_debut_reel > 0) { - $sql .= ",date_ouverture='".$this->db->idate($date_debut_reel)."'"; + $sql .= ",date_ouverture = '".$this->db->idate($date_debut_reel)."'"; } else { - $sql .= ",date_ouverture=null"; + $sql .= ",date_ouverture = null"; } if ($date_fin_reel > 0) { - $sql .= ",date_cloture='".$this->db->idate($date_fin_reel)."'"; + $sql .= ",date_cloture = '".$this->db->idate($date_fin_reel)."'"; } else { - $sql .= ",date_cloture=null"; + $sql .= ",date_cloture = null"; } - $sql .= ", fk_unit=".($fk_unit ? "'".$this->db->escape($fk_unit)."'" : "null"); + $sql .= ", fk_unit = ".($fk_unit > 0 ? ((int) $fk_unit) : "null"); $sql .= " WHERE rowid = ".((int) $rowid); dol_syslog(get_class($this)."::updateline", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { - $result = $this->update_statut($user); - if ($result >= 0) { - if (is_array($array_options) && count($array_options) > 0) { // For avoid conflicts if trigger used - $contractline = new ContratLigne($this->db); - $contractline->fetch($rowid); - $contractline->fetch_optionals(); + if (is_array($array_options) && count($array_options) > 0) { // For avoid conflicts if trigger used + $contractline = new ContratLigne($this->db); + $contractline->fetch($rowid); - // We replace values in $contractline->array_options only for entries defined into $array_options - foreach ($array_options as $key => $value) { - $contractline->array_options[$key] = $array_options[$key]; - } - - $result = $contractline->insertExtraFields(); - if ($result < 0) { - $this->error[] = $contractline->error; - $error++; - } + // We replace values in $contractline->array_options only for entries defined into $array_options + foreach ($array_options as $key => $value) { + $contractline->array_options[$key] = $array_options[$key]; } - if (empty($error)) { - // Call trigger - $result = $this->call_trigger('LINECONTRACT_UPDATE', $user); - if ($result < 0) { - $this->db->rollback(); - return -3; - } - // End call triggers - - $this->db->commit(); - return 1; + $result = $contractline->insertExtraFields(); + if ($result < 0) { + $this->error[] = $contractline->error; + $error++; } - } else { - $this->db->rollback(); - dol_syslog(get_class($this)."::updateline Erreur -2"); - return -2; + } + + if (empty($error)) { + // Call trigger + $result = $this->call_trigger('LINECONTRACT_UPDATE', $user); + if ($result < 0) { + $this->db->rollback(); + return -3; + } + // End call triggers + + $this->db->commit(); + return 1; } } else { $this->db->rollback(); @@ -2187,7 +2179,7 @@ class Contrat extends CommonObject $this->from = " FROM ".MAIN_DB_PREFIX."contrat as c"; $this->from .= ", ".MAIN_DB_PREFIX."contratdet as cd"; $this->from .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $this->from .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -2218,7 +2210,7 @@ class Contrat extends CommonObject if ($user->socid) { $sql .= " AND c.fk_soc = ".((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2286,7 +2278,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -2545,7 +2537,7 @@ class Contrat extends CommonObject if (!$error) { foreach ($this->lines as $line) { - $result = $clonedObj->addline($line->desc, $line->subprice, $line->qty, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->fk_product, $line->remise_percent, $line->date_ouverture, $line->date_cloture, 'HT', 0, $line->info_bits, $line->fk_fournprice, $line->pa_ht, $line->array_options, $line->fk_unit); + $result = $clonedObj->addline($line->description, $line->subprice, $line->qty, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->fk_product, $line->remise_percent, $line->date_ouverture, $line->date_cloture, 'HT', 0, $line->info_bits, $line->fk_fournprice, $line->pa_ht, $line->array_options, $line->fk_unit); if ($result < 0) { $error++; $this->error = $clonedObj->error; diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php index 690b5432a1b..c54823ee142 100644 --- a/htdocs/contrat/document.php +++ b/htdocs/contrat/document.php @@ -84,6 +84,8 @@ $modulepart = 'contract'; // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('contractcard', 'globalcard')); +$permissiontoadd = $user->rights->contrat->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index b85cda094f3..99739260b36 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -92,7 +92,7 @@ $vals = array(); $sql = "SELECT count(cd.rowid) as nb, cd.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; @@ -101,7 +101,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cd.statut"; @@ -129,7 +129,7 @@ if ($resql) { $sql = "SELECT count(cd.rowid) as nb, cd.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; @@ -138,7 +138,7 @@ $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cd.statut"; @@ -240,13 +240,13 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) { $sql = "SELECT c.rowid, c.ref,"; $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = c.fk_soc"; $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND c.statut = 0"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -298,7 +298,7 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) { } -print '
'; +print '
'; // Last modified contracts @@ -311,7 +311,7 @@ $sql .= " sum(".$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NOT NULL AN $sql .= " sum(".$db->ifsql("cd.statut=5", 1, 0).') as nb_closed,'; $sql .= " c.rowid as cid, c.ref, c.datec, c.tms, c.statut, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."contrat as c"; @@ -319,7 +319,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contra $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND c.statut > 0"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -386,7 +386,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -394,7 +394,7 @@ $sql .= ") LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; $sql .= " WHERE c.entity IN (".getEntity('contract', 0).")"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -466,7 +466,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -476,7 +476,7 @@ $sql .= " AND c.statut = 1"; $sql .= " AND cd.statut = 0"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -547,7 +547,7 @@ $sql .= " s.nom as name,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as plabel, p.fk_product_type as ptype, p.entity as pentity"; $sql .= " FROM (".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd"; @@ -558,7 +558,7 @@ $sql .= " AND cd.statut = 4"; $sql .= " AND cd.date_fin_validite < '".$db->idate($now)."'"; $sql .= " AND cd.fk_contrat = c.rowid"; $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -622,7 +622,7 @@ if ($resql) { } -print '
'; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardContracts', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 7e19ec13e22..cee0faf95aa 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -255,7 +255,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; @@ -281,7 +281,7 @@ if ($search_product_category > 0) { if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_date_start) { diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index 0c06a194fd4..5bd98ded8c4 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -218,7 +218,7 @@ $sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut, c.ref_customer, c.ref $sql .= " s.rowid as socid, s.nom as name, s.email, s.client, s.fournisseur,"; $sql .= " cd.rowid, cd.description, cd.statut,"; $sql .= " p.rowid as pid, p.ref as pref, p.label as label, p.fk_product_type as ptype, p.entity as pentity,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " cd.date_ouverture_prevue,"; @@ -244,7 +244,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; } $sql .= " ".MAIN_DB_PREFIX."contratdet as cd"; @@ -261,7 +261,7 @@ if ($search_product_category > 0) { $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } $sql .= " AND c.fk_soc = s.rowid"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($mode == "0") { diff --git a/htdocs/core/actions_addupdatedelete.inc.php b/htdocs/core/actions_addupdatedelete.inc.php index e4483258b92..6fd84f4eda3 100644 --- a/htdocs/core/actions_addupdatedelete.inc.php +++ b/htdocs/core/actions_addupdatedelete.inc.php @@ -73,7 +73,7 @@ if ($action == 'add' && !empty($permissiontoadd)) { if (in_array($object->fields[$key]['type'], array('text', 'html'))) { $value = GETPOST($key, 'restricthtml'); } elseif ($object->fields[$key]['type'] == 'date') { - $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt + $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt } elseif ($object->fields[$key]['type'] == 'datetime') { $value = dol_mktime(GETPOST($key.'hour', 'int'), GETPOST($key.'min', 'int'), GETPOST($key.'sec', 'int'), GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int'), 'tzuserrel'); } elseif ($object->fields[$key]['type'] == 'duration') { @@ -87,7 +87,7 @@ if ($action == 'add' && !empty($permissiontoadd)) { $value = $tmparraykey[GETPOST($key)].','.GETPOST($key.'2'); } else { if ($key == 'lang') { - $value = GETPOST($key, 'aZ09')?GETPOST($key, 'aZ09'):""; + $value = GETPOST($key, 'aZ09') ?GETPOST($key, 'aZ09') : ""; } else { $value = GETPOST($key, 'alphanohtml'); } @@ -190,7 +190,7 @@ if ($action == 'update' && !empty($permissiontoadd)) { $value = GETPOST($key, 'restricthtml'); } } elseif ($object->fields[$key]['type'] == 'date') { - $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt + $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt } elseif ($object->fields[$key]['type'] == 'datetime') { $value = dol_mktime(GETPOST($key.'hour', 'int'), GETPOST($key.'min', 'int'), GETPOST($key.'sec', 'int'), GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int'), 'tzuserrel'); } elseif ($object->fields[$key]['type'] == 'duration') { diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index ad9ca441e8a..86d4e923131 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -36,8 +36,19 @@ if (GETPOST('uploadform', 'int') && empty($_POST) && empty($_FILES)) { die; } +if ((GETPOST('sendit', 'alpha') + || GETPOST('linkit', 'restricthtml') + || ($action == 'confirm_deletefile' && $confirm == 'yes') + || ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha')) + || ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha'))) && empty($permissiontoadd)) { + dol_syslog('The file actions_linkedfiles.inc.php was included but paramater $permissiontoadd as not set before.'); + print 'The file actions_linkedfiles.inc.php was included but paramater $permissiontoadd as not set before.'; + die; +} + + // Submit file/link -if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!isset($permissiontoadd) || $permissiontoadd)) { +if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && !empty($permissiontoadd)) { if (!empty($_FILES)) { if (is_array($_FILES['userfile']['tmp_name'])) { $userfiles = $_FILES['userfile']['tmp_name']; @@ -75,7 +86,7 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!is } } } -} elseif (GETPOST('linkit', 'restricthtml') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!isset($permissiontoadd) || $permissiontoadd)) { +} elseif (GETPOST('linkit', 'restricthtml') && !empty($conf->global->MAIN_UPLOAD_DOC) && !empty($permissiontoadd)) { $link = GETPOST('link', 'alpha'); if ($link) { if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://' && substr($link, 0, 7) != 'davs://') { @@ -87,7 +98,7 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!is // Delete file/link -if ($action == 'confirm_deletefile' && $confirm == 'yes' && (!isset($permissiontoadd) || $permissiontoadd)) { +if ($action == 'confirm_deletefile' && $confirm == 'yes' && !empty($permissiontoadd)) { $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). if (GETPOST('section', 'alpha')) { // For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir @@ -158,7 +169,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes' && (!isset($permissiont exit; } } -} elseif ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha') && (!isset($permissiontoadd) || $permissiontoadd)) { +} elseif ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha') && !empty($permissiontoadd)) { require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; $langs->load('link'); $link = new Link($db); @@ -176,7 +187,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes' && (!isset($permissiont } else { //error fetching } -} elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha') && (!isset($permissiontoadd) || $permissiontoadd)) { +} elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha') && !empty($permissiontoadd)) { // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. if (!empty($upload_dir)) { $filenamefrom = dol_sanitizeFileName(GETPOST('renamefilefrom', 'alpha'), '_', 0); // Do not remove accents diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 2a42d4a3d00..f46c1051c53 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -205,12 +205,14 @@ if ($type == 'directory') { 'product', 'tax', 'project', + 'project_task', 'fichinter', 'user', 'expensereport', 'holiday', 'recruitment-recruitmentcandidature', 'banque', + 'chequereceipt', 'mrp-mo' ); @@ -243,6 +245,8 @@ if ($type == 'directory') { $upload_dir = $conf->tax->dir_output; } elseif ($module == 'project') { $upload_dir = $conf->projet->dir_output; + } elseif ($module == 'project_task') { + $upload_dir = $conf->projet->dir_output; } elseif ($module == 'fichinter') { $upload_dir = $conf->ficheinter->dir_output; } elseif ($module == 'user') { @@ -255,8 +259,10 @@ if ($type == 'directory') { $upload_dir = $conf->recruitment->dir_output.'/recruitmentcandidature'; } elseif ($module == 'banque') { $upload_dir = $conf->bank->dir_output; + } elseif ($module == 'chequereceipt') { + $upload_dir = $conf->bank->dir_output.'/checkdeposits'; } elseif ($module == 'mrp-mo') { - $upload_dir = $conf->mrp->dir_output.'/mo'; + $upload_dir = $conf->mrp->dir_output; } else { $parameters = array('modulepart'=>$module); $reshook = $hookmanager->executeHooks('addSectionECMAuto', $parameters); diff --git a/htdocs/core/bookmarks_page.php b/htdocs/core/bookmarks_page.php new file mode 100644 index 00000000000..af2ba15829c --- /dev/null +++ b/htdocs/core/bookmarks_page.php @@ -0,0 +1,131 @@ + + * + * This file is a modified version of datepicker.php from phpBSM to fix some + * bugs, to add new features and to dramatically increase speed. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/core/bookmarks_page.php + * \brief File to return a page with the complete list of bookmarks (all search input fields) + */ + +//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Not disabled cause need to load personalized language +//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Not disabled cause need to load personalized language +//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); +//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Not disabled cause need to do translations +if (!defined('NOCSRFCHECK')) { + define('NOCSRFCHECK', 1); +} +if (!defined('NOTOKENRENEWAL')) { + define('NOTOKENRENEWAL', 1); +} +//if (! defined('NOLOGIN')) define('NOLOGIN',1); // Not disabled cause need to load personalized language +if (!defined('NOREQUIREMENU')) { + define('NOREQUIREMENU', 1); +} +//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML',1); + +require_once '../main.inc.php'; + +if (GETPOST('lang', 'aZ09')) { + $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php +} + +$langs->load("main"); + +$right = ($langs->trans("DIRECTION") == 'rtl' ? 'left' : 'right'); +$left = ($langs->trans("DIRECTION") == 'rtl' ? 'right' : 'left'); + + +/* + * View + */ + +$title = $langs->trans("Bookmarks"); + +// URL http://mydolibarr/core/search_page?dol_use_jmobile=1 can be used for tests +$head = ''."\n"; +$arrayofjs = array(); +$arrayofcss = array(); +top_htmlhead($head, $title, 0, 0, $arrayofjs, $arrayofcss); + + + +print ''."\n"; +print '
'; +//print '
'; + +$nbofsearch = 0; + +// Instantiate hooks of thirdparty module +$hookmanager->initHooks(array('bookmarks')); + +// Define $bookmarks +$bookmarkList = ''; +$searchForm = ''; + +$arrayresult = array(); +//include DOL_DOCUMENT_ROOT.'/core/ajax/selectsearchbox.php'; + + + +// Menu with list of bookmarks +$sql = "SELECT rowid, title, url, target FROM ".MAIN_DB_PREFIX."bookmark"; +$sql .= " WHERE (fk_user = ".((int) $user->id)." OR fk_user is NULL OR fk_user = 0)"; +$sql .= " AND entity IN (".getEntity('bookmarks').")"; +$sql .= " ORDER BY position"; +if ($resql = $db->query($sql)) { + $bookmarkList = ''; + + $searchForm .= ''; +} else { + dol_print_error($db); +} + + +// Execute hook printBookmarks +$parameters = array('bookmarks'=>$bookmarkList); +$reshook = $hookmanager->executeHooks('printBookmarks', $parameters); // Note that $action and $object may have been modified by some hooks +if (empty($reshook)) { + $bookmarkList .= $hookmanager->resPrint; +} else { + $bookmarkList = $hookmanager->resPrint; +} + + +print "\n"; +print "\n"; +print '
'; +print ''; +print '
'."\n"; +print $bookmarkList; +print '
'."\n"; +print '
'; +print "\n\n"; + +print '
'; +print ''."\n"; + +$db->close(); diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 814dfacc5f3..ee41df3cdd2 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -92,20 +92,20 @@ class box_actions extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; $sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { $sql .= " AND s.rowid = ".((int) $user->socid); } - if (!$user->rights->agenda->allactions->read) { + if (empty($user->rights->agenda->allactions->read)) { $sql .= " AND (a.fk_user_author = ".((int) $user->id)." OR a.fk_user_action = ".((int) $user->id)." OR a.fk_user_done = ".((int) $user->id).")"; } $sql .= " ORDER BY a.datec DESC"; diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index a858111d76d..487c2170a4a 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -113,13 +113,13 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT p.fk_statut, SUM(p.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -203,13 +203,13 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT c.fk_statut, sum(c.total_ttc) as Mnttot, count(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -291,12 +291,12 @@ class box_activity extends ModeleBoxes if ($refresh) { $sql = "SELECT f.fk_statut, SUM(f.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 995f017f5f1..74ba5a9d4c9 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -92,12 +92,12 @@ class box_clients extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index 4d47f703fff..abf9baf06f3 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -101,7 +101,7 @@ class box_commandes extends ModeleBoxes $sql .= ", c.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -109,7 +109,7 @@ class box_commandes extends ModeleBoxes if (!empty($conf->global->ORDER_BOX_LAST_ORDERS_VALIDATED_ONLY)) { $sql .= " AND c.fk_statut = 1"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index 97090895500..0d774faf569 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -103,11 +103,11 @@ class box_contacts extends ModeleBoxes if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE sp.entity IN (".getEntity('socpeople').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index 9bb794b94fa..8eeb1b93323 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -86,12 +86,12 @@ class box_contracts extends ModeleBoxes $sql .= " c.rowid, c.ref, c.statut as fk_statut, c.date_contrat, c.datec, c.fin_validite, c.date_cloture"; $sql .= ", c.ref_customer, c.ref_supplier"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php index 87be4a10c2d..4077b04c6d9 100644 --- a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php +++ b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php @@ -93,12 +93,12 @@ class box_customers_outstanding_bill_reached extends ModeleBoxes $sql .= ", s.outstanding_limit"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 6bdeabda212..e1d2860b212 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -100,13 +100,13 @@ class box_factures extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.tva_intra, s.siren as idprof1, s.siret as idprof2, s.ape as idprof3, s.idprof4, s.idprof5, s.idprof6"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index 70640efeb78..ae905d5d468 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -100,12 +100,12 @@ class box_factures_fourn extends ModeleBoxes $sql .= ', f.date_lim_reglement as datelimite, f.tms, f.type'; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index 74f9a3a46aa..cfef8801414 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -95,14 +95,14 @@ class box_factures_fourn_imp extends ModeleBoxes $sql .= ", f.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; $sql .= " AND f.paye = 0"; $sql .= " AND fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index c78e5b7dec9..9a8e764f208 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -108,7 +108,7 @@ class box_factures_imp extends ModeleBoxes if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."facture as f"; @@ -117,7 +117,7 @@ class box_factures_imp extends ModeleBoxes $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND f.paye = 0"; $sql .= " AND fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index 3b62361343a..e0bdaf709ce 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -89,13 +89,13 @@ class box_ficheinter extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir) { + if (empty($user->rights->societe->client->voir)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; $sql .= " WHERE f.fk_soc = s.rowid "; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index c0516c1cf4c..4f297135b26 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -87,12 +87,12 @@ class box_fournisseurs extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php index fe01eae730b..18ffe022610 100644 --- a/htdocs/core/boxes/box_graph_invoices_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -99,7 +99,7 @@ class box_graph_invoices_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_invoices_peryear.php b/htdocs/core/boxes/box_graph_invoices_peryear.php index 22d9ad956e7..9126cfcfb37 100644 --- a/htdocs/core/boxes/box_graph_invoices_peryear.php +++ b/htdocs/core/boxes/box_graph_invoices_peryear.php @@ -93,7 +93,7 @@ class box_graph_invoices_peryear extends ModeleBoxes $prefix = ''; $socid = 0; if ($user->socid) $socid = $user->socid; - if (!$user->rights->societe->client->voir || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user + if (empty($user->rights->societe->client->voir) || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user if ($user->rights->facture->lire) { $mesg = ''; diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index 5ecc26c3f90..3d8cb88938d 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -98,7 +98,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php index 98aed557557..83acae25b45 100644 --- a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php +++ b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php @@ -65,6 +65,8 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes public function loadBox($max = 5) { global $conf, $user, $langs; + $dataseries = array(); + $graphtoshow = ""; $badgeStatus0 = '#cbd3d3'; // draft $badgeStatus1 = '#bc9526'; // validated @@ -116,7 +118,6 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes if ($resql) { $num = $this->db->num_rows($resql); $i = 0; - $dataseries = array(); while ($i < $num) { $objp = $this->db->fetch_object($resql); while ($minimumdatecformated < $objp->datec) { diff --git a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php index ce8d7ab0078..435cc76451e 100644 --- a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php +++ b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php @@ -98,10 +98,10 @@ class box_graph_new_vs_close_ticket extends ModeleBoxes $num = $this->db->num_rows($resql); if ($num > 0) { $objp = $this->db->fetch_object($resql); - $data[] = array($langs->trans('TicketCreatedToday'), $objp->nb); + $data[] = array($langs->transnoentitiesnoconv('TicketCreatedToday'), $objp->nb); $totalnb += $objp->nb; } else { - $data[] = array($langs->trans('TicketCreatedToday'), 0); + $data[] = array($langs->transnoentitiesnoconv('TicketCreatedToday'), 0); } } else { dol_print_error($this->db); @@ -116,10 +116,10 @@ class box_graph_new_vs_close_ticket extends ModeleBoxes $num = $this->db->num_rows($resql); if ($num > 0) { $objp = $this->db->fetch_object($resql); - $data[] = array($langs->trans('TicketClosedToday'), $objp->nb); + $data[] = array($langs->transnoentitiesnoconv('TicketClosedToday'), $objp->nb); $totalnb += $objp->nb; } else { - $data[] = array($langs->trans('TicketClosedToday'), 0); + $data[] = array($langs->transnoentitiesnoconv('TicketClosedToday'), 0); } } else { dol_print_error($this->db); diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php index 48f0bd67ec3..0fd27c377d5 100644 --- a/htdocs/core/boxes/box_graph_orders_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_permonth.php @@ -99,7 +99,7 @@ class box_graph_orders_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php index a394834cd97..be58b1e983c 100644 --- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php @@ -98,7 +98,7 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 8a95761ea08..03899fb922f 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -101,7 +101,7 @@ class box_graph_propales_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 57e54594255..300a13803c5 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -96,7 +96,7 @@ class box_last_modified_ticket extends ModeleBoxes $sql .= " WHERE t.entity IN (".getEntity('ticket').')'; // $sql.= " AND e.rowid = er.fk_event"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); if ($user->socid) { $sql .= " AND t.fk_soc = ".((int) $user->socid); } diff --git a/htdocs/core/boxes/box_last_ticket.php b/htdocs/core/boxes/box_last_ticket.php index 39086464f73..25cb353b268 100644 --- a/htdocs/core/boxes/box_last_ticket.php +++ b/htdocs/core/boxes/box_last_ticket.php @@ -95,7 +95,7 @@ class box_last_ticket extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=t.fk_soc"; $sql .= " WHERE t.entity IN (".getEntity('ticket').")"; // $sql.= " AND e.rowid = er.fk_event"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); if ($user->socid) { $sql .= " AND t.fk_soc= ".((int) $user->socid); } diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index f14ab699690..63a4e90cdd0 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -94,7 +94,7 @@ class box_project extends ModeleBoxes // Get list of project id allowed to user (in a string list separated by coma) $projectsListId = ''; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); } @@ -102,7 +102,7 @@ class box_project extends ModeleBoxes $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok $sql .= " AND p.fk_statut = 1"; // Only open projects - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index 6599116a980..51d313b7254 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -90,12 +90,12 @@ class box_propales extends ModeleBoxes $sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index 06d42e34b18..a46713a3206 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -93,12 +93,12 @@ class box_prospect extends ModeleBoxes $sql .= ", s.fk_stcomm"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 320932a0c6f..c72a378a1a2 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -95,7 +95,7 @@ class box_services_contracts extends ModeleBoxes $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ")"; diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 433c566ad31..4353fb7eb02 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -86,7 +86,7 @@ class box_services_expired extends ModeleBoxes $sql .= " s.nom as name, s.rowid as socid, s.email, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,"; $sql .= " MIN(cd.date_fin_validite) as date_line, COUNT(cd.rowid) as nb_services"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe s, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.statut = 4 AND cd.date_fin_validite <= '".$this->db->idate($now)."'"; @@ -95,7 +95,7 @@ class box_services_expired extends ModeleBoxes if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.rowid, c.ref, c.statut, c.date_contrat, c.ref_customer, c.ref_supplier, s.nom, s.rowid"; diff --git a/htdocs/core/boxes/box_shipments.php b/htdocs/core/boxes/box_shipments.php index 2b6adfe3bdc..d0ddf1f8dcb 100644 --- a/htdocs/core/boxes/box_shipments.php +++ b/htdocs/core/boxes/box_shipments.php @@ -101,7 +101,7 @@ class box_shipments extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; @@ -111,7 +111,7 @@ class box_shipments extends ModeleBoxes if ($user->socid > 0) { $sql.= " AND s.rowid = ".((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } else { $sql .= " ORDER BY e.date_delivery, e.ref DESC "; diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index b3451d9b6c3..2cc34a9255b 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -92,12 +92,12 @@ class box_supplier_orders extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 580ccdb373c..f9d2de4b7fc 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -92,13 +92,14 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; + $sql .= " AND c.date_livraison IS NOT NULL"; $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_task.php b/htdocs/core/boxes/box_task.php index 0c349ad3e4c..e86a1206902 100644 --- a/htdocs/core/boxes/box_task.php +++ b/htdocs/core/boxes/box_task.php @@ -145,7 +145,7 @@ class box_task extends ModeleBoxes // Get list of project id allowed to user (in a string list separated by coma) $projectsListId = ''; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); } @@ -168,7 +168,7 @@ class box_task extends ModeleBoxes $sql .= " AND p.fk_statut = ".Project::STATUS_VALIDATED; $sql .= " AND (pt.progress < 100 OR pt.progress IS NULL ) "; // 100% is done and not displayed $sql .= " AND p.usage_task = 1 "; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users } diff --git a/htdocs/core/boxes/box_validated_projects.php b/htdocs/core/boxes/box_validated_projects.php index 3f2b2cdc221..574ee7b7d80 100644 --- a/htdocs/core/boxes/box_validated_projects.php +++ b/htdocs/core/boxes/box_validated_projects.php @@ -101,7 +101,7 @@ class box_validated_projects extends ModeleBoxes // Get list of project id allowed to user (in a string list separated by coma) $projectsListId = ''; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); } diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 6bf0285a2fb..91446f38070 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -1851,7 +1851,7 @@ abstract class CommonObject $result = false; $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$table; - $sql .= " WHERE ".$field." = '".$key."'"; + $sql .= " WHERE ".$field." = '".$this->db->escape($key)."'"; if (!empty($element)) { $sql .= " AND entity IN (".getEntity($element).")"; } else { @@ -2048,19 +2048,19 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid - } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid } - if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc"; } $sql .= " WHERE te.".$fieldid." < '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) - if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } - if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)'; } if (!empty($filter)) { @@ -2072,7 +2072,7 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) { @@ -2118,19 +2118,19 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= ", ".MAIN_DB_PREFIX.$tmparray[1]." as ".($tmparray[1] == 'societe' ? 's' : 'parenttable'); // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid - } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 2 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid } - if ($restrictiononfksoc && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$aliastablesociete.".rowid = sc.fk_soc"; } $sql .= " WHERE te.".$fieldid." > '".$this->db->escape($fieldid == 'rowid' ? $this->id : $this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) - if ($restrictiononfksoc == 1 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 1 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } - if ($restrictiononfksoc == 2 && !$user->rights->societe->client->voir && !$socid) { + if ($restrictiononfksoc == 2 && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND (sc.fk_user = ".((int) $user->id).' OR te.fk_soc IS NULL)'; } if (!empty($filter)) { @@ -2142,7 +2142,7 @@ abstract class CommonObject if (isset($this->ismultientitymanaged) && !is_numeric($this->ismultientitymanaged)) { $tmparray = explode('@', $this->ismultientitymanaged); $sql .= " AND te.".$tmparray[0]." = ".($tmparray[1] == "societe" ? "s" : "parenttable").".rowid"; // If we need to link to this table to limit select to entity - } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) { + } elseif ($restrictiononfksoc == 1 && $this->element != 'societe' && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) { @@ -6080,7 +6080,6 @@ abstract class CommonObject } $sql .= ")"; - $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); @@ -6334,6 +6333,11 @@ abstract class CommonObject $this->array_options["options_".$key] = $this->db->idate($this->array_options["options_".$key]); } break; + case 'boolean': + if (empty($this->array_options["options_".$key])) { + $this->array_options["options_".$key] = null; + } + break; /* case 'link': $param_list = array_keys($attributeParam['options']); @@ -7693,7 +7697,7 @@ abstract class CommonObject $langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]); } - $colspan = ''; + $colspan = 0; if (is_array($params) && count($params) > 0 && $display_type=='card') { if (array_key_exists('cols', $params)) { $colspan = $params['cols']; @@ -7706,6 +7710,7 @@ abstract class CommonObject } } } + $colspan = intval($colspan); switch ($mode) { case "view": @@ -7772,7 +7777,7 @@ abstract class CommonObject $html_id = (empty($this->id) ? '' : 'extrarow-'.$this->element.'_'.$key.'_'.$this->id); if ($display_type=='card') { if (!empty($conf->global->MAIN_EXTRAFIELDS_USE_TWO_COLUMS) && ($e % 2) == 0) { - $colspan = '0'; + $colspan = 0; } if ($action == 'selectlines') { diff --git a/htdocs/core/class/commonobjectline.class.php b/htdocs/core/class/commonobjectline.class.php index 2856b535a3e..d93d0b67ff9 100644 --- a/htdocs/core/class/commonobjectline.class.php +++ b/htdocs/core/class/commonobjectline.class.php @@ -111,4 +111,20 @@ abstract class CommonObjectLine extends CommonObject return -1; } } + + /** + * Empty function to prevent errors on call of this function must be overload if usefull + * + * @param string $sortorder Sort Order + * @param string $sortfield Sort field + * @param int $limit offset limit + * @param int $offset offset limit + * @param array $filter filter array + * @param string $filtermode filter mode (AND or OR) + * @return int <0 if KO, >0 if OK + */ + public function fetchAll($sortorder = '', $sortfield = '', $limit = 0, $offset = 0, array $filter = array(), $filtermode = 'AND') + { + return 0; + } } diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index a892c557b34..e52ab780195 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -1054,6 +1054,7 @@ class DolGraph } $showlegend = $this->showlegend; + $bordercolor = ""; $legends = array(); $nblot = 0; @@ -1414,12 +1415,12 @@ class DolGraph $color = 'rgb(' . $newcolor[0] . ', ' . $newcolor[1] . ', ' . $newcolor[2] . ', 0.9)'; $bordercolor = 'rgb(' . $newcolor[0] . ', ' . $newcolor[1] . ', ' . $newcolor[2] . ')'; } else { // We do not use a 'group by' - if (is_array($this->datacolor[$i])) { + if (!empty($this->bordercolor[$i]) && is_array($this->datacolor[$i])) { $color = 'rgb(' . $this->datacolor[$i][0] . ', ' . $this->datacolor[$i][1] . ', ' . $this->datacolor[$i][2] . ', 0.9)'; } else { $color = $this->datacolor[$i]; } - if (is_array($this->bordercolor[$i])) { + if (!empty($this->bordercolor[$i]) && is_array($this->bordercolor[$i])) { $color = 'rgb(' . $this->bordercolor[$i][0] . ', ' . $this->bordercolor[$i][1] . ', ' . $this->bordercolor[$i][2] . ', 0.9)'; } else { if ($type != 'horizontalBar') { diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 4f9b9c470d9..057b1d9ace9 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1653,10 +1653,14 @@ class ExtraFields $showsize = 0; if ($type == 'date') { $showsize = 10; - $value = dol_print_date($value, 'day'); // For date without hour, date is always GMT for storage and output + if ($value !== '') { + $value = dol_print_date($value, 'day'); // For date without hour, date is always GMT for storage and output + } } elseif ($type == 'datetime') { $showsize = 19; - $value = dol_print_date($value, 'dayhour', 'tzuserrel'); + if ($value !== '') { + $value = dol_print_date($value, 'dayhour', 'tzuserrel'); + } } elseif ($type == 'int') { $showsize = 10; } elseif ($type == 'double') { @@ -2231,11 +2235,18 @@ class ExtraFields continue; // Value was not provided, we should not set it. } $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); - if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' + if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' $value_key = price2num($value_arr); } else { $value_key = $value_arr; } + } elseif (in_array($key_type, array('boolean'))) { + if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { + $value_key = ''; + } else { + $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); + $value_key = $value_arr; + } } else { if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { continue; // Value was not provided, we should not set it. diff --git a/htdocs/core/class/fiscalyear.class.php b/htdocs/core/class/fiscalyear.class.php index 2a1f769e15c..0edae298f46 100644 --- a/htdocs/core/class/fiscalyear.class.php +++ b/htdocs/core/class/fiscalyear.class.php @@ -291,7 +291,7 @@ class Fiscalyear extends CommonObject $url = DOL_URL_ROOT.'/accountancy/admin/fiscalyear_card.php?id='.$this->id; - if (!$user->rights->accounting->fiscalyear->write) { + if (empty($user->rights->accounting->fiscalyear->write)) { $option = 'nolink'; } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 88151e7c288..68bba0e04b5 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -1005,6 +1005,7 @@ class Form $langs->load("dict"); $out = ''; + $moreattrib = ''; $incotermArray = array(); $sql = "SELECT rowid, code"; @@ -1347,7 +1348,7 @@ class Form if (!empty($conf->global->COMPANY_SHOW_ADDRESS_SELECTLIST)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as dictp ON dictp.rowid = s.fk_pays"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity('societe').")"; @@ -1357,7 +1358,7 @@ class Form if ($filter) { $sql .= " AND (".$filter.")"; } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($conf->global->COMPANY_HIDE_INACTIVE_IN_COMBOBOX)) { @@ -1444,7 +1445,7 @@ class Form $label .= ' ('.$obj->name_alias.')'; } - if ($conf->global->SOCIETE_SHOW_VAT_IN_LIST && !empty($obj->tva_intra)) { + if (!empty($conf->global->SOCIETE_SHOW_VAT_IN_LIST) && !empty($obj->tva_intra)) { $label .= ' - '.$obj->tva_intra.''; } @@ -2602,7 +2603,7 @@ class Form if (!$forcecombo) { include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; - $out .= ajax_combobox($htmlname, $events, $conf->global->PRODUIT_USE_SEARCH_TO_SELECT); + $out .= ajax_combobox($htmlname, $events, getDolGlobalInt("PRODUIT_USE_SEARCH_TO_SELECT")); } $out .= 'global->PRODUCT_SEARCH_AUTOFOCUS) ? 'autofocus' : '').' />'; + if ($hidelabel == 3) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } else { + $out .= $this->selectProjectsList($selected, $htmlname, $filtertype, $limit, $status, 0, $socid, $showempty, $forcecombo, $morecss); + } + + if (empty($nooutput)) print $out; + else return $out; + } + + /** + * Return list of projects. + * Called by selectProjects. + * + * @param int $selected Preselected project + * @param string $htmlname Name of select html + * @param string $filtertype Filter on project type + * @param int $limit Limit on number of returned lines + * @param string $filterkey Filter on project ref or subject + * @param int $status Ticket status + * @param int $outputmode 0=HTML select string, 1=Array + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @return array Array of keys for json + */ + public function selectProjectsList($selected = '', $htmlname = 'projectid', $filtertype = '', $limit = 20, $filterkey = '', $status = 1, $outputmode = 0, $showempty = '1', $forcecombo = 0, $morecss = '') + { + global $langs, $conf, $user, $db; + + $out = ''; + $outarray = array(); + + $selectFields = " p.rowid, p.ref"; + + $sql = "SELECT "; + $sql .= $selectFields; + $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; + $sql .= ' WHERE p.entity IN ('.getEntity('project').')'; + + // Add criteria on ref/label + if ($filterkey != '') { + $sql .= ' AND ('; + $prefix = empty($conf->global->TICKET_DONOTSEARCH_ANYWHERE) ? '%' : ''; // Can use index if PRODUCT_DONOTSEARCH_ANYWHERE is on + // For natural search + $scrit = explode(' ', $filterkey); + $i = 0; + if (count($scrit) > 1) $sql .= "("; + foreach ($scrit as $crit) { + if ($i > 0) $sql .= " AND "; + $sql .= "p.ref LIKE '".$this->db->escape($prefix.$crit)."%'"; + $sql .= ""; + $i++; + } + if (count($scrit) > 1) $sql .= ")"; + $sql .= ')'; + } + + $sql .= $this->db->plimit($limit, 0); + + // Build output string + dol_syslog(get_class($this)."::selectProjectsList search projects", LOG_DEBUG); + $result = $this->db->query($sql); + if ($result) { + require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php'; + + $num = $this->db->num_rows($result); + + $events = null; + + if (!$forcecombo) { + include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; + $out .= ajax_combobox($htmlname, $events, $conf->global->PROJECT_USE_SEARCH_TO_SELECT); + } + + $out .= ''; + + $this->db->free($result); + + if (empty($outputmode)) return $out; + return $outarray; + } else { + dol_print_error($db); + } + } + + /** + * constructProjectListOption. + * This define value for &$opt and &$optJson. + * + * @param resource $objp Result set of fetch + * @param string $opt Option (var used for returned value in string option format) + * @param string $optJson Option (var used for returned value in json format) + * @param string $selected Preselected value + * @param string $filterkey Filter key to highlight + * @return void + */ + protected function constructProjectListOption(&$objp, &$opt, &$optJson, $selected, $filterkey = '') + { + global $langs, $conf, $user, $db; + + $outkey = ''; + $outval = ''; + $outref = ''; + $outlabel = ''; + $outtype = ''; + + $label = $objp->label; + + $outkey = $objp->rowid; + $outref = $objp->ref; + $outlabel = $objp->label; + $outtype = $objp->fk_product_type; + + $opt = '\n"; + $optJson = array('key'=>$outkey, 'value'=>$outref, 'type'=>$outtypem); + } + + + /** + * Return list of members in Ajax if Ajax activated or go to selectTicketsList + * + * @param int $selected Preselected tickets + * @param string $htmlname Name of HTML select field (must be unique in page). + * @param string $filtertype To add a filter + * @param int $limit Limit on number of returned lines + * @param int $status Ticket status + * @param string $selected_input_value Value of preselected input text (for use with ajax) + * @param int $hidelabel Hide label (0=no, 1=yes, 2=show search icon (before) and placeholder, 3 search icon after) + * @param array $ajaxoptions Options for ajax_autocompleter + * @param int $socid Thirdparty Id (to get also price dedicated to this customer) + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @param array $selected_combinations Selected combinations. Format: array([attrid] => attrval, [...]) + * @param string $nooutput No print, return the output into a string + * @return void|string + */ + public function selectMembers($selected = '', $htmlname = 'adherentid', $filtertype = '', $limit = 0, $status = 1, $selected_input_value = '', $hidelabel = 0, $ajaxoptions = array(), $socid = 0, $showempty = '1', $forcecombo = 0, $morecss = '', $selected_combinations = null, $nooutput = 0) + { + global $langs, $conf; + + $out = ''; + + // check parameters + if (is_null($ajaxoptions)) $ajaxoptions = array(); + + if (!empty($conf->use_javascript_ajax) && !empty($conf->global->TICKET_USE_SEARCH_TO_SELECT)) { + $placeholder = ''; + + if ($selected && empty($selected_input_value)) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + $adherenttmpselect = new Member($this->db); + $adherenttmpselect->fetch($selected); + $selected_input_value = $adherenttmpselect->ref; + unset($adherenttmpselect); + } + + $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/adherents/ajax/adherents.php', $urloption, $conf->global->PRODUIT_USE_SEARCH_TO_SELECT, 1, $ajaxoptions); + + if (empty($hidelabel)) $out .= $langs->trans("RefOrLabel").' : '; + elseif ($hidelabel > 1) { + $placeholder = ' placeholder="'.$langs->trans("RefOrLabel").'"'; + if ($hidelabel == 2) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } + $out .= 'global->PRODUCT_SEARCH_AUTOFOCUS) ? 'autofocus' : '').' />'; + if ($hidelabel == 3) { + $out .= img_picto($langs->trans("Search"), 'search'); + } + } else { + $out .= $this->selectMembersList($selected, $htmlname, $filtertype, $limit, $status, 0, $socid, $showempty, $forcecombo, $morecss); + } + + if (empty($nooutput)) print $out; + else return $out; + } + + /** + * Return list of adherents. + * Called by selectMembers. + * + * @param int $selected Preselected adherent + * @param string $htmlname Name of select html + * @param string $filtertype Filter on adherent type + * @param int $limit Limit on number of returned lines + * @param string $filterkey Filter on adherent ref or subject + * @param int $status Ticket status + * @param int $outputmode 0=HTML select string, 1=Array + * @param string $showempty '' to not show empty line. Translation key to show an empty line. '1' show empty line with no text. + * @param int $forcecombo Force to use combo box + * @param string $morecss Add more css on select + * @return array Array of keys for json + */ + public function selectMembersList($selected = '', $htmlname = 'adherentid', $filtertype = '', $limit = 20, $filterkey = '', $status = 1, $outputmode = 0, $showempty = '1', $forcecombo = 0, $morecss = '') + { + global $langs, $conf, $user, $db; + + $out = ''; + $outarray = array(); + + $selectFields = " p.rowid, p.ref"; + + $sql = "SELECT "; + $sql .= $selectFields; + $sql .= " FROM ".MAIN_DB_PREFIX."adherent as p"; + $sql .= ' WHERE p.entity IN ('.getEntity('adherent').')'; + + // Add criteria on ref/label + if ($filterkey != '') { + $sql .= ' AND ('; + $prefix = empty($conf->global->TICKET_DONOTSEARCH_ANYWHERE) ? '%' : ''; // Can use index if PRODUCT_DONOTSEARCH_ANYWHERE is on + // For natural search + $scrit = explode(' ', $filterkey); + $i = 0; + if (count($scrit) > 1) $sql .= "("; + foreach ($scrit as $crit) { + if ($i > 0) $sql .= " AND "; + $sql .= "p.ref LIKE '".$this->db->escape($prefix.$crit)."%'"; + $sql .= ""; + $i++; + } + if (count($scrit) > 1) $sql .= ")"; + $sql .= ')'; + } + + $sql .= $this->db->plimit($limit, 0); + + // Build output string + dol_syslog(get_class($this)."::selectMembersList search adherents", LOG_DEBUG); + $result = $this->db->query($sql); + if ($result) { + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; + require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php'; + + $num = $this->db->num_rows($result); + + $events = null; + + if (!$forcecombo) { + include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; + $out .= ajax_combobox($htmlname, $events, $conf->global->PROJECT_USE_SEARCH_TO_SELECT); + } + + $out .= ''; + + $this->db->free($result); + + if (empty($outputmode)) return $out; + return $outarray; + } else { + dol_print_error($db); + } + } + + /** + * constructMemberListOption. + * This define value for &$opt and &$optJson. + * + * @param resource $objp Result set of fetch + * @param string $opt Option (var used for returned value in string option format) + * @param string $optJson Option (var used for returned value in json format) + * @param string $selected Preselected value + * @param string $filterkey Filter key to highlight + * @return void + */ + protected function constructMemberListOption(&$objp, &$opt, &$optJson, $selected, $filterkey = '') + { + global $langs, $conf, $user, $db; + + $outkey = ''; + $outval = ''; + $outref = ''; + $outlabel = ''; + $outtype = ''; + + $label = $objp->label; + + $outkey = $objp->rowid; + $outref = $objp->ref; + $outlabel = $objp->label; + $outtype = $objp->fk_product_type; + + $opt = '\n"; + $optJson = array('key'=>$outkey, 'value'=>$outref, 'type'=>$outtypem); + } /** * Generic method to select a component from a combo list. @@ -7029,7 +7442,7 @@ class Form $sql .= " INNER JOIN ".MAIN_DB_PREFIX.$tmparray[1]." as parenttable ON parenttable.rowid = t.".$tmparray[0]; } if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') { - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } } @@ -7057,7 +7470,7 @@ class Form } } if ($objecttmp->ismultientitymanaged === 'fk_soc@societe') { - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND t.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } } @@ -7676,7 +8089,7 @@ class Form } } else { // There is no list of fields already customized for user foreach ($array as $key => $val) { - if ($array[$key]['checked'] < 0) { + if (!empty($array[$key]['checked']) && $array[$key]['checked'] < 0) { $array[$key]['checked'] = 0; } } @@ -7704,7 +8117,7 @@ class Form } // Note: $val['checked'] <> 0 means we must show the field into the combo list - $listoffieldsforselection .= '
    • '; + $listoffieldsforselection .= '
    • '; $listcheckedstring .= (empty($val['checked']) ? '' : $key.','); } } diff --git a/htdocs/core/class/html.formcontract.class.php b/htdocs/core/class/html.formcontract.class.php index 5db615f4654..1909a4fb6c3 100644 --- a/htdocs/core/class/html.formcontract.class.php +++ b/htdocs/core/class/html.formcontract.class.php @@ -104,7 +104,7 @@ class FormContract while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { $labeltoshow = dol_trunc($obj->ref, 18); diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 1bd622d173f..d313d91f505 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1678,6 +1678,9 @@ class FormFile } elseif ($modulepart == 'project') { include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; $object_instance = new Project($this->db); + } elseif ($modulepart == 'project_task') { + include_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php'; + $object_instance = new Task($this->db); } elseif ($modulepart == 'fichinter') { include_once DOL_DOCUMENT_ROOT.'/fichinter/class/fichinter.class.php'; $object_instance = new Fichinter($this->db); @@ -1696,6 +1699,9 @@ class FormFile } elseif ($modulepart == 'banque') { include_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; $object_instance = new Account($this->db); + } elseif ($modulepart == 'chequereceipt') { + include_once DOL_DOCUMENT_ROOT.'/compta/paiement/cheque/class/remisecheque.class.php'; + $object_instance = new RemiseCheque($this->db); } elseif ($modulepart == 'mrp-mo') { include_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; $object_instance = new Mo($this->db); @@ -1750,14 +1756,19 @@ class FormFile $id = (isset($reg[1]) ? $reg[1] : ''); } elseif ($modulepart == 'invoice_supplier') { preg_match('/([^\/]+)\/[^\/]+$/', $relativefile, $reg); - $ref = (isset($reg[1]) ? $reg[1] : ''); if (is_numeric($ref)) { + $ref = (isset($reg[1]) ? $reg[1] : ''); + if (is_numeric($ref)) { $id = $ref; $ref = ''; } - } elseif ($modulepart == 'user' || $modulepart == 'holiday') { + } elseif ($modulepart == 'user') { // $ref may be also id with old supplier invoices preg_match('/(.*)\/[^\/]+$/', $relativefile, $reg); $id = (isset($reg[1]) ? $reg[1] : ''); + } elseif ($modulepart == 'project_task') { + // $ref of task is the sub-directory of the project + $reg = explode("/", $relativefile); + $ref = (isset($reg[1]) ? $reg[1] : ''); } elseif (in_array($modulepart, array( 'invoice', 'propal', @@ -1767,11 +1778,14 @@ class FormFile 'contract', 'product', 'project', + 'project_task', 'fichinter', 'expensereport', 'recruitment-recruitmentcandidature', 'mrp-mo', - 'banque'))) { + 'banque', + 'chequereceipt', + 'holiday'))) { preg_match('/(.*)\/[^\/]+$/', $relativefile, $reg); $ref = (isset($reg[1]) ? $reg[1] : ''); } else { diff --git a/htdocs/core/class/html.formintervention.class.php b/htdocs/core/class/html.formintervention.class.php index b9564c6aa52..60656128b64 100644 --- a/htdocs/core/class/html.formintervention.class.php +++ b/htdocs/core/class/html.formintervention.class.php @@ -99,7 +99,7 @@ class FormIntervention while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { $labeltoshow = dol_trunc($obj->ref, 18); diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index ca3908fe843..4f9ec52dd8d 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -1526,7 +1526,7 @@ class FormMail extends Form $product = new Product($this->db); $product->fetch($line->fk_product, '', '', 1); $product->fetch_optionals(); - if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label']) > 0) { + if (is_array($extrafields->attributes[$product->table_element]['label']) && count($extrafields->attributes[$product->table_element]['label']) > 0) { foreach ($extrafields->attributes[$product->table_element]['label'] as $key => $label) { $substit_line['__PRODUCT_EXTRAFIELD_'.strtoupper($key).'__'] = $product->array_options['options_'.$key]; } diff --git a/htdocs/core/class/html.formmargin.class.php b/htdocs/core/class/html.formmargin.class.php index 02972f39630..e77ebe3498c 100644 --- a/htdocs/core/class/html.formmargin.class.php +++ b/htdocs/core/class/html.formmargin.class.php @@ -207,7 +207,7 @@ class FormMargin return; } - if (!$user->rights->margins->liretous) { + if (empty($user->rights->margins->liretous)) { return; } diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index 18b42c597bf..34ea7b0a2e8 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -207,7 +207,7 @@ class FormProjets while ($i < $num) { $obj = $this->db->fetch_object($resql); // If we ask to filter on a company and user has no permission to see all companies and project is linked to another company, we hide project. - if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && !$user->rights->societe->lire) { + if ($socid > 0 && (empty($obj->fk_soc) || $obj->fk_soc == $socid) && empty($user->rights->societe->lire)) { // Do nothing } else { if ($discard_closed == 1 && $obj->fk_statut == 2 && $obj->rowid != $selected) { // We discard closed except if selected diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 89260c35d03..b9f320b7db8 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -753,6 +753,8 @@ class FormTicket print ajax_combobox('select'.$htmlname); } elseif ($htmlname!='') { + $selectedgroups = array(); + $groupvalue = ""; $groupticket=GETPOST($htmlname, 'aZ09'); $child_id=GETPOST($htmlname.'_child_id', 'aZ09')?GETPOST($htmlname.'_child_id', 'aZ09'):0; if (!empty($groupticket)) { diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index bdd0f79a0aa..07962e6e98d 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -215,7 +215,7 @@ class InfoBox /** * Save order of boxes for area and user * - * @param DoliDB $dbs Database handler + * @param DoliDB $dbs Database handler * @param int $zone Name of area (0 for Homepage, ...) * @param string $boxorder List of boxes with correct order 'A:123,456,...-B:789,321...' * @param int $userid Id of user diff --git a/htdocs/core/class/notify.class.php b/htdocs/core/class/notify.class.php index 019618366d1..a88f673405c 100644 --- a/htdocs/core/class/notify.class.php +++ b/htdocs/core/class/notify.class.php @@ -108,10 +108,26 @@ class Notify */ public function confirmMessage($action, $socid, $object) { - global $langs; + global $conf, $langs; $langs->load("mails"); $listofnotiftodo = $this->getNotificationsArray($action, $socid, $object, 0); + if (!empty($conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER)) { + foreach ($listofnotiftodo as $val) { + if ($val['type'] == 'touser') { + unset($listofnotiftodo[$val['email']]); + //$listofnotiftodo = array_merge($listofnotiftodo); + } + } + } + if (!empty($conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX)) { + foreach ($listofnotiftodo as $val) { + if ($val['type'] == 'tofixedemail') { + unset($listofnotiftodo[$val['email']]); + //$listofnotiftodo = array_merge($listofnotiftodo); + } + } + } $texte = ''; $nb = -1; diff --git a/htdocs/core/js/lib_foot.js.php b/htdocs/core/js/lib_foot.js.php index 1de4fef0176..997132ca132 100644 --- a/htdocs/core/js/lib_foot.js.php +++ b/htdocs/core/js/lib_foot.js.php @@ -258,12 +258,12 @@ print ' window.getSelection().removeAllRanges(); /* Show message */ - var lastchild = this.parentNode.lastChild; + var lastchild = this.parentNode.lastChild; /* .parentNode is clipboardCP and last child is clipboardCPText */ var tmp = lastchild.innerHTML if (succeed) { - lastchild.innerHTML = \''.dol_escape_js($langs->trans('CopiedToClipboard')).'\'; + lastchild.innerHTML = \'
    '.dol_escape_js($langs->trans('CopiedToClipboard')).'
    \'; } else { - lastchild.innerHTML = \''.dol_escape_js($langs->trans('Error')).'\'; + lastchild.innerHTML = \'
    '.dol_escape_js($langs->trans('Error')).'
    \'; } setTimeout(() => { lastchild.innerHTML = tmp; }, 1000); }); diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index 0505f451fc5..842d7333bbd 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -1127,7 +1127,7 @@ function activateModule($value, $withdeps = 1) if (!count($ret['errors'])) { $ret['nbmodules']++; - $ret['nbperms'] += count($objMod->rights); + $ret['nbperms'] += (is_array($objMod->rights)?count($objMod->rights):0); } return $ret; diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index 048335201ee..667a2808f58 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -162,12 +162,12 @@ function show_array_actions_to_do($max = 5) $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN "; $sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; $sql .= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep2 > '".$db->idate($now)."'))"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -278,12 +278,12 @@ function show_array_last_actions_done($max = 5) $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a LEFT JOIN "; $sql .= " ".MAIN_DB_PREFIX."c_actioncomm as c ON c.id = a.fk_action "; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE a.entity IN (".getEntity('agenda').")"; $sql .= " AND (a.percent >= 100 OR (a.percent = -1 AND a.datep2 <= '".$db->idate($now)."'))"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/date.lib.php b/htdocs/core/lib/date.lib.php index 8514ab56554..e7ab98ca3b6 100644 --- a/htdocs/core/lib/date.lib.php +++ b/htdocs/core/lib/date.lib.php @@ -115,6 +115,7 @@ function getServerTimeZoneInt($refgmtdate = 'now') * @param int $time Date timestamp (or string with format YYYY-MM-DD) * @param int $duration_value Value of delay to add * @param int $duration_unit Unit of added delay (d, m, y, w, h, i) + * @param int $ruleforendofmonth Change the behavior of PHP over data-interval, 0 or 1 * @return int New timestamp */ function dol_time_plus_duree($time, $duration_value, $duration_unit, $ruleforendofmonth = 0) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 2ff2f0ef5ba..2bd4ada3ad0 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -107,7 +107,7 @@ function dol_dir_list($path, $types = "all", $recursive = 0, $filter = "", $excl if ($dir = opendir($newpath)) { $filedate = ''; $filesize = ''; - + $fileperm = ''; while (false !== ($file = readdir($dir))) { // $file is always a basename (into directory $newpath) if (!utf8_check($file)) { $file = utf8_encode($file); // To be sure data is stored in utf8 in memory diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 98a879410b0..5f014ce3d48 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -44,25 +44,27 @@ include_once DOL_DOCUMENT_ROOT.'/core/lib/json.lib.php'; /** * Return dolibarr global constant string value * @param string $key key to return value, return '' if not set + * @param string $default value to return * @return string */ -function getDolGlobalString($key) +function getDolGlobalString($key, $default = '') { global $conf; - // return $conf->global->$key ?? ''; - return (string) (empty($conf->global->$key) ? '' : $conf->global->$key); + // return $conf->global->$key ?? $default; + return (string) (empty($conf->global->$key) ? $default : $conf->global->$key); } /** * Return dolibarr global constant int value * @param string $key key to return value, return 0 if not set + * @param int $default value to return * @return int */ -function getDolGlobalInt($key) +function getDolGlobalInt($key, $default = 0) { global $conf; - // return $conf->global->$key ?? 0; - return (int) (empty($conf->global->$key) ? 0 : $conf->global->$key); + // return $conf->global->$key ?? $default; + return (int) (empty($conf->global->$key) ? $default : $conf->global->$key); } /** @@ -10520,9 +10522,9 @@ function showValueWithClipboardCPButton($valuetocopy, $showonlyonhover = 1, $tex $tag = 'span'; // Using div does not work when using the js copy code. if ($texttoshow) { - $result = '<'.$tag.' class="clipboardCPValue hidewithsize">'.dol_escape_htmltag($valuetocopy, 1, 1).''.dol_escape_htmltag($texttoshow, 1, 1).''; + $result = '<'.$tag.' class="clipboardCPValue hidewithsize">'.dol_escape_htmltag($valuetocopy, 1, 1).''.dol_escape_htmltag($texttoshow, 1, 1).''; } else { - $result = '<'.$tag.' class="clipboardCPValue">'.dol_escape_htmltag($valuetocopy, 1, 1).''; + $result = '<'.$tag.' class="clipboardCPValue">'.dol_escape_htmltag($valuetocopy, 1, 1).''; } return $result; diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 573f27c1eee..8b61a690910 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -233,7 +233,7 @@ function getCustomerInvoicePieChart($socid = 0) $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -241,7 +241,7 @@ function getCustomerInvoicePieChart($socid = 0) if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -353,7 +353,7 @@ function getPurchaseInvoicePieChart($socid = 0) $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -361,7 +361,7 @@ function getPurchaseInvoicePieChart($socid = 0) if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -609,16 +609,16 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= ", s.rowid as socid, s.email"; $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -633,7 +633,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; $sql .= " cc.rowid, cc.code"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } @@ -757,12 +757,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -879,7 +879,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -887,7 +887,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -984,7 +984,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -992,7 +992,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -1103,12 +1103,12 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = ".Facture::STATUS_VALIDATED; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1289,14 +1289,14 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; $sql .= " AND ff.paye = 0"; $sql .= " AND ff.fk_statut = ".FactureFournisseur::STATUS_VALIDATED; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/order.lib.php b/htdocs/core/lib/order.lib.php index f264eadaf58..0109847c59a 100644 --- a/htdocs/core/lib/order.lib.php +++ b/htdocs/core/lib/order.lib.php @@ -199,7 +199,7 @@ function getCustomerOrderPieChart($socid = 0) $sql = "SELECT count(c.rowid) as nb, c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -207,7 +207,7 @@ function getCustomerOrderPieChart($socid = 0) if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.fk_statut"; diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index bbc6da6a7e4..c66bcdfc2d8 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -311,7 +311,7 @@ function project_prepare_head(Project $project, $moreparam = '') } $head[$h][0] = DOL_URL_ROOT.'/projet/info.php?id='.$project->id; - $head[$h][1] .= $langs->trans("Events"); + $head[$h][1] = $langs->trans("Events"); if (!empty($conf->agenda->enabled) && (!empty($user->rights->agenda->myactions->read) || !empty($user->rights->agenda->allactions->read))) { $head[$h][1] .= '/'; $head[$h][1] .= $langs->trans("Agenda"); diff --git a/htdocs/core/lib/propal.lib.php b/htdocs/core/lib/propal.lib.php index 038ab2a7911..c5d2a647a57 100644 --- a/htdocs/core/lib/propal.lib.php +++ b/htdocs/core/lib/propal.lib.php @@ -178,7 +178,7 @@ function getCustomerProposalPieChart($socid = 0) $sql = "SELECT count(p.rowid) as nb, p.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; @@ -186,7 +186,7 @@ function getCustomerProposalPieChart($socid = 0) if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index be804dc184c..6cc4650bea4 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -279,12 +279,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if ($feature == 'societe') { - if (!$user->rights->societe->lire && !$user->rights->fournisseur->lire) { + if (empty($user->rights->societe->lire) && empty($user->rights->fournisseur->lire)) { $readok = 0; $nbko++; } } elseif ($feature == 'contact') { - if (!$user->rights->societe->contact->lire) { + if (empty($user->rights->societe->contact->lire)) { $readok = 0; $nbko++; } @@ -299,12 +299,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $readok = 0; $nbko++; } } elseif ($feature == 'projet') { - if (!$user->rights->projet->lire && !$user->rights->projet->all->lire) { + if (!$user->rights->projet->lire && empty($user->rights->projet->all->lire)) { $readok = 0; $nbko++; } @@ -314,7 +314,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'payment_supplier') { - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { $readok = 0; $nbko++; } @@ -364,18 +364,18 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f // Check write permission from module (we need to know write permission to create but also to delete drafts record or to upload files) $createok = 1; $nbko = 0; - $wemustcheckpermissionforcreate = (GETPOST('sendit', 'alpha') || GETPOST('linkit', 'alpha') || GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update') || GETPOST('roworder', 'alpha', 2); + $wemustcheckpermissionforcreate = (GETPOST('sendit', 'alpha') || GETPOST('linkit', 'alpha') || in_array(GETPOST('action', 'aZ09'), array('create', 'update', 'add_element_resource', 'confirm_delete_linked_resource')) || GETPOST('roworder', 'alpha', 2)); $wemustcheckpermissionfordeletedraft = ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete'); if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft) { foreach ($featuresarray as $feature) { if ($feature == 'contact') { - if (!$user->rights->societe->contact->creer) { + if (empty($user->rights->societe->contact->creer)) { $createok = 0; $nbko++; } } elseif ($feature == 'produit|service') { - if (!$user->rights->produit->creer && !$user->rights->service->creer) { + if (empty($user->rights->produit->creer) && empty($user->rights->service->creer)) { $createok = 0; $nbko++; } @@ -385,22 +385,22 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $nbko++; } } elseif ($feature == 'commande_fournisseur') { - if (!$user->rights->fournisseur->commande->creer || !$user->rights->supplier_order->creer) { + if (empty($user->rights->fournisseur->commande->creer) || empty($user->rights->supplier_order->creer)) { $createok = 0; $nbko++; } } elseif ($feature == 'banque') { - if (!$user->rights->banque->modifier) { + if (empty($user->rights->banque->modifier)) { $createok = 0; $nbko++; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $createok = 0; $nbko++; } } elseif ($feature == 'import') { - if (!$user->rights->import->run) { + if (empty($user->rights->import->run)) { $createok = 0; $nbko++; } @@ -417,6 +417,9 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->password) { continue; // User can edit its own password } + if ($subfeature == 'user' && $user->id != $objectid && $user->rights->user->user->password) { + continue; // User can edit another user's password + } if (empty($user->rights->$feature->$subfeature->creer) && empty($user->rights->$feature->$subfeature->write) @@ -494,11 +497,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $deleteok = 0; } } elseif ($feature == 'banque') { - if (!$user->rights->banque->modifier) { + if (empty($user->rights->banque->modifier)) { $deleteok = 0; } } elseif ($feature == 'cheque') { - if (!$user->rights->banque->cheque) { + if (empty($user->rights->banque->cheque)) { $deleteok = 0; } } elseif ($feature == 'ecm') { @@ -514,7 +517,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f $deleteok = 0; } } elseif ($feature == 'adherent') { - if (!$user->rights->adherent->supprimer) { + if (empty($user->rights->adherent->supprimer)) { $deleteok = 0; } } elseif (!empty($feature2)) { // This is for permissions on 2 levels @@ -662,7 +665,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta if ($user->socid <> $objectid) { return false; } - } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) { + } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) { // If internal user: Check permission for internal users that are restricted on their objects $sql = "SELECT COUNT(sc.fk_soc) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe_commerciaux as sc"; @@ -685,7 +688,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql .= " WHERE dbt.".$dbt_select." IN (".$db->sanitize($objectid, 1).")"; $sql .= " AND dbt.fk_soc = ".((int) $user->socid); - } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && !$user->rights->societe->client->voir)) { + } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) { // If internal user: Check permission for internal users that are restricted on their objects $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb"; $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; @@ -755,7 +758,7 @@ function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $ta $sql .= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql .= " WHERE dbt.rowid IN (".$db->sanitize($objectid, 1).")"; $sql .= " AND dbt.".$dbt_keyfield." = ".((int) $user->socid); - } elseif (!empty($conf->societe->enabled) && !$user->rights->societe->client->voir) { + } elseif (!empty($conf->societe->enabled) && empty($user->rights->societe->client->voir)) { // If internal user: Check permission for internal users that are restricted on their objects if ($feature != 'ticket') { if (empty($dbt_keyfield)) { diff --git a/htdocs/core/modules/modMultiCurrency.class.php b/htdocs/core/modules/modMultiCurrency.class.php index e89a2a4fe3e..98d7222f082 100644 --- a/htdocs/core/modules/modMultiCurrency.class.php +++ b/htdocs/core/modules/modMultiCurrency.class.php @@ -302,7 +302,7 @@ class modMultiCurrency extends DolibarrModules $multicurrency = new MultiCurrency($this->db); - if (! $multicurrency->checkCodeAlreadyExists($conf->currency)) { + if (!$multicurrency->checkCodeAlreadyExists($conf->currency)) { $langs->loadCacheCurrencies(''); $multicurrency->code = $conf->currency; diff --git a/htdocs/core/modules/modPropale.class.php b/htdocs/core/modules/modPropale.class.php index b46671eae01..1374e70d6d4 100644 --- a/htdocs/core/modules/modPropale.class.php +++ b/htdocs/core/modules/modPropale.class.php @@ -23,7 +23,7 @@ /** * \defgroup propale Module commercial proposals - * \brief Module pour gerer la tenue de propositions commerciales + * \brief Module to manage commercial proposals * \file htdocs/core/modules/modPropale.class.php * \ingroup propale * \brief Description and activation file for the module customer proposal @@ -36,7 +36,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php'; */ class modPropale extends DolibarrModules { - /** * Constructor. Define names, constants, directories, boxes, permissions * diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php index 5904db84398..215987054ce 100644 --- a/htdocs/core/modules/rapport/pdf_paiement.class.php +++ b/htdocs/core/modules/rapport/pdf_paiement.class.php @@ -196,7 +196,7 @@ class pdf_paiement $sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,"; } $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facture = f.rowid AND pf.fk_paiement = p.rowid"; @@ -205,7 +205,7 @@ class pdf_paiement } $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { @@ -234,7 +234,7 @@ class pdf_paiement $sql .= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,"; } $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid AND pf.fk_facturefourn = f.rowid AND pf.fk_paiementfourn = p.rowid"; @@ -243,7 +243,7 @@ class pdf_paiement } $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year, $month))."' AND '".$this->db->idate(dol_get_last_day($year, $month))."'"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php index 374f381c098..654435dad89 100644 --- a/htdocs/core/photos_resize.php +++ b/htdocs/core/photos_resize.php @@ -68,7 +68,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'member') { $result = restrictedArea($user, 'adherent', $id, '', '', 'fk_soc', 'rowid'); - if (!$user->rights->adherent->lire) { + if (empty($user->rights->adherent->lire)) { accessforbidden(); } $accessallowed = 1; @@ -86,7 +86,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'bank') { $result = restrictedArea($user, 'banque', $id, 'bank_account'); - if (!$user->rights->banque->lire) { + if (empty($user->rights->banque->lire)) { accessforbidden(); } $accessallowed = 1; @@ -98,7 +98,7 @@ if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'serv $accessallowed = 1; } elseif ($modulepart == 'facture_fourn' || $modulepart == 'facture_fournisseur') { $result = restrictedArea($user, 'fournisseur', $id, 'facture_fourn', 'facture'); - if (!$user->rights->fournisseur->facture->lire) { + if (empty($user->rights->fournisseur->facture->lire)) { accessforbidden(); } $accessallowed = 1; diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index 6750cc0b1a5..0c1d34efa08 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -93,7 +93,10 @@ if (isset($extrafields->attributes[$elementtype]['type']) && is_array($extrafiel // Key print "".dol_escape_htmltag($key)."\n"; // Type - print "".dol_escape_htmltag($type2label[$extrafields->attributes[$elementtype]['type'][$key]])."\n"; + $typetoshow = $type2label[$extrafields->attributes[$elementtype]['type'][$key]]; + print ''; + print dol_escape_htmltag($typetoshow); + print "\n"; // Size print ''.dol_escape_htmltag($extrafields->attributes[$elementtype]['size'][$key])."\n"; // Computed field diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php index 212e766589c..7cc95c81fe0 100644 --- a/htdocs/core/tpl/card_presend.tpl.php +++ b/htdocs/core/tpl/card_presend.tpl.php @@ -210,6 +210,9 @@ if ($action == 'presend') { } // Make substitution in email content + if ($object) { + $formmail->setSubstitFromObject($object, $langs); + } $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, $arrayoffamiliestoexclude, $object); $substitutionarray['__CHECK_READ__'] = (is_object($object) && is_object($object->thirdparty)) ? '' : ''; $substitutionarray['__PERSONALIZED__'] = ''; // deprecated diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index adf90e204bb..00a22934f78 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -19,13 +19,8 @@ if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafield foreach ($extrafields->attributes[$extrafieldsobjectkey]['label'] as $key => $val) { if (!empty($arrayfields[$extrafieldsobjectprefix.$key]['checked'])) { - $align = $extrafields->getAlignFlag($key, $extrafieldsobjectkey); - print ''; + $cssclass = $extrafields->getAlignFlag($key, $extrafieldsobjectkey); + $tmpkey = 'options_'.$key; if (in_array($extrafields->attributes[$extrafieldsobjectkey]['type'][$key], array('date', 'datetime', 'timestamp')) && !is_numeric($obj->$tmpkey)) { @@ -47,8 +42,16 @@ if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafield //var_dump($value); } - print $extrafields->showOutputField($key, $value, '', $extrafieldsobjectkey); + $valuetoshow = $extrafields->showOutputField($key, $value, '', $extrafieldsobjectkey); + $title = dol_string_nohtmltag($valuetoshow); + + print ''; + print $valuetoshow; print ''; + if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php index 520a0a20a72..5fd339918fa 100644 --- a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php +++ b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php @@ -73,7 +73,7 @@ class DolLogsCollector extends MessagesCollector { global $conf; - $uselogfile = $conf->global->DEBUGBAR_USE_LOGFILE; + $uselogfile = getDolGlobalInt('DEBUGBAR_USE_LOGFILE'); if ($uselogfile) { $this->getStorageLogs($this->path); diff --git a/htdocs/debugbar/class/DataCollector/DolibarrCollector.php b/htdocs/debugbar/class/DataCollector/DolibarrCollector.php index 2e11887360f..c69ebb9a121 100644 --- a/htdocs/debugbar/class/DataCollector/DolibarrCollector.php +++ b/htdocs/debugbar/class/DataCollector/DolibarrCollector.php @@ -86,12 +86,12 @@ class DolibarrCollector extends DataCollector implements Renderable, AssetProvid global $conf, $langs; global $dolibarr_mailing_limit_sendbyweb; - $info = $langs->trans('Method').': '.$conf->global->MAIN_MAIL_SENDMODE.'
    '; - $info .= $langs->trans('Server').': '.$conf->global->MAIN_MAIL_SMTP_SERVER.'
    '; - $info .= $langs->trans('Port').': '.$conf->global->MAIN_MAIL_SMTP_PORT.'
    '; - $info .= $langs->trans('ID').': '.$conf->global->MAIN_MAIL_SMTPS_ID.'
    '; - $info .= $langs->trans('Pwd').': '.preg_replace('/./', '*', $conf->global->MAIN_MAIL_SMTPS_PW).'
    '; - $info .= $langs->trans('TLS/STARTTLS').': '.(empty($conf->global->MAIN_MAIL_EMAIL_TLS) ? '' : $conf->global->MAIN_MAIL_EMAIL_TLS).' / '.(empty($conf->global->MAIN_MAIL_EMAIL_STARTTLS) ? '' : $conf->global->MAIN_MAIL_EMAIL_STARTTLS).'
    '; + $info = $langs->trans('Method').': '.getDolGlobalString("MAIN_MAIL_SENDMODE").'
    '; + $info .= $langs->trans('Server').': '.getDolGlobalString("MAIN_MAIL_SMTP_SERVER").'
    '; + $info .= $langs->trans('Port').': '.getDolGlobalString("MAIN_MAIL_SMTP_PORT").'
    '; + $info .= $langs->trans('ID').': '.getDolGlobalString("MAIN_MAIL_SMTPS_IDT").'
    '; + $info .= $langs->trans('Pwd').': '.preg_replace('/./', '*', getDolGlobalString("MAIN_MAIL_SMTPS_PW")).'
    '; + $info .= $langs->trans('TLS/STARTTLS').': '.getDolGlobalString("MAIN_MAIL_EMAIL_TLS").' / '.getDolGlobalString("MAIN_MAIL_EMAIL_STARTTLS").'
    '; $info .= $langs->trans('MAIN_DISABLE_ALL_MAILS').': '.(empty($conf->global->MAIN_DISABLE_ALL_MAILS) ? $langs->trans('No') : $langs->trans('Yes')).'
    '; $info .= 'dolibarr_mailing_limit_sendbyweb = '.$dolibarr_mailing_limit_sendbyweb.'
    '; diff --git a/htdocs/delivery/card.php b/htdocs/delivery/card.php index cca399f43af..eededc31aa2 100644 --- a/htdocs/delivery/card.php +++ b/htdocs/delivery/card.php @@ -114,7 +114,7 @@ if ($action == 'add') { $idl = "idl".$i; $qtytouse = price2num(GETPOST($qty)); if ($qtytouse > 0) { - $object->addline(GETPOST($idl), price2num($qtytouse)); + $object->addline(GETPOST($idl), price2num($qtytouse), $arrayoptions); } } @@ -603,23 +603,26 @@ if ($action == 'create') { // Create. Seems to no be used print ""; // Display lines extrafields - if (!empty($extrafields)) { + //if (!empty($extrafields)) { $colspan = 2; $mode = ($object->statut == 0) ? 'edit' : 'view'; $object->lines[$i]->fetch_optionals(); - if ($action == 'create_delivery') { - $srcLine = new ExpeditionLigne($db); + if ($action == 'create_delivery') { + $srcLine = new ExpeditionLigne($db); + $extrafields->fetch_name_optionals_label($srcLine->table_element); + $srcLine->id = $expedition->lines[$i]->id; + $srcLine->fetch_optionals(); + + $object->lines[$i]->array_options = array_merge($object->lines[$i]->array_options, $srcLine->array_options); + } else { + $srcLine = new DeliveryLine($db); $extrafields->fetch_name_optionals_label($srcLine->table_element); - $srcLine->id = $expedition->lines[$i]->id; - $srcLine->fetch_optionals(); - - $object->lines[$i]->array_options = array_merge($object->lines[$i]->array_options, $srcLine->array_options); - } - print $object->lines[$i]->showOptionals($extrafields, $mode, array('style' => 'class="oddeven"', 'colspan' => $colspan), $i); } + print $object->lines[$i]->showOptionals($extrafields, $mode, array('style' => 'class="oddeven"', 'colspan' => $colspan), ''); + //} } $i++; @@ -689,11 +692,11 @@ if ($action == 'create') { // Create. Seems to no be used } - print '
    '; + print '
    '; // Nothing on right - print '
    '; + print ''; } else { /* Expedition non trouvee */ print "Expedition inexistante ou acces refuse"; diff --git a/htdocs/delivery/class/delivery.class.php b/htdocs/delivery/class/delivery.class.php index c16da2bd608..8937de62fdf 100644 --- a/htdocs/delivery/class/delivery.class.php +++ b/htdocs/delivery/class/delivery.class.php @@ -211,7 +211,7 @@ class Delivery extends CommonObject $origin_id = $this->lines[$i]->commande_ligne_id; // For backward compatibility } - if (!$this->create_line($origin_id, $this->lines[$i]->qty, $this->lines[$i]->fk_product, $this->lines[$i]->description)) { + if (!$this->create_line($origin_id, $this->lines[$i]->qty, $this->lines[$i]->fk_product, $this->lines[$i]->description, $this->lines[$i]->array_options)) { $error++; } } @@ -262,9 +262,10 @@ class Delivery extends CommonObject * @param string $qty Quantity * @param string $fk_product Id of predefined product * @param string $description Description + * @param array $array_options Array options * @return int <0 if KO, >0 if OK */ - public function create_line($origin_id, $qty, $fk_product, $description) + public function create_line($origin_id, $qty, $fk_product, $description, $array_options = null) { // phpcs:enable $error = 0; @@ -283,6 +284,15 @@ class Delivery extends CommonObject $error++; } + $id = $this->db->last_insert_id(MAIN_DB_PREFIX."deliverydet"); + + if (is_array($array_options) && count($array_options) > 0) { + $line = new DeliveryLine($this->db); + $line->id = $id; + $line->array_options = $array_options; + $result = $line->insertExtraFields(); + } + if ($error == 0) { return 1; } @@ -531,7 +541,9 @@ class Delivery extends CommonObject $line->description = $expedition->lines[$i]->description; $line->qty = $expedition->lines[$i]->qty_shipped; $line->fk_product = $expedition->lines[$i]->fk_product; - + if (empty($conf->global->MAIN_EXTRAFIELDS_DISABLED) && is_array($expedition->lines[$i]->array_options) && count($expedition->lines[$i]->array_options) > 0) { // For avoid conflicts if trigger used + $line->array_options = $expedition->lines[$i]->array_options; + } $this->lines[$i] = $line; } @@ -589,18 +601,23 @@ class Delivery extends CommonObject /** * Add line * - * @param int $origin_id Origin id - * @param int $qty Qty + * @param int $origin_id Origin id + * @param int $qty Qty + * @param array $array_options Array options * @return void */ - public function addline($origin_id, $qty) + public function addline($origin_id, $qty, $array_options = null) { - $num = count($this->lines); + global $conf; + + $num = count($this->lines); $line = new DeliveryLine($this->db); $line->origin_id = $origin_id; $line->qty = $qty; - + if (empty($conf->global->MAIN_EXTRAFIELDS_DISABLED) && is_array($array_options) && count($array_options) > 0) { // For avoid conflicts if trigger used + $line->array_options = $array_options; + } $this->lines[$num] = $line; } diff --git a/htdocs/document.php b/htdocs/document.php index 3c06801c9a0..7fc0dd6fff3 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -119,7 +119,7 @@ if ($user->socid > 0) { // For some module part, dir may be privates if (in_array($modulepart, array('facture_paiement', 'unpaid'))) { - if (!$user->rights->societe->client->voir || $socid) { + if (empty($user->rights->societe->client->voir) || $socid) { $original_file = 'private/'.$user->id.'/'.$original_file; // If user has no permission to see all, output dir is specific to user } } @@ -195,9 +195,11 @@ if (!in_array($type, array('text/x-javascript')) && !dolIsAllowedForPreview($ori } // Security: Delete string ../ or ..\ into $original_file +$original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' $original_file = str_replace('../', '/', $original_file); $original_file = str_replace('..\\', '/', $original_file); + // Find the subdirectory name as the reference $refname = basename(dirname($original_file)."/"); diff --git a/htdocs/don/card.php b/htdocs/don/card.php index 88525776811..6bfa9130363 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -778,7 +778,6 @@ if (!empty($id) && $action != 'edit') { print ''; print '
    '; - print '
    '; /* * Payments @@ -788,7 +787,7 @@ if (!empty($id) && $action != 'edit') { $sql .= " FROM ".MAIN_DB_PREFIX."payment_donation as p"; $sql .= ", ".MAIN_DB_PREFIX."c_paiement as c "; $sql .= ", ".MAIN_DB_PREFIX."don as d"; - $sql .= " WHERE d.rowid = '".$id."'"; + $sql .= " WHERE d.rowid = ".((int) $id); $sql .= " AND p.fk_donation = d.rowid"; $sql .= " AND d.entity IN (".getEntity('donation').")"; $sql .= " AND p.fk_typepayment = c.id"; @@ -836,7 +835,6 @@ if (!empty($id) && $action != 'edit') { dol_print_error($db); } - print '
    '; print '
    '; print ''; @@ -919,9 +917,9 @@ if (!empty($id) && $action != 'edit') { print showOnlinePaymentUrl('donation', $object->ref).'
    '; } - print '
    '; + print '
    '; - print '
    '; + print ''; } llxFooter(); diff --git a/htdocs/don/document.php b/htdocs/don/document.php index 52e33a26cb4..51227a07ef4 100644 --- a/htdocs/don/document.php +++ b/htdocs/don/document.php @@ -80,6 +80,8 @@ $object->fetch($id, $ref); $upload_dir = $conf->don->dir_output.'/'.get_exdir($filename, 0, 0, 0, $object, 'donation').'/'.dol_sanitizeFileName($object->ref); $modulepart = 'don'; +$permissiontoadd = $user->rights->don->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/don/index.php b/htdocs/don/index.php index 36323d332b7..85e2eb3e48f 100644 --- a/htdocs/don/index.php +++ b/htdocs/don/index.php @@ -190,7 +190,7 @@ print ''; print ""; -print '
    '; +print '
    '; $max = 10; @@ -252,7 +252,7 @@ if ($resql) { } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardDonation', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/don/stats/index.php b/htdocs/don/stats/index.php index 23e6c0a46c0..bb7d6b314aa 100644 --- a/htdocs/don/stats/index.php +++ b/htdocs/don/stats/index.php @@ -70,7 +70,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png'; @@ -105,7 +105,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -143,7 +143,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png'; } @@ -276,7 +276,7 @@ print ''; print ''; -print '
    '; +print '
    '; // Show graphs @@ -293,7 +293,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/ecm/class/ecmdirectory.class.php b/htdocs/ecm/class/ecmdirectory.class.php index aed93b51f6f..03413a56eb1 100644 --- a/htdocs/ecm/class/ecmdirectory.class.php +++ b/htdocs/ecm/class/ecmdirectory.class.php @@ -197,7 +197,7 @@ class EcmDirectory extends CommonObject $sql .= " '".$this->db->escape($this->description)."',"; $sql .= " ".((int) $this->cachenbofdoc).","; $sql .= " '".$this->db->idate($this->date_c)."',"; - $sql .= " ".($this->fk_user_c > 0 ? ((int) $this->fk_user_c) : "null").","; + $sql .= " ".($this->fk_user_c > 0 ? ((int) $this->fk_user_c) : "null"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/ecm/index_auto.php b/htdocs/ecm/index_auto.php index e737d1b62a2..1310936ca83 100644 --- a/htdocs/ecm/index_auto.php +++ b/htdocs/ecm/index_auto.php @@ -341,6 +341,7 @@ if (!empty($conf->global->ECM_AUTO_TREE_ENABLED)) { } if (!empty($conf->projet->enabled)) { $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'project', 'test'=>$conf->projet->enabled, 'label'=>$langs->trans("Projects"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("Projects"))); + $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'project_task', 'test'=>$conf->projet->enabled, 'label'=>$langs->trans("Tasks"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("Tasks"))); } if (!empty($conf->ficheinter->enabled)) { $langs->load("interventions"); $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'fichinter', 'test'=>$conf->ficheinter->enabled, 'label'=>$langs->trans("Interventions"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("Interventions"))); @@ -353,6 +354,7 @@ if (!empty($conf->global->ECM_AUTO_TREE_ENABLED)) { } if (!empty($conf->banque->enabled)) { $langs->load("banks"); $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'banque', 'test'=>$conf->banque->enabled, 'label'=>$langs->trans("BankAccount"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("BankAccount"))); + $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'chequereceipt', 'test'=>$conf->banque->enabled, 'label'=>$langs->trans("CheckReceipt"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("CheckReceipt"))); } if (!empty($conf->mrp->enabled)) { $langs->load("mrp"); $rowspan++; $sectionauto[] = array('level'=>1, 'module'=>'mrp-mo', 'test'=>$conf->mrp->enabled, 'label'=>$langs->trans("MOs"), 'desc'=>$langs->trans("ECMDocsBy", $langs->transnoentitiesnoconv("ManufacturingOrders"))); diff --git a/htdocs/eventorganization/class/conferenceorboothattendee.class.php b/htdocs/eventorganization/class/conferenceorboothattendee.class.php index df955a617ba..96131aa5946 100644 --- a/htdocs/eventorganization/class/conferenceorboothattendee.class.php +++ b/htdocs/eventorganization/class/conferenceorboothattendee.class.php @@ -100,7 +100,7 @@ class ConferenceOrBoothAttendee extends CommonObject /** * @var array Array with all fields and their property. Do not use it as a static var. It may be modified by constructor. */ - public $fields=array( + public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'css'=>'left', 'comment'=>"Id"), 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>2, 'index'=>1, 'comment'=>"Reference of object"), 'fk_actioncomm' => array('type'=>'integer:ActionComm:comm/action/class/actioncomm.class.php:1', 'label'=>'ConferenceOrBooth', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>0, 'index'=>1, 'picto'=>'agenda'), @@ -119,7 +119,7 @@ class ConferenceOrBoothAttendee extends CommonObject 'last_main_doc' => array('type'=>'varchar(255)', 'label'=>'LastMainDoc', 'enabled'=>'1', 'position'=>600, 'notnull'=>0, 'visible'=>0,), 'import_key' => array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,), 'model_pdf' => array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>'1', 'position'=>1010, 'notnull'=>-1, 'visible'=>0,), - 'status' => array('type'=>'smallint', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'default'=>0,'notnull'=>1, 'visible'=>1, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Validated', '9'=>'Canceled'),), + 'status' => array('type'=>'smallint', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'default'=>0, 'notnull'=>1, 'visible'=>1, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Validated', '9'=>'Canceled'),), ); public $rowid; public $ref; @@ -787,7 +787,7 @@ class ConferenceOrBoothAttendee extends CommonObject } if ($option == 'conforboothidproject') { - $url .= '&conforboothid='.((int) $this->fk_actioncomm).'&withproject=1' ; + $url .= '&conforboothid='.((int) $this->fk_actioncomm).'&withproject=1'; } } diff --git a/htdocs/eventorganization/conferenceorbooth_card.php b/htdocs/eventorganization/conferenceorbooth_card.php index fafbd0a6f8b..8fa1f1ec288 100644 --- a/htdocs/eventorganization/conferenceorbooth_card.php +++ b/htdocs/eventorganization/conferenceorbooth_card.php @@ -200,7 +200,7 @@ if (!empty($withproject)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -282,7 +282,6 @@ if (!empty($withproject)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -341,7 +340,6 @@ if (!empty($withproject)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/eventorganization/conferenceorbooth_contact.php b/htdocs/eventorganization/conferenceorbooth_contact.php index 3b135c21dc4..6f921848881 100644 --- a/htdocs/eventorganization/conferenceorbooth_contact.php +++ b/htdocs/eventorganization/conferenceorbooth_contact.php @@ -181,7 +181,7 @@ if (!empty($withproject)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -263,7 +263,6 @@ if (!empty($withproject)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -322,7 +321,6 @@ if (!empty($withproject)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/eventorganization/conferenceorbooth_document.php b/htdocs/eventorganization/conferenceorbooth_document.php index 8b064c12b72..537005761d2 100644 --- a/htdocs/eventorganization/conferenceorbooth_document.php +++ b/htdocs/eventorganization/conferenceorbooth_document.php @@ -138,7 +138,7 @@ if (!empty($withproject)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -220,7 +220,6 @@ if (!empty($withproject)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -279,7 +278,6 @@ if (!empty($withproject)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/eventorganization/conferenceorbooth_list.php b/htdocs/eventorganization/conferenceorbooth_list.php index d6266ec241e..198f169a390 100644 --- a/htdocs/eventorganization/conferenceorbooth_list.php +++ b/htdocs/eventorganization/conferenceorbooth_list.php @@ -282,13 +282,13 @@ if ($projectid > 0) { // Title $morehtmlref .= $project->title; // Thirdparty - if ($project->thirdparty->id > 0) { + if (isset($project->thirdparty->id) && $project->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$project->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->project->all->lire) { + if (empty($user->rights->project->all->lire)) { $objectsListId = $project->getProjectsAuthorizedForUser($user, 0, 0); $project->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; } @@ -370,7 +370,6 @@ if ($projectid > 0) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -422,7 +421,7 @@ if ($projectid > 0) { // Show message $message = 'global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : '...'); + $message .= '&exportkey='.urlencode(getDolGlobalString('MAIN_AGENDA_XCAL_EXPORTKEY', '...')); $message .= "&project=".$projectid.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').img_picto('', 'download', 'class="paddingleft"').''; print $message; print ""; @@ -434,7 +433,7 @@ if ($projectid > 0) { //print ''; print '
    '; $linksuggest = $dolibarr_main_url_root.'/public/project/index.php?id='.((int) $project->id); - $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.((int) $project->id), 'md5'); + $encodedsecurekey = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY').'conferenceorbooth'.((int) $project->id), 'md5'); $linksuggest .= '&securekey='.urlencode($encodedsecurekey); //print '
    '; //print ''; @@ -451,7 +450,7 @@ if ($projectid > 0) { //print ''; print '
    		'; $link_subscription = $dolibarr_main_url_root.'/public/eventorganization/attendee_new.php?id='.((int) $project->id).'&type=global'; - $encodedsecurekey = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.((int) $project->id), 'md5'); + $encodedsecurekey = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY').'conferenceorbooth'.((int) $project->id), 'md5'); $link_subscription .= '&securekey='.urlencode($encodedsecurekey); //print '
    '; //print ''; @@ -463,7 +462,6 @@ if ($projectid > 0) { print '
    '; - print '
    '; print '
    '; print ''; @@ -487,7 +485,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -700,6 +698,7 @@ print ''; foreach ($object->fields as $key => $val) { $cssforfield = (empty($val['css']) ? '' : $val['css']); + $searchkey = (empty($search[$key]) ? '' : $search[$key]); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) { @@ -712,11 +711,11 @@ foreach ($object->fields as $key => $val) { if (!empty($arrayfields['t.'.$key]['checked'])) { print '
    '; if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) { - print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $search[$key], $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); + print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $searchkey, $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:')=== 0)) { - print $object->showInputField($val, $key, $search[$key], '', '', 'search_', 'maxwidth125', 1); + print $object->showInputField($val, $key, $searchkey, '', '', 'search_', 'maxwidth125', 1); } elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) { - print ''; + print ''; } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print '
    '; print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); diff --git a/htdocs/eventorganization/conferenceorboothattendee_card.php b/htdocs/eventorganization/conferenceorboothattendee_card.php index b76a80020b6..5eb44b931c5 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_card.php +++ b/htdocs/eventorganization/conferenceorboothattendee_card.php @@ -202,7 +202,7 @@ $title = $langs->trans("ConferenceOrBoothAttendee"); $help_url = ''; llxHeader('', $title, $help_url); -$result = $projectstatic->fetch(empty($confOrBooth->fk_project)?$fk_project:$confOrBooth->fk_project); +$result = $projectstatic->fetch(empty($confOrBooth->fk_project) ? $fk_project : $confOrBooth->fk_project); if (!empty($conf->global->PROJECT_ALLOW_COMMENT_ON_PROJECT) && method_exists($projectstatic, 'fetchComments') && empty($projectstatic->comments)) { $projectstatic->fetchComments(); } @@ -235,7 +235,7 @@ if (!empty($withproject)) { $morehtmlref .= '
    '; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -317,7 +317,6 @@ if (!empty($withproject)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -410,7 +409,6 @@ if (!empty($withproject)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/eventorganization/conferenceorboothattendee_list.php b/htdocs/eventorganization/conferenceorboothattendee_list.php index 3fe20e3c814..c237fcd0bbd 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_list.php +++ b/htdocs/eventorganization/conferenceorboothattendee_list.php @@ -266,7 +266,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks @@ -412,7 +412,7 @@ if ($projectstatic->id > 0 || $confOrBooth > 0) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -497,7 +497,6 @@ if ($projectstatic->id > 0 || $confOrBooth > 0) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -590,7 +589,6 @@ if ($projectstatic->id > 0 || $confOrBooth > 0) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/eventorganization/eventorganizationindex.php b/htdocs/eventorganization/eventorganizationindex.php index d708883c249..77c2ec512f4 100644 --- a/htdocs/eventorganization/eventorganizationindex.php +++ b/htdocs/eventorganization/eventorganizationindex.php @@ -144,7 +144,7 @@ if (! empty($conf->eventorganization->enabled) && $user->rights->eventorganizati END MODULEBUILDER DRAFT MYOBJECT */ -print '
    '; +print '
    '; $NBMAX = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; @@ -205,7 +205,7 @@ if (! empty($conf->eventorganization->enabled) && $user->rights->eventorganizati } */ -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index a35a7739144..03938003dfb 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -122,7 +122,7 @@ if ($user->socid) { $result = restrictedArea($user, 'expedition', $object->id, ''); $permissiondellink = $user->rights->expedition->delivery->creer; // Used by the include of actions_dellink.inc.php -//var_dump($object->lines[0]->detail_batch); +$permissiontoadd = $user->rights->expedition->creer; /* @@ -152,7 +152,6 @@ if (empty($reshook)) { // Actions to build doc $upload_dir = $conf->expedition->dir_output.'/sending'; - $permissiontoadd = $user->rights->expedition->creer; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; // Reopen @@ -1893,7 +1892,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -1964,7 +1962,6 @@ if ($action == 'create') { print "
    "; - print '
    '; print '
    '; print ''; @@ -2544,14 +2541,14 @@ if ($action == 'create') { $somethingshown = $form->showLinkedObjectBlock($object, ''); - print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'shipping', $socid, 1); - print '
    '; + print ''; } diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 14b09651756..50360f4365f 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -443,7 +443,7 @@ class Expedition extends CommonObject * @param array $array_options extrafields array * @return int <0 if KO, line_id if OK */ - public function create_line($entrepot_id, $origin_line_id, $qty, $rang = 0, $array_options = 0) + public function create_line($entrepot_id, $origin_line_id, $qty, $rang = 0, $array_options = null) { //phpcs:enable global $user; diff --git a/htdocs/expedition/class/expeditionstats.class.php b/htdocs/expedition/class/expeditionstats.class.php index 3c1bef04d09..8eb31896f38 100644 --- a/htdocs/expedition/class/expeditionstats.class.php +++ b/htdocs/expedition/class/expeditionstats.class.php @@ -73,7 +73,7 @@ class ExpeditionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -97,7 +97,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -121,7 +121,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -142,7 +142,7 @@ class ExpeditionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/expedition/contact.php b/htdocs/expedition/contact.php index ac0c068bfc9..f3723ed534b 100644 --- a/htdocs/expedition/contact.php +++ b/htdocs/expedition/contact.php @@ -221,11 +221,9 @@ if ($id > 0 || !empty($ref)) { //print ''; //print '
    '; - //print '
    '; //print '
    '; - //print '
    '; //print '
    '; print ''; diff --git a/htdocs/expedition/document.php b/htdocs/expedition/document.php index ee0014a2f8d..df88cbe7a3f 100644 --- a/htdocs/expedition/document.php +++ b/htdocs/expedition/document.php @@ -76,6 +76,8 @@ if ($user->socid) { } $result = restrictedArea($user, 'expedition', $object->id, ''); +$permissiontoadd = $user->rights->expedition->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/expedition/index.php b/htdocs/expedition/index.php index 173cc1889bc..49777518509 100644 --- a/htdocs/expedition/index.php +++ b/htdocs/expedition/index.php @@ -66,7 +66,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; @@ -124,7 +124,7 @@ if ($resql) { //print '    		'; -print '
    '; +print '
    '; $max = 5; @@ -138,11 +138,11 @@ $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = ".Expedition::STATUS_VALIDATED; @@ -208,7 +208,7 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.ref_client as ref_customer, c.fk_statut as status, c.facture as billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -217,7 +217,7 @@ $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; @@ -283,7 +283,7 @@ if ($resql) { } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardWarehouseSendings', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index 391628a9d38..ac5704511ef 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -277,7 +277,7 @@ if ($search_user > 0) { // Get link to order to get the order id in eesource.fk $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as eesource ON eesource.fk_target = e.rowid AND eesource.targettype = 'shipping' AND eesource.sourcetype = 'commande'"; } // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -291,7 +291,7 @@ if ($search_product_category > 0) { if ($socid > 0) { $sql .= ' AND s.rowid = '.$socid; } -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; $sql .= " AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index 66546523f11..5ea49982d5c 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -554,7 +554,6 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -601,14 +600,12 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; print '

    '; - /** * Lines or orders with quantity shipped and remain to ship * Note: Qty shipped are already available into $object->expeditions[fk_product] diff --git a/htdocs/expedition/stats/index.php b/htdocs/expedition/stats/index.php index 42cac2d3c92..fc8d69e4ce7 100644 --- a/htdocs/expedition/stats/index.php +++ b/htdocs/expedition/stats/index.php @@ -75,7 +75,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/shipmentsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/shipmentsnbinyear-'.$year.'.png'; @@ -110,7 +110,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/shipmentsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -148,7 +148,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/shipmentsaverage-'.$user->id.'-'.$year.'.png'; } @@ -291,7 +291,7 @@ print '
    '; print ''; -print '
    '; +print '
    '; // Show graphs @@ -308,7 +308,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 2942358545b..b711a65d25a 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -139,6 +139,8 @@ if ($user->socid) { } $result = restrictedArea($user, 'expensereport', $object->id, 'expensereport'); +$permissiontoadd = $user->rights->expensereport->creer; // Used by the include of actions_dellink.inc.php + /* * Actions @@ -1339,7 +1341,6 @@ if (empty($reshook)) { // Actions to build doc $upload_dir = $conf->expensereport->dir_output; - $permissiontoadd = $user->rights->expensereport->creer; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; } @@ -1850,7 +1851,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -1903,7 +1903,7 @@ if ($action == 'create') { $nbcols++; } - print '
    '; + print '
    '; print ''; print ''; @@ -1924,7 +1924,7 @@ if ($action == 'create') { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as c ON p.fk_typepayment = c.id"; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; - $sql .= " WHERE e.rowid = '".$id."'"; + $sql .= " WHERE e.rowid = ".((int) $id); $sql .= " AND p.fk_expensereport = e.rowid"; $sql .= ' AND e.entity IN ('.getEntity('expensereport').')'; $sql .= " ORDER BY dp"; @@ -2002,7 +2002,6 @@ if ($action == 'create') { } print "
    '.$langs->trans('Payments').'
    "; - print '
    '; print '
    '; print ''; @@ -2758,13 +2757,13 @@ if ($action != 'presend') { } */ - print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'expensereport', null); - print '
    '; + print ''; } // Presend form diff --git a/htdocs/expensereport/document.php b/htdocs/expensereport/document.php index d7ecea8fcc9..8c3b5f56549 100644 --- a/htdocs/expensereport/document.php +++ b/htdocs/expensereport/document.php @@ -44,13 +44,6 @@ $confirm = GETPOST('confirm', 'alpha'); $childids = $user->getAllChildIds(1); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'expensereport', $id, 'expensereport'); - - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -81,6 +74,12 @@ $modulepart = 'trip'; // Load object //include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'expensereport', $id, 'expensereport'); + if ($object->id > 0) { // Check current user can read this expense report $canread = 0; @@ -95,6 +94,8 @@ if ($object->id > 0) { } } +$permissiontoadd = $user->rights->expensereport->creer; // Used by the include of actions_dellink.inc.php + /* * Actions diff --git a/htdocs/expensereport/index.php b/htdocs/expensereport/index.php index c87cc08fb40..d731c4c8c82 100644 --- a/htdocs/expensereport/index.php +++ b/htdocs/expensereport/index.php @@ -185,7 +185,7 @@ print ''; // Right area -print '
    '; +print '
    '; $max = 10; @@ -265,7 +265,7 @@ if ($result) { dol_print_error($db); } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardExpenseReport', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/expensereport/stats/index.php b/htdocs/expensereport/stats/index.php index 5f8a9f628b5..500fe874747 100644 --- a/htdocs/expensereport/stats/index.php +++ b/htdocs/expensereport/stats/index.php @@ -146,7 +146,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/ordersaverage-'.$user->id.'-'.$year.'.png'; if ($mode == 'customer') { $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=ordersaverage-'.$user->id.'-'.$year.'.png'; @@ -292,7 +292,7 @@ foreach ($data as $val) { print ''; print ''; -print '
    '; +print '
    '; // Show graphs @@ -309,7 +309,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; diff --git a/htdocs/fichinter/card-rec.php b/htdocs/fichinter/card-rec.php index d74e0a5c5e8..fb7ea015495 100644 --- a/htdocs/fichinter/card-rec.php +++ b/htdocs/fichinter/card-rec.php @@ -573,7 +573,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; $title = $langs->trans("Recurrence"); @@ -674,7 +673,6 @@ if ($action == 'create') { print '
    '; } - print '
    '; print '
    '; print ''; @@ -761,7 +759,7 @@ if ($action == 'create') { $sql .= " FROM ".MAIN_DB_PREFIX."fichinter_rec as f"; $sql .= " , ".MAIN_DB_PREFIX."societe as s "; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -769,7 +767,7 @@ if ($action == 'create') { if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 9fb15bac425..32147367d4e 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -66,17 +66,13 @@ $originid = (GETPOST('originid', 'int') ?GETPOST('originid', 'int') : GETPOST('o $note_public = GETPOST('note_public', 'restricthtml'); $lineid = GETPOST('line_id', 'int'); +$error = 0; + //PDF $hidedetails = (GETPOST('hidedetails', 'int') ? GETPOST('hidedetails', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0)); $hidedesc = (GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0)); $hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0)); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'ficheinter', $id, 'fichinter'); - // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('interventioncard', 'globalcard')); @@ -96,11 +92,15 @@ if ($id > 0 || !empty($ref)) { } } +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'ficheinter', $id, 'fichinter'); + $permissionnote = $user->rights->ficheinter->creer; // Used by the include of actions_setnotes.inc.php $permissiondellink = $user->rights->ficheinter->creer; // Used by the include of actions_dellink.inc.php -$error = 0; - /* * Actions @@ -1246,7 +1246,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -1260,7 +1259,6 @@ if ($action == 'create') { print "
    "; - print '
    '; print '
    '; print ''; @@ -1668,14 +1666,14 @@ if ($action == 'create') { $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'fichinter', $socid, 1); - print '
    '; + print ''; } diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 9bd3f17da25..297e03fa379 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -204,7 +204,7 @@ class Fichinter extends CommonObject $sql = "SELECT count(fi.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as fi"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON fi.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/fichinter/class/fichinterstats.class.php b/htdocs/fichinter/class/fichinterstats.class.php index 297aeca7760..f6fbdb8d305 100644 --- a/htdocs/fichinter/class/fichinterstats.class.php +++ b/htdocs/fichinter/class/fichinterstats.class.php @@ -72,7 +72,7 @@ class FichinterStats extends Stats $this->field_line = '0'; //$this->where.= " AND c.fk_statut > 0"; // Not draft and not cancelled } - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $this->where .= ($this->where ? ' AND ' : '')."c.entity IN (".getEntity('fichinter').')'; @@ -98,7 +98,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -122,7 +122,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -145,7 +145,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -169,7 +169,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -191,7 +191,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -214,7 +214,7 @@ class FichinterStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE ".$this->where; $sql .= " AND c.rowid = tl.fk_fichinter AND tl.fk_product = product.rowid"; $sql .= " AND c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'"; diff --git a/htdocs/fichinter/document.php b/htdocs/fichinter/document.php index 74ef0c57804..f3dae0d8318 100644 --- a/htdocs/fichinter/document.php +++ b/htdocs/fichinter/document.php @@ -78,6 +78,8 @@ $object->fetch($id, $ref); $upload_dir = $conf->ficheinter->dir_output.'/'.dol_sanitizeFileName($object->ref); $modulepart = 'fichinter'; +$permissiontoadd = $user->rights->ficheinter->creer; // Used by the include of actions_setnotes.inc.php + /* * Actions diff --git a/htdocs/fichinter/index.php b/htdocs/fichinter/index.php index 8eca043ef40..0f0fc0acc99 100644 --- a/htdocs/fichinter/index.php +++ b/htdocs/fichinter/index.php @@ -74,7 +74,7 @@ print '
    '; $sql = "SELECT count(f.rowid), f.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -82,7 +82,7 @@ $sql .= " AND f.fk_soc = s.rowid"; if ($user->socid) { $sql .= ' AND f.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY f.fk_statut"; @@ -192,7 +192,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -201,7 +201,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -229,7 +229,7 @@ if (!empty($conf->ficheinter->enabled)) { } -print '
    '; +print '
    '; $max = 5; @@ -242,7 +242,7 @@ $sql = "SELECT f.rowid, f.ref, f.fk_statut, f.date_valid as datec, f.tms as date $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -251,7 +251,7 @@ $sql .= " AND f.fk_soc = s.rowid"; if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -315,7 +315,7 @@ if (!empty($conf->ficheinter->enabled)) { $sql = "SELECT f.rowid, f.ref, f.fk_statut, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -324,7 +324,7 @@ if (!empty($conf->ficheinter->enabled)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.rowid DESC"; @@ -381,7 +381,7 @@ if (!empty($conf->ficheinter->enabled)) { } } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardInterventions', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 6f4dccd878d..d710d7cd6cc 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -257,7 +257,7 @@ $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if (!$user->rights->societe->client->voir && empty($socid)) { +if (empty($user->rights->societe->client->voir) && empty($socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."societe as s"; @@ -285,7 +285,7 @@ if ($search_desc) { if ($search_status != '' && $search_status >= 0) { $sql .= ' AND f.fk_statut = '.urlencode($search_status); } -if (!$user->rights->societe->client->voir && empty($socid)) { +if (empty($user->rights->societe->client->voir) && empty($socid)) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/fichinter/stats/index.php b/htdocs/fichinter/stats/index.php index 7a7adb639b3..f1247adb457 100644 --- a/htdocs/fichinter/stats/index.php +++ b/htdocs/fichinter/stats/index.php @@ -79,7 +79,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/interventionsnbinyear-'.$user->id.'-'.$year.'.png'; $fileurlnb = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsnbinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -114,7 +114,7 @@ if (!$mesg) { $data = $stats->getAmountByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/interventionsamountinyear-'.$user->id.'-'.$year.'.png'; $fileurlamount = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsamountinyear-'.$user->id.'-'.$year.'.png'; } else { @@ -148,7 +148,7 @@ if (!$mesg) { $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/interventionsaverage-'.$user->id.'-'.$year.'.png'; $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=interventionstats&file=interventionsaverage-'.$user->id.'-'.$year.'.png'; } else { @@ -300,7 +300,7 @@ print ''; print ''; -print '
    '; +print '
    '; // Show graphs @@ -317,7 +317,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php index 67ed2d4e741..16e89850ae4 100644 --- a/htdocs/fourn/card.php +++ b/htdocs/fourn/card.php @@ -371,7 +371,7 @@ if ($object->id > 0) { print ''; - print '
    '; + print '
    '; $boxstat = ''; @@ -813,7 +813,7 @@ if ($object->id > 0) { } } - print '
    '; + print ''; print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/fourn/class/api_supplier_invoices.class.php b/htdocs/fourn/class/api_supplier_invoices.class.php index df1bf36b723..51cd2673b0b 100644 --- a/htdocs/fourn/class/api_supplier_invoices.class.php +++ b/htdocs/fourn/class/api_supplier_invoices.class.php @@ -201,6 +201,10 @@ class SupplierInvoices extends DolibarrApi /** * Create supplier invoice object * + * Note: soc_id = dolibarr_order_id + * + * Example: {'ref': 'auto', 'ref_supplier': '7985630', 'socid': 1, 'note': 'Inserted with Python', 'order_supplier': 1, 'date': '2021-07-28'} + * * @param array $request_data Request datas * * @return int ID of supplier invoice @@ -525,6 +529,10 @@ class SupplierInvoices extends DolibarrApi /** * Add a line to given supplier invoice * + * Note: socid = dolibarr_order_id, pu_ht = net price, remise = discount + * + * Example: {'socid': 1, 'qty': 1, 'pu_ht': 21.0, 'tva_tx': 25.0, 'fk_product': '1189', 'product_type': 0, 'remise_percent': 1.0, 'vat_src_code': None} + * * @param int $id Id of supplier invoice to update * @param array $request_data supplier invoice line data * diff --git a/htdocs/fourn/class/fournisseur.class.php b/htdocs/fourn/class/fournisseur.class.php index 805ed7c1ba6..b47cfa263c0 100644 --- a/htdocs/fourn/class/fournisseur.class.php +++ b/htdocs/fourn/class/fournisseur.class.php @@ -113,7 +113,7 @@ class Fournisseur extends Societe $sql = "SELECT count(s.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -178,12 +178,12 @@ class Fournisseur extends Societe $sql = "SELECT s.rowid, s.nom as name"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 5da4ad4b08b..bc79aa4d6e1 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -2965,7 +2965,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -3003,7 +3003,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.fk_statut, c.date_livraison as delivery_date"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; diff --git a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php index a73be8ac43b..7037cd94262 100644 --- a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php +++ b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php @@ -286,7 +286,7 @@ class CommandeFournisseurDispatch extends CommonObjectLine $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t"; if ($ref) { - $sql .= " WHERE t.ref = '".$ref."'"; + $sql .= " WHERE t.ref = '".$this->db->escape($ref)."'"; } else { $sql .= " WHERE t.rowid = ".((int) $id); } @@ -374,7 +374,6 @@ class CommandeFournisseurDispatch extends CommonObjectLine // Update request $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; - $sql .= " fk_commande=".(isset($this->fk_commande) ? $this->fk_commande : "null").","; $sql .= " fk_product=".(isset($this->fk_product) ? $this->fk_product : "null").","; $sql .= " fk_commandefourndet=".(isset($this->fk_commandefourndet) ? $this->fk_commandefourndet : "null").","; @@ -388,8 +387,6 @@ class CommandeFournisseurDispatch extends CommonObjectLine $sql .= " batch=".(isset($this->batch) ? "'".$this->db->escape($this->batch)."'" : "null").","; $sql .= " eatby=".(dol_strlen($this->eatby) != 0 ? "'".$this->db->idate($this->eatby)."'" : 'null').","; $sql .= " sellby=".(dol_strlen($this->sellby) != 0 ? "'".$this->db->idate($this->sellby)."'" : 'null').""; - - $sql .= " WHERE rowid=".((int) $this->id); $this->db->begin(); diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index dbf33b6cd69..ccaa7db60fa 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -415,6 +415,7 @@ class FactureFournisseur extends CommonInvoice $sql = "INSERT INTO ".MAIN_DB_PREFIX."facture_fourn ("; $sql .= "ref"; $sql .= ", ref_supplier"; + $sql .= ", ref_ext"; $sql .= ", entity"; $sql .= ", type"; $sql .= ", libelle"; @@ -438,6 +439,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " VALUES ("; $sql .= "'(PROV)'"; $sql .= ", '".$this->db->escape($this->ref_supplier)."'"; + $sql .= ", '".$this->db->escape($this->ref_ext)."'"; $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->escape($this->type)."'"; $sql .= ", '".$this->db->escape(isset($this->label) ? $this->label : (isset($this->libelle) ? $this->libelle : ''))."'"; @@ -647,6 +649,7 @@ class FactureFournisseur extends CommonInvoice $sql .= " t.rowid,"; $sql .= " t.ref,"; $sql .= " t.ref_supplier,"; + $sql .= " t.ref_ext,"; $sql .= " t.entity,"; $sql .= " t.type,"; $sql .= " t.fk_soc,"; @@ -708,6 +711,7 @@ class FactureFournisseur extends CommonInvoice $this->ref = $obj->ref ? $obj->ref : $obj->rowid; // We take rowid if ref is empty for backward compatibility $this->ref_supplier = $obj->ref_supplier; + $this->ref_ext = $obj->ref_ext; $this->entity = $obj->entity; $this->type = empty($obj->type) ? self::TYPE_STANDARD : $obj->type; $this->fk_soc = $obj->fk_soc; @@ -924,6 +928,9 @@ class FactureFournisseur extends CommonInvoice if (isset($this->ref_supplier)) { $this->ref_supplier = trim($this->ref_supplier); } + if (isset($this->ref_ext)) { + $this->ref_ext = trim($this->ref_ext); + } if (isset($this->entity)) { $this->entity = trim($this->entity); } @@ -1013,6 +1020,7 @@ class FactureFournisseur extends CommonInvoice $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn SET"; $sql .= " ref=".(isset($this->ref) ? "'".$this->db->escape($this->ref)."'" : "null").","; $sql .= " ref_supplier=".(isset($this->ref_supplier) ? "'".$this->db->escape($this->ref_supplier)."'" : "null").","; + $sql .= " ref_ext=".(isset($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null").","; $sql .= " entity=".(isset($this->entity) ? $this->entity : "null").","; $sql .= " type=".(isset($this->type) ? $this->type : "null").","; $sql .= " fk_soc=".(isset($this->fk_soc) ? $this->fk_soc : "null").","; @@ -2404,7 +2412,7 @@ class FactureFournisseur extends CommonInvoice $sql = 'SELECT ff.rowid, ff.date_lim_reglement as datefin, ff.fk_statut'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE ff.paye=0'; @@ -2413,7 +2421,7 @@ class FactureFournisseur extends CommonInvoice if ($user->socid) { $sql .= ' AND ff.fk_soc = '.((int) $user->socid); } - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2759,7 +2767,7 @@ class FactureFournisseur extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index f025e3ce6c7..dea816b9574 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -2249,7 +2249,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -2308,7 +2307,6 @@ if ($action == 'create') { }*/ - print ''; print ''; print ''; @@ -2640,7 +2638,7 @@ if ($action == 'create') { $linktoelem = $form->showLinkToObjectBlock($object, null, array('supplier_order', 'order_supplier')); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; if ($action == 'classifyreception') { if ($usercanreceived && ($object->statut == CommandeFournisseur::STATUS_ORDERSENT || $object->statut == CommandeFournisseur::STATUS_RECEIVED_PARTIALLY)) { @@ -2686,7 +2684,7 @@ if ($action == 'create') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'order_supplier', $socid, 1, 'listaction'.($genallowed ? 'largetitle' : '')); - print '
    '; + print ''; } /* diff --git a/htdocs/fourn/commande/document.php b/htdocs/fourn/commande/document.php index aea8abed665..993830eb539 100644 --- a/htdocs/fourn/commande/document.php +++ b/htdocs/fourn/commande/document.php @@ -46,12 +46,6 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande'); - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -81,6 +75,15 @@ if ($object->fetch($id, $ref) < 0) { $upload_dir = $conf->fournisseur->commande->dir_output.'/'.dol_sanitizeFileName($object->ref); $object->fetch_thirdparty(); +// Security check +$socid = 0; +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande'); + +$permissiontoadd = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer); // Used by the include of actions_setnotes.inc.php + /* * Actions diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php index b4956ea706f..7d6b3b6936a 100644 --- a/htdocs/fourn/commande/index.php +++ b/htdocs/fourn/commande/index.php @@ -67,7 +67,7 @@ print '
    '; $sql = "SELECT count(cf.rowid) as nb, fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as cf"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.fk_soc = s.rowid"; @@ -75,7 +75,7 @@ $sql .= " AND cf.entity IN (".getEntity('supplier_order').")"; if ($user->socid) { $sql .= ' AND cf.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY cf.fk_statut"; @@ -176,7 +176,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql = "SELECT c.rowid, c.ref, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -185,7 +185,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU if (!empty($socid)) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -272,7 +272,7 @@ if ($resql) { } -print '
    '; +print '
    '; /* @@ -283,7 +283,7 @@ $max = 5; $sql = "SELECT c.rowid, c.ref, c.fk_statut as status, c.tms, c.billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -292,7 +292,7 @@ $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; if (!empty($socid)) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -355,12 +355,12 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as name, s.rowid as socid"; $sql.=" FROM ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (empty($user->rights->societe->client->voir) && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity IN (".getEntity("supplier_order").")"; $sql.= " AND c.fk_statut = 1"; if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); -if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); +if (empty($user->rights->societe->client->voir) && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .((int) $user->id); $sql.= " ORDER BY c.rowid DESC"; $resql=$db->query($sql); @@ -417,7 +417,7 @@ print "

    "; } */ -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardOrdersSuppliers', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/fourn/commande/info.php b/htdocs/fourn/commande/info.php index aeb17c25035..bb8dc302b1c 100644 --- a/htdocs/fourn/commande/info.php +++ b/htdocs/fourn/commande/info.php @@ -74,7 +74,7 @@ if ($user->socid) { } $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande'); -if (!$user->rights->fournisseur->commande->lire) { +if (empty($user->rights->fournisseur->commande->lire)) { accessforbidden(); } diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index bef5289c791..419e75b55aa 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -777,7 +777,7 @@ if ($search_product_category > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON cf.fk_user_author = u.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = cf.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -792,7 +792,7 @@ $sql .= ' AND cf.entity IN ('.getEntity('supplier_order').')'; if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { diff --git a/htdocs/fourn/contact.php b/htdocs/fourn/contact.php index 9fd4dd30b26..cabf726beee 100644 --- a/htdocs/fourn/contact.php +++ b/htdocs/fourn/contact.php @@ -64,18 +64,18 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; */ $sql = "SELECT s.rowid as socid, s.nom as name, st.libelle as stcomm, p.rowid as cidp, p.lastname, p.firstname, p.email, p.phone"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."socpeople as p, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.rowid = p.fk_soc"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index d32f7eebb93..946958594d8 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -2948,7 +2948,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -3325,7 +3324,6 @@ if ($action == 'create') { print '
    '; print '
    '; - print '
    '; print ''; print ''; @@ -3574,17 +3572,14 @@ if ($action == 'create') { $linktoelem = $form->showLinkToObjectBlock($object, null, array('invoice_supplier')); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; - //print ''; - //print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'invoice_supplier', $socid, 1, 'listaction'.($genallowed ? 'largetitle' : '')); - print '
    '; - //print ''; + print ''; } } } diff --git a/htdocs/fourn/facture/document.php b/htdocs/fourn/facture/document.php index f6954635db1..4c4e92315f4 100644 --- a/htdocs/fourn/facture/document.php +++ b/htdocs/fourn/facture/document.php @@ -77,6 +77,8 @@ if ($object->fetch($id, $ref)) { $upload_dir = $conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier').$ref; } +$permissiontoadd = ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer); // Used by the include of actions_setnotes.inc.php + /* * Actions diff --git a/htdocs/fourn/facture/index.php b/htdocs/fourn/facture/index.php index 5479ad22462..21d3e4cfa58 100644 --- a/htdocs/fourn/facture/index.php +++ b/htdocs/fourn/facture/index.php @@ -73,7 +73,6 @@ if ($tmp) { print ''; print '
    '; -print '
    '; $tmp = getPurchaseInvoiceLatestEditTable($maxLatestEditCount, $socid); if ($tmp) { @@ -87,7 +86,6 @@ if ($tmp) { print '
    '; } -print '
    '; print '
    '; print ''; diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index a325f9db780..6c133c9b5a1 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -461,7 +461,7 @@ if ($search_product_category > 0) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user AS u ON f.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = f.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -474,7 +474,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object $sql .= $hookmanager->resPrint; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.entity IN ('.getEntity('facture_fourn').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_product_category > 0) { diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index 1cc1a86fe4a..a29473eefd2 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -360,16 +360,16 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie $sql = 'SELECT s.nom as name, s.rowid as socid,'; $sql .= ' f.rowid, f.ref, f.ref_supplier, f.total_ttc as total, f.fk_mode_reglement, f.fk_account'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'facture_fourn as f'; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.rowid = '.((int) $facid); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); diff --git a/htdocs/fourn/facture/rapport.php b/htdocs/fourn/facture/rapport.php index fe2bb78008d..59b92f349c0 100644 --- a/htdocs/fourn/facture/rapport.php +++ b/htdocs/fourn/facture/rapport.php @@ -46,7 +46,7 @@ if ($user->socid > 0) { } $dir = $conf->fournisseur->facture->dir_output.'/payments'; -if (!$user->rights->societe->client->voir || $socid) { +if (empty($user->rights->societe->client->voir) || $socid) { $dir .= '/private/'.$user->id; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/fourn/index.php b/htdocs/fourn/index.php index 44a689fcd80..1dc3e963db7 100644 --- a/htdocs/fourn/index.php +++ b/htdocs/fourn/index.php @@ -60,11 +60,11 @@ print '
    '; $sql = "SELECT count(cf.rowid), cf.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE cf.fk_soc = s.rowid "; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; @@ -106,11 +106,11 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= " s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE cf.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND cf.entity = ".$conf->entity; @@ -162,11 +162,11 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S $sql .= ", s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND ff.entity = ".$conf->entity; @@ -221,8 +221,7 @@ if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_S } -//print ''; -print '
    '; +print '
    '; /* @@ -241,13 +240,13 @@ if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -318,8 +317,7 @@ if (count($companystatic->SupplierCategories)) { } -//print "\n"; -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/fourn/paiement/card.php b/htdocs/fourn/paiement/card.php index 5f5e6c72908..f8f484f0cc9 100644 --- a/htdocs/fourn/paiement/card.php +++ b/htdocs/fourn/paiement/card.php @@ -392,7 +392,7 @@ if ($result > 0) { $somethingshown = $formfile->numoffiles; } - print '
    '; + print '
    '; //print '
    '; // List of actions on element @@ -401,7 +401,7 @@ if ($result > 0) { $somethingshown = $formactions->showactions($object,'supplier_payment',$socid,1,'listaction'.($genallowed?'largetitle':'')); */ - print '
    '; + print ''; // Presend form $modelmail = ''; //TODO: Add new 'payment receipt' model in email models diff --git a/htdocs/fourn/paiement/document.php b/htdocs/fourn/paiement/document.php index 05a13d901da..a29e9b0713c 100644 --- a/htdocs/fourn/paiement/document.php +++ b/htdocs/fourn/paiement/document.php @@ -79,6 +79,9 @@ if ($object->fetch($id, $ref)) { $upload_dir = $conf->fournisseur->payment->dir_output.'/'.dol_sanitizeFileName($object->ref); } +$permissiontoadd = ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer); // Used by the include of actions_setnotes.inc.php + + /* * Actions */ diff --git a/htdocs/fourn/paiement/list.php b/htdocs/fourn/paiement/list.php index 96af99d3f06..c4e18d50f90 100644 --- a/htdocs/fourn/paiement/list.php +++ b/htdocs/fourn/paiement/list.php @@ -177,7 +177,7 @@ $sql = 'SELECT p.rowid, p.ref, p.datep, p.amount as pamount, p.num_paiement'; $sql .= ', s.rowid as socid, s.nom as name, s.email'; $sql .= ', c.code as paiement_type, c.libelle as paiement_libelle'; $sql .= ', ba.rowid as bid, ba.label'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', sc.fk_soc, sc.fk_user'; } $sql .= ', SUM(pf.amount)'; @@ -189,12 +189,12 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement AS c ON p.fk_paiement = c.id'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON s.rowid = f.fk_soc'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', '.MAIN_DB_PREFIX.'societe_commerciaux as sc'; } $sql .= ' WHERE f.entity = '.$conf->entity; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($socid > 0) { @@ -233,7 +233,7 @@ if ($search_all) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; $sql .= ' GROUP BY p.rowid, p.ref, p.datep, p.amount, p.num_paiement, s.rowid, s.nom, s.email, c.code, c.libelle, ba.rowid, ba.label'; -if (!$user->rights->societe->client->voir) { +if (empty($user->rights->societe->client->voir)) { $sql .= ', sc.fk_soc, sc.fk_user'; } diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php index 9948b64e460..b4bb54f3b1b 100644 --- a/htdocs/holiday/card.php +++ b/htdocs/holiday/card.php @@ -1302,7 +1302,6 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { print ''; print '
    '; - print '
    '; print '
    '; @@ -1391,7 +1390,6 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { print ''; print ''; - print '
    '; print '
    '; print ''; @@ -1545,7 +1543,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { //$somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -1554,7 +1552,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } } } diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 86e3e889639..89760c4d1ac 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -701,6 +701,7 @@ class Holiday extends CommonObject public function validate($user = null, $notrigger = 0) { global $conf, $langs; + require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; $error = 0; // Define new ref @@ -740,6 +741,44 @@ class Holiday extends CommonObject } } + if (!$error) { + $this->oldref = $this->ref; + + // Rename directory if dir was a temporary ref + if (preg_match('/^[\(]?PROV/i', $this->ref)) { + // Now we rename also files into index + $sql = 'UPDATE ' . MAIN_DB_PREFIX . "ecm_files set filename = CONCAT('" . $this->db->escape($this->newref) . "', SUBSTR(filename, " . (strlen($this->ref) + 1) . ")), filepath = 'holiday/" . $this->db->escape($this->newref) . "'"; + $sql .= " WHERE filename LIKE '" . $this->db->escape($this->ref) . "%' AND filepath = 'holiday/" . $this->db->escape($this->ref) . "' and entity = " . ((int) $conf->entity); + $resql = $this->db->query($sql); + if (!$resql) { + $error++; + $this->error = $this->db->lasterror(); + } + + // We rename directory ($this->ref = old ref, $num = new ref) in order not to lose the attachments + $oldref = dol_sanitizeFileName($this->ref); + $newref = dol_sanitizeFileName($num); + $dirsource = $conf->holiday->multidir_output[$this->entity] . '/' . $oldref; + $dirdest = $conf->holiday->multidir_output[$this->entity] . '/' . $newref; + if (!$error && file_exists($dirsource)) { + dol_syslog(get_class($this) . "::validate rename dir " . $dirsource . " into " . $dirdest); + if (@rename($dirsource, $dirdest)) { + dol_syslog("Rename ok"); + // Rename docs starting with $oldref with $newref + $listoffiles = dol_dir_list($dirdest, 'files', 1, '^' . preg_quote($oldref, '/')); + foreach ($listoffiles as $fileentry) { + $dirsource = $fileentry['name']; + $dirdest = preg_replace('/^' . preg_quote($oldref, '/') . '/', $newref, $dirsource); + $dirsource = $fileentry['path'] . '/' . $dirsource; + $dirdest = $fileentry['path'] . '/' . $dirdest; + @rename($dirsource, $dirdest); + } + } + } + } + } + + // Commit or rollback if ($error) { foreach ($this->errors as $errmsg) { diff --git a/htdocs/holiday/document.php b/htdocs/holiday/document.php index c4e779efe52..7dc086a113f 100644 --- a/htdocs/holiday/document.php +++ b/htdocs/holiday/document.php @@ -120,6 +120,7 @@ if ($user->socid) { } $result = restrictedArea($user, 'holiday', $object->id, 'holiday'); +$permissiontoadd = $user->rights->holiday->write; // Used by the include of actions_setnotes.inc.php /* @@ -283,7 +284,6 @@ if ($object->id) { /* print ''; print '
    '; - print '
    '; print '
    '; @@ -340,7 +340,6 @@ if ($object->id) { print ''; print ''; - print '
    '; print '
    '; */ print ''; diff --git a/htdocs/hrm/class/skill.class.php b/htdocs/hrm/class/skill.class.php index 45e9eb6701c..478b267ac1f 100644 --- a/htdocs/hrm/class/skill.class.php +++ b/htdocs/hrm/class/skill.class.php @@ -384,7 +384,7 @@ class Skill extends CommonObject /** * Load object lines in memory from the database * - * @return int | array <0 if KO, 0 if not found, array if OK + * @return array|int <0 if KO, 0 if not found, array if OK */ public function fetchLines() { diff --git a/htdocs/hrm/evaluation_agenda.php b/htdocs/hrm/evaluation_agenda.php index 8524f6df3d9..91a0615bc95 100644 --- a/htdocs/hrm/evaluation_agenda.php +++ b/htdocs/hrm/evaluation_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/evaluation_card.php b/htdocs/hrm/evaluation_card.php index 64b54b4c80b..28e030ffc42 100644 --- a/htdocs/hrm/evaluation_card.php +++ b/htdocs/hrm/evaluation_card.php @@ -25,57 +25,8 @@ * \brief Page to create/edit/view evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; @@ -731,7 +682,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -744,7 +695,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element.'@'.$object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/hrm/evaluation_contact.php b/htdocs/hrm/evaluation_contact.php index 540154b77ef..61af793b28a 100644 --- a/htdocs/hrm/evaluation_contact.php +++ b/htdocs/hrm/evaluation_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/evaluation_document.php b/htdocs/hrm/evaluation_document.php index 06cbd7a621a..7318819644e 100644 --- a/htdocs/hrm/evaluation_document.php +++ b/htdocs/hrm/evaluation_document.php @@ -25,57 +25,9 @@ * \brief Tab for documents linked to Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/evaluation_list.php b/htdocs/hrm/evaluation_list.php index 54c4d547ffe..35189f11b87 100644 --- a/htdocs/hrm/evaluation_list.php +++ b/htdocs/hrm/evaluation_list.php @@ -25,57 +25,9 @@ * \brief List page for evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -268,7 +220,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/hrm/evaluation_note.php b/htdocs/hrm/evaluation_note.php index aae7b56acaf..1b6b5a35564 100644 --- a/htdocs/hrm/evaluation_note.php +++ b/htdocs/hrm/evaluation_note.php @@ -25,57 +25,8 @@ * \brief Tab for notes on Evaluation */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/evaluation.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_evaluation.lib.php'; @@ -86,7 +37,7 @@ $langs->loadLangs(array("hrm", "companies")); // Get parameters $id = GETPOST('id', 'int'); -$ref = GETPOST('ref', 'alpha'); +$ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'aZ09'); $backtopage = GETPOST('backtopage', 'alpha'); diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index ec7ba9b74e3..0b887667561 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -175,7 +175,7 @@ if (!empty($conf->holiday->enabled)) { } -print '
    '; +print '
    '; @@ -189,7 +189,7 @@ if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { if (empty($user->rights->holiday->readall)) { $sql .= ' AND x.fk_user IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -264,13 +264,13 @@ if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->lire) $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.email, u.statut as user_status, u.photo,"; $sql .= " x.rowid, x.ref, x.date_debut as date, x.tms as dm, x.total_ttc, x.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport as x, ".MAIN_DB_PREFIX."user as u"; - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE u.rowid = x.fk_user_author"; $sql .= " AND x.entity = ".$conf->entity; if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)) { $sql .= ' AND x.fk_user_author IN ('.$db->sanitize(join(',', $childids)).')'; } - //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + //if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= " AND x.fk_soc = s. rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); //if (!empty($socid)) $sql.= " AND x.fk_soc = ".((int) $socid); $sql .= $db->order("x.tms", "DESC"); $sql .= $db->plimit($max, 0); @@ -339,11 +339,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql.= " rp.rowid as jobid, rp.ref as jobref, rp.label"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as rp ON rc.fk_recruitmentjobposition = rp.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentcandidature->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND rp.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -404,7 +404,7 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme } } -print '
    '; +print ''; // Initialize technical object to manage hooks. Note that conf->hooks_modules contains array $parameters = array('user' => $user); diff --git a/htdocs/hrm/job_agenda.php b/htdocs/hrm/job_agenda.php index 77dd464a7f0..d7772763d8d 100644 --- a/htdocs/hrm/job_agenda.php +++ b/htdocs/hrm/job_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/job_card.php b/htdocs/hrm/job_card.php index 19b40048f7b..42ee4d6f4b1 100644 --- a/htdocs/hrm/job_card.php +++ b/htdocs/hrm/job_card.php @@ -25,61 +25,9 @@ * \brief Page to create/edit/view job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; @@ -502,7 +450,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -515,7 +463,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element . '@' . $object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } // Presend form diff --git a/htdocs/hrm/job_contact.php b/htdocs/hrm/job_contact.php index cbc961d3f9e..67da8ecfd91 100644 --- a/htdocs/hrm/job_contact.php +++ b/htdocs/hrm/job_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/job_document.php b/htdocs/hrm/job_document.php index a32f02915e9..a055fbbc325 100644 --- a/htdocs/hrm/job_document.php +++ b/htdocs/hrm/job_document.php @@ -25,57 +25,8 @@ * \brief Tab for documents linked to Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/job_list.php b/htdocs/hrm/job_list.php index 0c169616f5a..55363d729b5 100644 --- a/htdocs/hrm/job_list.php +++ b/htdocs/hrm/job_list.php @@ -25,57 +25,9 @@ * \brief List page for job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -268,7 +220,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/hrm/job_note.php b/htdocs/hrm/job_note.php index 85a1cd1dc84..7205afec247 100644 --- a/htdocs/hrm/job_note.php +++ b/htdocs/hrm/job_note.php @@ -25,57 +25,9 @@ * \brief Tab for notes on Job */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/job.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_job.lib.php'; diff --git a/htdocs/hrm/position_agenda.php b/htdocs/hrm/position_agenda.php index 670ec51304b..b3b68d9bcbc 100644 --- a/htdocs/hrm/position_agenda.php +++ b/htdocs/hrm/position_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/position_card.php b/htdocs/hrm/position_card.php index 8cb8ba9de8c..4d6b36b52f3 100644 --- a/htdocs/hrm/position_card.php +++ b/htdocs/hrm/position_card.php @@ -25,61 +25,9 @@ * \brief Page to create/edit/view position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; @@ -396,7 +344,7 @@ function DisplayPositionCard(&$object) // } // // -// print '
    '; +// print '
    '; // // $MAXEVENT = 10; // @@ -407,7 +355,7 @@ function DisplayPositionCard(&$object) // $formactions = new FormActions($db); // $somethingshown = $formactions->showactions($object, '', $object->id, 1, '', $MAXEVENT, '', $morehtmlright); // Show all action for thirdparty // -// print '
    '; +// print ''; //} @@ -425,7 +373,7 @@ if ($action !== 'edit' && $action !== 'create') { $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -437,7 +385,7 @@ if ($action !== 'edit' && $action !== 'create') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element . '@' . $object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } diff --git a/htdocs/hrm/position_contact.php b/htdocs/hrm/position_contact.php index 56a4fc8ff8f..a7246e3a82b 100644 --- a/htdocs/hrm/position_contact.php +++ b/htdocs/hrm/position_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/position_document.php b/htdocs/hrm/position_document.php index 1ae41c193ab..7a820310ee2 100644 --- a/htdocs/hrm/position_document.php +++ b/htdocs/hrm/position_document.php @@ -25,57 +25,8 @@ * \brief Tab for documents linked to Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/position_list.php b/htdocs/hrm/position_list.php index 60e69bfac3f..d6ed72c2612 100644 --- a/htdocs/hrm/position_list.php +++ b/htdocs/hrm/position_list.php @@ -25,57 +25,9 @@ * \brief List page for position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -268,7 +220,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/hrm/position_note.php b/htdocs/hrm/position_note.php index 81548761326..1eea4b82676 100644 --- a/htdocs/hrm/position_note.php +++ b/htdocs/hrm/position_note.php @@ -26,57 +26,9 @@ * \brief Tab for notes on Position */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/position.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_position.lib.php'; diff --git a/htdocs/hrm/skill_agenda.php b/htdocs/hrm/skill_agenda.php index 0b854ccb028..9c1821fb8d7 100644 --- a/htdocs/hrm/skill_agenda.php +++ b/htdocs/hrm/skill_agenda.php @@ -25,57 +25,9 @@ * \brief Tab of events on skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; diff --git a/htdocs/hrm/skill_card.php b/htdocs/hrm/skill_card.php index 2a5b58cd788..ed66dc4ebb9 100644 --- a/htdocs/hrm/skill_card.php +++ b/htdocs/hrm/skill_card.php @@ -25,62 +25,9 @@ * \brief Page to create/edit/view skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} - +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formprojet.class.php'; @@ -889,7 +836,7 @@ if ($action != "create" && $action != "edit") { $linktoelem = $form->showLinkToObjectBlock($object, null, array('skill')); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -901,7 +848,7 @@ if ($action != "create" && $action != "edit") { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element . '@' . $object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } // End of page diff --git a/htdocs/hrm/skill_contact.php b/htdocs/hrm/skill_contact.php index a535e00696b..f8ea2a04a9f 100644 --- a/htdocs/hrm/skill_contact.php +++ b/htdocs/hrm/skill_contact.php @@ -26,35 +26,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/hrm/skill_document.php b/htdocs/hrm/skill_document.php index ca13044f712..77f3325de15 100644 --- a/htdocs/hrm/skill_document.php +++ b/htdocs/hrm/skill_document.php @@ -25,57 +25,9 @@ * \brief Tab for documents linked to skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; diff --git a/htdocs/hrm/skill_list.php b/htdocs/hrm/skill_list.php index c0af4e28edc..1fc5440e589 100644 --- a/htdocs/hrm/skill_list.php +++ b/htdocs/hrm/skill_list.php @@ -25,57 +25,9 @@ * \brief List page for skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -268,7 +220,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/hrm/skill_note.php b/htdocs/hrm/skill_note.php index 000c5e1b41b..1510f746e5e 100644 --- a/htdocs/hrm/skill_note.php +++ b/htdocs/hrm/skill_note.php @@ -25,57 +25,9 @@ * \brief Tab for notes on skill */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/class/skill.class.php'; require_once DOL_DOCUMENT_ROOT . '/hrm/lib/hrm_skill.lib.php'; diff --git a/htdocs/hrm/skill_tab.php b/htdocs/hrm/skill_tab.php index 2aada2a771e..9a9ea39e31d 100644 --- a/htdocs/hrm/skill_tab.php +++ b/htdocs/hrm/skill_tab.php @@ -25,61 +25,10 @@ * \brief Page to add/delete/view skill to jobs/users */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification + // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"] . "/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; -$tmp2 = realpath(__FILE__); -$i = strlen($tmp) - 1; -$j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; - $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1)) . "/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1)) . "/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1))) . "/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; diff --git a/htdocs/imports/emptyexample.php b/htdocs/imports/emptyexample.php index b919a3c4c3e..6435f91241c 100644 --- a/htdocs/imports/emptyexample.php +++ b/htdocs/imports/emptyexample.php @@ -75,9 +75,6 @@ $filename = $langs->trans("ExampleOfImportFile").'_'.$datatoimport.'.'.$format; $objimport = new Import($db); $objimport->load_arrays($user, $datatoimport); // Load arrays from descriptor module -$entity = $objimport->array_import_entities[0][$code]; -$entityicon = $entitytoicon[$entity] ? $entitytoicon[$entity] : $entity; -$entitylang = $entitytolang[$entity] ? $entitytolang[$entity] : $entity; $fieldstarget = $objimport->array_import_fields[0]; $valuestarget = $objimport->array_import_examplevalues[0]; diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index d6e21f17aeb..03110b4425e 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -627,3 +627,5 @@ CREATE TABLE llx_onlinesignature ALTER TABLE llx_facture_fourn CHANGE COLUMN fk_mode_transport fk_transport_mode integer; +ALTER TABLE llx_c_socialnetworks DROP INDEX idx_c_socialnetworks_code; +ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code_entity (code, entity); diff --git a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql index 46f0963c371..5bf710ebe0f 100644 --- a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql +++ b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql @@ -35,6 +35,7 @@ -- VMYSQL4.3 ALTER TABLE llx_partnership MODIFY COLUMN date_partnership_end date NULL; -- VPGSQL8.2 ALTER TABLE llx_partnership ALTER COLUMN date_partnership_end DROP NOT NULL; +ALTER TABLE llx_accounting_bookkeeping ADD COLUMN date_export datetime DEFAULT NULL; ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN fk_project integer NOT NULL; ALTER TABLE llx_eventorganization_conferenceorboothattendee ADD COLUMN fk_invoice integer NULL; @@ -378,3 +379,8 @@ ALTER TABLE llx_societe_perentity ADD COLUMN accountancy_code_customer varchar(2 ALTER TABLE llx_societe_perentity ADD COLUMN accountancy_code_supplier varchar(24) AFTER accountancy_code_customer; -- equivalent to code_compta_supplier in llx_societe ALTER TABLE llx_projet_task ADD COLUMN budget_amount double(24,8) AFTER priority; + +-- VMYSQL4.1 INSERT INTO llx_boxes_def (file, entity) SELECT 'box_graph_ticket_by_severity.php', 1 FROM DUAL WHERE NOT EXISTS (SELECT * FROM llx_boxes_def WHERE file = 'box_graph_ticket_by_severity.php' AND entity = 1); +-- VMYSQL4.1 INSERT INTO llx_boxes_def (file, entity) SELECT 'box_graph_nb_ticket_last_x_days.php', 1 FROM DUAL WHERE NOT EXISTS (SELECT * FROM llx_boxes_def WHERE file = 'box_graph_nb_ticket_last_x_days.php' AND entity = 1); +-- VMYSQL4.1 INSERT INTO llx_boxes_def (file, entity) SELECT 'box_graph_nb_tickets_type.php', 1 FROM DUAL WHERE NOT EXISTS (SELECT * FROM llx_boxes_def WHERE file = 'box_graph_nb_tickets_type.php' AND entity = 1); +-- VMYSQL4.1 INSERT INTO llx_boxes_def (file, entity) SELECT 'box_graph_new_vs_close_ticket.php', 1 FROM DUAL WHERE NOT EXISTS (SELECT * FROM llx_boxes_def WHERE file = 'box_graph_new_vs_close_ticket.php' AND entity = 1); diff --git a/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql b/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql index 2b7dcdc9d4e..3d3afb94d8a 100644 --- a/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql +++ b/htdocs/install/mysql/tables/llx_c_socialnetworks.key.sql @@ -16,4 +16,4 @@ -- ======================================================================== -ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code (code); +ALTER TABLE llx_c_socialnetworks ADD UNIQUE INDEX idx_c_socialnetworks_code_entity (entity, code); diff --git a/htdocs/install/step2.php b/htdocs/install/step2.php index 1835c87f759..30bee881584 100644 --- a/htdocs/install/step2.php +++ b/htdocs/install/step2.php @@ -570,19 +570,27 @@ dolibarr_install_syslog("Exit ".$ret); dolibarr_install_syslog("- step2: end"); +// Force here a value we need after because master.inc.php is not loaded into step2. +// This code must be similar with the one into main.inc.php +$conf->file->instance_unique_id = (empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id); // Unique id of instance -$out = ' '; +$hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); + +$out = 'global->MAIN_FIRST_PING_OK_ID) && $conf->global->MAIN_FIRST_PING_OK_ID == 'disabled') ? '' : ' value="checked" checked="true"').'> '; $out .= ''; $out .= ''; $out .= ''; diff --git a/htdocs/knowledgemanagement/knowledgemanagementindex.php b/htdocs/knowledgemanagement/knowledgemanagementindex.php index d9b1f07e6e0..ccb3503eb2f 100644 --- a/htdocs/knowledgemanagement/knowledgemanagementindex.php +++ b/htdocs/knowledgemanagement/knowledgemanagementindex.php @@ -145,7 +145,7 @@ if (! empty($conf->knowledgemanagement->enabled) && $user->rights->knowledgemana END MODULEBUILDER DRAFT MYOBJECT */ -print '
    '; +print '
    '; $NBMAX = (empty($conf->global->MAIN_SIZE_SHORTLIST_LIMIT) ? 25 : $conf->global->MAIN_SIZE_SHORTLIST_LIMIT); @@ -202,7 +202,7 @@ if (! empty($conf->knowledgemanagement->enabled) && $user->rights->knowledgemana } */ -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/knowledgemanagement/knowledgerecord_card.php b/htdocs/knowledgemanagement/knowledgerecord_card.php index 8af0431f361..d06028ac4d9 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_card.php +++ b/htdocs/knowledgemanagement/knowledgerecord_card.php @@ -418,7 +418,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } // Clone - print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&token='.newToken().'&object=scrumsprint', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=clone&token='.newToken().'&object=scrumsprint', '', $permissiontoadd); /* if ($permissiontoadd) { @@ -471,7 +471,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -484,7 +484,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element.'@'.$object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/knowledgemanagement/knowledgerecord_document.php b/htdocs/knowledgemanagement/knowledgerecord_document.php index f3d23fba4bd..90bb9f736cc 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_document.php +++ b/htdocs/knowledgemanagement/knowledgerecord_document.php @@ -80,7 +80,7 @@ if ($id > 0 || !empty($ref)) { //if ($user->socid > 0) $socid = $user->socid; //$result = restrictedArea($user, 'knowledgemanagement', $object->id); -$permissiontoadd = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_addupdatedelete.inc.php +$permissiontoadd = $user->rights->knowledgemanagement->knowledgerecord->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 58ec7dd6be0..1c8fd23ddb3 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -279,6 +279,7 @@ SpaceX=Space X SpaceY=Space Y FontSize=Font size Content=Content +ContentForLines=Content to display for each product or service (from variable __LINES__ of Content) NoticePeriod=Notice period NewByMonth=New by month Emails=Emails @@ -1698,6 +1699,8 @@ MailingDelay=Seconds to wait after sending next message NotificationSetup=Email Notification module setup NotificationEMailFrom=Sender email (From) for emails sent by the Notifications module FixedEmailTarget=Recipient +NotificationDisableConfirmMessageFix=Disable notification info in confirm message for fix notification +NotificationDisableConfirmMessageUser=Disable notification info in confirm message for user notification ##### Sendings ##### SendingsSetup=Shipping module setup SendingsReceiptModel=Sending receipt model diff --git a/htdocs/langs/en_US/bills.lang b/htdocs/langs/en_US/bills.lang index 1bd2a9e9356..ad59e3690d7 100644 --- a/htdocs/langs/en_US/bills.lang +++ b/htdocs/langs/en_US/bills.lang @@ -192,6 +192,7 @@ ConfirmClassifyPaidPartiallyReasonDiscount=Remaining unpaid (%s %s) is a ConfirmClassifyPaidPartiallyReasonDiscountNoVat=Remaining unpaid (%s %s) is a discount granted because payment was made before term. I accept to lose the VAT on this discount. ConfirmClassifyPaidPartiallyReasonDiscountVat=Remaining unpaid (%s %s) is a discount granted because payment was made before term. I recover the VAT on this discount without a credit note. ConfirmClassifyPaidPartiallyReasonBadCustomer=Bad customer +ConfirmClassifyPaidPartiallyReasonBankCharge=Deduction by bank (intermediary bank fees) ConfirmClassifyPaidPartiallyReasonProductReturned=Products partially returned ConfirmClassifyPaidPartiallyReasonOther=Amount abandoned for other reason ConfirmClassifyPaidPartiallyReasonDiscountNoVatDesc=This choice is possible if your invoice has been provided with suitable comments. (Example «Only the tax corresponding to the price that has been actually paid gives rights to deduction») @@ -199,6 +200,7 @@ ConfirmClassifyPaidPartiallyReasonDiscountVatDesc=In some countries, this choice ConfirmClassifyPaidPartiallyReasonAvoirDesc=Use this choice if all other does not suit ConfirmClassifyPaidPartiallyReasonBadCustomerDesc=A bad customer is a customer that refuses to pay his debt. ConfirmClassifyPaidPartiallyReasonProductReturnedDesc=This choice is used when payment is not complete because some of products were returned +ConfirmClassifyPaidPartiallyReasonBankChargeDesc=The unpaid amount is intermediary bank fees, deducted directly from the correct amount paid by the Customer. ConfirmClassifyPaidPartiallyReasonOtherDesc=Use this choice if all others are not suitable, for example in following situation:
    - payment not complete because some products were shipped back
    - amount claimed too important because a discount was forgotten
    In all cases, amount over-claimed must be corrected in accountancy system by creating a credit note. ConfirmClassifyAbandonReasonOther=Other ConfirmClassifyAbandonReasonOtherDesc=This choice will be used in all other cases. For example because you plan to create a replacing invoice. diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang index 10e81316ee4..3f1aac53340 100644 --- a/htdocs/langs/en_US/mrp.lang +++ b/htdocs/langs/en_US/mrp.lang @@ -104,4 +104,6 @@ HumanMachine=Human / Machine WorkstationArea=Workstation area Machines=Machines THMEstimatedHelp=This rate makes it possible to define a forecast cost of the item +BOM=Bill Of Materials +CollapseBOMHelp=You can define the default display of the details of the nomenclature in the configuration of the BOM module MOAndLines=Manufacturing Orders and lines diff --git a/htdocs/langs/en_US/other.lang b/htdocs/langs/en_US/other.lang index ea280968ef4..9bc68dc3678 100644 --- a/htdocs/langs/en_US/other.lang +++ b/htdocs/langs/en_US/other.lang @@ -35,6 +35,9 @@ OnlyOneFieldForXAxisIsPossible=Only 1 field is currently possible as X-Axis. Onl AtLeastOneMeasureIsRequired=At least 1 field for measure is required AtLeastOneXAxisIsRequired=At least 1 field for X-Axis is required LatestBlogPosts=Latest Blog Posts +notiftouser=To users +notiftofixedemail=To fixed mail +notiftouserandtofixedemail=To user and fixed mail Notify_ORDER_VALIDATE=Sales order validated Notify_ORDER_SENTBYMAIL=Sales order sent by mail Notify_ORDER_SUPPLIER_SENTBYMAIL=Purchase order sent by email diff --git a/htdocs/langs/es_ES/admin.lang b/htdocs/langs/es_ES/admin.lang index 9298219c73f..016b303e18b 100644 --- a/htdocs/langs/es_ES/admin.lang +++ b/htdocs/langs/es_ES/admin.lang @@ -280,6 +280,7 @@ SpaceX=Área X SpaceY=Área Y FontSize=Tamaño de fuente Content=Contenido +ContentForLines=Contenido a mostrar por cada línea de producto o servicio (de la variable __LINES__ definida en Contenido) NoticePeriod=Plazo de aviso NewByMonth=Nuevo por mes Emails=E-Mails diff --git a/htdocs/langs/fr_FR/categories.lang b/htdocs/langs/fr_FR/categories.lang index 62bb2267283..3789fd970a1 100644 --- a/htdocs/langs/fr_FR/categories.lang +++ b/htdocs/langs/fr_FR/categories.lang @@ -89,6 +89,11 @@ CategorieRecursiv=Lier automatiquement avec le(a) tag/catégorie parent(e) CategorieRecursivHelp=Si l'option est activé, quand un produit est ajouté dans une sous-catégorie, le produit sera ajouté aussi dans la catégorie parente. AddProductServiceIntoCategory=Ajouter le produit/service suivant AddCustomerIntoCategory=Assigner cette catégorie au client +AddMemberIntoCategory=Assigner cette catégorie au membre +AddContactIntoCategory=Assigner cette catégorie au contact +AddUserIntoCategory=Assigner cette catégorie à l'utilisateur +AddProjectIntoCategory=Assigner cette catégorie au projet +AddAccountIntoCategory=Assigner cette catégorie au compte AddTicketIntoCategory=Assigner cette catégorie au ticket AddSupplierIntoCategory=Assigner cette catégorie au fournisseur ShowCategory=Afficher tag/catégorie diff --git a/htdocs/langs/fr_FR/mrp.lang b/htdocs/langs/fr_FR/mrp.lang index 4aaeb4f9366..5a89a594cc3 100644 --- a/htdocs/langs/fr_FR/mrp.lang +++ b/htdocs/langs/fr_FR/mrp.lang @@ -32,7 +32,7 @@ ValueOfMeansLossForProductProduced=Une valeur de 0,95 signifie une moyenne de 5% DeleteBillOfMaterials=Supprimer la nomenclature DeleteMo=Supprimer l'ordre de fabrication ConfirmDeleteBillOfMaterials=Êtes-vous sûr de vouloir supprimer cette nomenclature? -ConfirmDeleteMo=Are you sure you want to delete this Manufacturing Order? +ConfirmDeleteMo=Êtes-vous sûr de vouloir supprimer cette nomenclature? MenuMRP=Ordres de fabrication NewMO=Nouvel Ordre de fabrication QtyToProduce=Quantité à produire @@ -74,7 +74,7 @@ NoStockChangeOnServices=Aucune variation de stock sur les services ProductQtyToConsumeByMO=Quantité de produit restant à consommer par OF ouvert ProductQtyToProduceByMO=Quantités restant à produire avec les OF ouverts AddNewConsumeLines=Ajouter une nouvelle ligne à consommer -AddNewProduceLines=Add new line to produce +AddNewProduceLines=Ajouter une nouvelle ligne à produire ProductsToConsume=Produits à consommer ProductsToProduce=Produits à produire UnitCost=Coût unitaire @@ -105,3 +105,5 @@ WorkstationArea=Espace Poste de travail Machines=Machines THMEstimatedHelp=Ce taux permet de définir un coût prévisionnel de l'article MOAndLines=Ordres de fabrication et lignes +BOM=Nomenclature +CollapseBOMHelp=Vous pouvez définir l'affichage par défaut du détail des nomenclature dans la configuration du module "Nomenclature Produits" diff --git a/htdocs/loan/card.php b/htdocs/loan/card.php index a15f6c926a6..a5c420726e6 100644 --- a/htdocs/loan/card.php +++ b/htdocs/loan/card.php @@ -621,7 +621,6 @@ if ($id > 0) { print ''; print '
    '; - print '
    '; /* * Payments @@ -693,7 +692,6 @@ if ($id > 0) { dol_print_error($db); } - print '
    '; print '
    '; print ''; diff --git a/htdocs/loan/document.php b/htdocs/loan/document.php index 2d6bfef3079..a151615bd35 100644 --- a/htdocs/loan/document.php +++ b/htdocs/loan/document.php @@ -71,6 +71,8 @@ if ($id > 0) { $upload_dir = $conf->loan->dir_output.'/'.dol_sanitizeFileName($object->ref); $modulepart = 'loan'; +$permissiontoadd = $user->rights->loan->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php + /* * Actions diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 76a4fbc1af8..c1f3231c737 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -72,7 +72,7 @@ function realCharForNumericEntities($matches) return chr((int) $newstringnumentity); } - return '&#'.$matches[1]; // Value will be unchanged because regex was /&#( )/ + return '&#'.$matches[1]; // Value will be unchanged because regex was /&#( )/ } /** @@ -94,7 +94,7 @@ function testSqlAndScriptInject($val, $type) do { $oldval = $val; $val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5); - $val = preg_replace_callback('/&#(x?[0-9][0-9a-f]+)/i', 'realCharForNumericEntities', $val); // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser. + $val = preg_replace_callback('/&#(x?[0-9][0-9a-f]+)/i', 'realCharForNumericEntities', $val); // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser. } while ($oldval != $val); //print "after decoding $val\n"; @@ -454,7 +454,7 @@ if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) { // Save in $_SESSION['newtoken'] what will be next token. Into forms, we will add param token = $_SESSION['newtoken'] $token = dol_hash(uniqid(mt_rand(), false), 'md5'); // Generates a hash of a random number. We don't need a secured hash, just a changing random value. $_SESSION['newtoken'] = $token; - dol_syslog("NEW TOKEN generated by : " . $_SERVER['PHP_SELF'], LOG_DEBUG); + dol_syslog("NEW TOKEN generated by : ".$_SERVER['PHP_SELF'], LOG_DEBUG); } } } @@ -494,20 +494,20 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( // If token is not provided or empty, error (we are in case it is mandatory) if (!GETPOST('token', 'alpha') || GETPOST('token', 'alpha') == 'notrequired') { if (GETPOST('uploadform', 'int')) { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused. File size too large."); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused. File size too large."); $langs->loadLangs(array("errors", "install")); print $langs->trans("ErrorFileSizeTooLarge").' '; print $langs->trans("ErrorGoBackAndCorrectParameters"); die; } else { if (defined('CSRFCHECK_WITH_TOKEN')) { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (CSRFCHECK_WITH_TOKEN protection) in main.inc.php. Token not provided.", LOG_WARNING); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (CSRFCHECK_WITH_TOKEN protection) in main.inc.php. Token not provided.", LOG_WARNING); print "Access to a page that needs a token (constant CSRFCHECK_WITH_TOKEN is defined) is refused by CSRF protection in main.inc.php. Token not provided.\n"; } else { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (POST method or GET with a sensible value for 'action' parameter) in main.inc.php. Token not provided.", LOG_WARNING); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (POST method or GET with a sensible value for 'action' parameter) in main.inc.php. Token not provided.", LOG_WARNING); print "Access to this page this way (POST method or GET with a sensible value for 'action' parameter) is refused by CSRF protection in main.inc.php. Token not provided.\n"; print "If you access your server behind a proxy using url rewriting and the parameter is provided by caller, you might check that all HTTP header are propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file or MAIN_SECURITY_CSRF_WITH_TOKEN to 0"; - if (! empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) { + if (!empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) { print " instead of ".$conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN; } print " into setup).\n"; @@ -520,7 +520,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( $sessiontokenforthisurl = (empty($_SESSION['token']) ? '' : $_SESSION['token']); // TODO Get the sessiontokenforthisurl into the array of session token if (GETPOSTISSET('token') && GETPOST('token') != 'notrequired' && GETPOST('token', 'alpha') != $sessiontokenforthisurl) { - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (invalid token), so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." refused by CSRF protection (invalid token), so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING); //print 'Unset POST by CSRF protection in main.inc.php.'; // Do not output anything because this create problems when using the BACK button on browsers. setEventMessages('SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry', null, 'warnings'); //if ($conf->global->MAIN_FEATURES_LEVEL >= 1) setEventMessages('Unset POST and GET params by CSRF protection in main.inc.php (Token provided was not generated by the previous page).'."
    \n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings'); @@ -785,7 +785,7 @@ if (!defined('NOLOGIN')) { // End test login / passwords if (!$login || (in_array('ldap', $authmode) && empty($passwordtotest))) { // With LDAP we refused empty password because some LDAP are "opened" for anonymous access so connexion is a success. // No data to test login, so we show the login page. - dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." - action=".GETPOST('action', 'aZ09')." - actionlogin=".GETPOST('actionlogin', 'aZ09')." - showing the login form and exit", LOG_INFO); + dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"]." - action=".GETPOST('action', 'aZ09')." - actionlogin=".GETPOST('actionlogin', 'aZ09')." - showing the login form and exit", LOG_INFO); if (defined('NOREDIRECTBYMAINTOLOGIN')) { return 'ERROR_NOT_LOGGED'; } else { @@ -1176,7 +1176,7 @@ if (!defined('NOLOGIN')) { $user->getrights(); } -dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"])?'':$_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"].' - action='.GETPOST('action', 'aZ09').', massaction='.GETPOST('massaction', 'aZ09').(defined('NOTOKENRENEWAL') ? ' NOTOKENRENEWAL='.constant('NOTOKENRENEWAL') : ''), LOG_NOTICE); +dol_syslog("--- Access to ".(empty($_SERVER["REQUEST_METHOD"]) ? '' : $_SERVER["REQUEST_METHOD"].' ').$_SERVER["PHP_SELF"].' - action='.GETPOST('action', 'aZ09').', massaction='.GETPOST('massaction', 'aZ09').(defined('NOTOKENRENEWAL') ? ' NOTOKENRENEWAL='.constant('NOTOKENRENEWAL') : ''), LOG_NOTICE); //Another call for easy debugg //dol_syslog("Access to ".$_SERVER["PHP_SELF"].' '.$_SERVER["HTTP_REFERER"].' GET='.join(',',array_keys($_GET)).'->'.join(',',$_GET).' POST:'.join(',',array_keys($_POST)).'->'.join(',',$_POST)); @@ -1795,7 +1795,6 @@ function top_menu($head, $title = '', $target = '', $disablejs = 0, $disablehead global $hookmanager, $menumanager; $searchform = ''; - $bookmarks = ''; // Instantiate hooks for external modules $hookmanager->initHooks(array('toprightmenu')); @@ -1820,12 +1819,12 @@ function top_menu($head, $title = '', $target = '', $disablejs = 0, $disablehead print "\n".''."\n"; - print '
    '; // dol_invisible_topmenu differs from dol_hide_topmenu: dol_invisible_topmenu means we output menu but we make it invisible. + print '
    '; // dol_invisible_topmenu differs from dol_hide_topmenu: dol_invisible_topmenu means we output menu but we make it invisible. // Show menu entries print '
    '."\n"; $menumanager->atarget = $target; - $menumanager->showmenu('top', array('searchform'=>$searchform, 'bookmarks'=>$bookmarks)); // This contains a \n + $menumanager->showmenu('top', array('searchform'=>$searchform)); // This contains a \n print "
    \n"; // Define link to login card @@ -1890,7 +1889,7 @@ function top_menu($head, $title = '', $target = '', $disablejs = 0, $disablehead } // Link to print main content area - if (empty($conf->global->MAIN_PRINT_DISABLELINK) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && $conf->browser->layout != 'phone') { + if (empty($conf->global->MAIN_PRINT_DISABLELINK) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { $qs = dol_escape_htmltag($_SERVER["QUERY_STRING"]); if (isset($_POST) && is_array($_POST)) { @@ -2004,7 +2003,7 @@ function top_menu($head, $title = '', $target = '', $disablejs = 0, $disablehead print "
    \n"; // end div class="login_block" - print '
    '; + print ''; print '
    '; print "\n\n"; @@ -2281,7 +2280,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_company') .'
    '. $langs->trans("ThirdParty") .'     + '. img_picto('', 'object_company').'
    '.$langs->trans("ThirdParty").'
    '; } @@ -2292,7 +2291,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_contact') .'
    '. $langs->trans("Contact") .'     + '. img_picto('', 'object_contact').'
    '.$langs->trans("Contact").'
    '; } @@ -2303,7 +2302,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_propal') .'
    '. $langs->trans("Proposal") .'     + '. img_picto('', 'object_propal').'
    '.$langs->trans("Proposal").'
    '; } @@ -2314,7 +2313,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_order') .'
    '. $langs->trans("Order") .'     + '. img_picto('', 'object_order').'
    '.$langs->trans("Order").'
    '; } @@ -2325,7 +2324,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_bill') .'
    '. $langs->trans("Bill") .'     + '. img_picto('', 'object_bill').'
    '.$langs->trans("Bill").'
    '; } @@ -2336,7 +2335,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_contract') .'
    '. $langs->trans("Contract") .'     + '. img_picto('', 'object_contract').'
    '.$langs->trans("Contract").'
    '; } @@ -2347,7 +2346,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_propal') .'
    '. $langs->trans("AskPrice") .'     + '. img_picto('', 'object_propal').'
    '.$langs->trans("AskPrice").'
    '; } @@ -2358,7 +2357,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_order') .'
    '. $langs->trans("SupplierOrder") .'     + '. img_picto('', 'object_order').'
    '.$langs->trans("SupplierOrder").'
    '; } @@ -2369,7 +2368,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_bill') .'
    '. $langs->trans("SupplierBill") .'     + '. img_picto('', 'object_bill').'
    '.$langs->trans("SupplierBill").'
    '; } @@ -2380,7 +2379,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_product') .'
    '. $langs->trans("Product") .'     + '. img_picto('', 'object_product').'
    '.$langs->trans("Product").'
    '; } @@ -2391,7 +2390,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_service') .'
    '. $langs->trans("Service") .'     + '. img_picto('', 'object_service').'
    '.$langs->trans("Service").'
    '; } @@ -2402,7 +2401,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_trip') .'
    '. $langs->trans("ExpenseReport") .'     + '. img_picto('', 'object_trip').'
    '.$langs->trans("ExpenseReport").'
    '; } @@ -2413,7 +2412,7 @@ function top_menu_quickadd()
    - '. img_picto('', 'object_holiday') .'
    '. $langs->trans("Holidays") .'     + '. img_picto('', 'object_holiday').'
    '.$langs->trans("Holidays").'
    '; } @@ -2712,7 +2711,6 @@ function left_menu($menu_array_before, $helppagename = '', $notused = '', $menu_ global $hookmanager, $menumanager; $searchform = ''; - $bookmarks = ''; if (!empty($menu_array_before)) { dol_syslog("Deprecated parameter menu_array_before was used when calling main::left_menu function. Menu entries of module should now be defined into module descriptor and not provided when calling left_menu.", LOG_WARNING); @@ -2783,7 +2781,7 @@ function left_menu($menu_array_before, $helppagename = '', $notused = '', $menu_ // Show left menu with other forms $menumanager->menu_array = $menu_array_before; $menumanager->menu_array_after = $menu_array_after; - $menumanager->showmenu('left', array('searchform'=>$searchform, 'bookmarks'=>$bookmarks)); // output menu_array and menu found in database + $menumanager->showmenu('left', array('searchform'=>$searchform)); // output menu_array and menu found in database // Dolibarr version + help + bug report link print "\n"; @@ -2858,12 +2856,12 @@ function left_menu($menu_array_before, $helppagename = '', $notused = '', $menu_ $bugbaseurl .= urlencode("[*Short description*]\n"); $bugbaseurl .= urlencode("\n"); $bugbaseurl .= urlencode("## Environment\n"); - $bugbaseurl .= urlencode("- **Version**: " . DOL_VERSION . "\n"); - $bugbaseurl .= urlencode("- **OS**: " . php_uname('s') . "\n"); - $bugbaseurl .= urlencode("- **Web server**: " . $_SERVER["SERVER_SOFTWARE"] . "\n"); - $bugbaseurl .= urlencode("- **PHP**: " . php_sapi_name() . ' ' . phpversion() . "\n"); - $bugbaseurl .= urlencode("- **Database**: " . $db::LABEL . ' ' . $db->getVersion() . "\n"); - $bugbaseurl .= urlencode("- **URL(s)**: " . $_SERVER["REQUEST_URI"] . "\n"); + $bugbaseurl .= urlencode("- **Version**: ".DOL_VERSION."\n"); + $bugbaseurl .= urlencode("- **OS**: ".php_uname('s')."\n"); + $bugbaseurl .= urlencode("- **Web server**: ".$_SERVER["SERVER_SOFTWARE"]."\n"); + $bugbaseurl .= urlencode("- **PHP**: ".php_sapi_name().' '.phpversion()."\n"); + $bugbaseurl .= urlencode("- **Database**: ".$db::LABEL.' '.$db->getVersion()."\n"); + $bugbaseurl .= urlencode("- **URL(s)**: ".$_SERVER["REQUEST_URI"]."\n"); $bugbaseurl .= urlencode("\n"); $bugbaseurl .= urlencode("## Expected and actual behavior\n"); $bugbaseurl .= urlencode("[*Verbose description*]\n"); @@ -3225,6 +3223,7 @@ if (!function_exists("llxFooter")) { if (($_SERVER["PHP_SELF"] == DOL_URL_ROOT.'/index.php') || $forceping) { //print ''; $hash_unique_id = md5('dolibarr'.$conf->file->instance_unique_id); + if (empty($conf->global->MAIN_FIRST_PING_OK_DATE) || (!empty($conf->file->instance_unique_id) && ($hash_unique_id != $conf->global->MAIN_FIRST_PING_OK_ID) && ($conf->global->MAIN_FIRST_PING_OK_ID != 'disabled')) || $forceping) { @@ -3233,7 +3232,7 @@ if (!function_exists("llxFooter")) { print "\n\n"; } elseif (empty($_COOKIE['DOLINSTALLNOPING_'.$hash_unique_id]) || $forceping) { // Cookie is set when we uncheck the checkbox in the installation wizard. // MAIN_LAST_PING_KO_DATE - // Disable ping if MAIN_LAST_PING_KO_DATE is set and is recent + // Disable ping if MAIN_LAST_PING_KO_DATE is set and is recent (this month) if (!empty($conf->global->MAIN_LAST_PING_KO_DATE) && substr($conf->global->MAIN_LAST_PING_KO_DATE, 0, 6) == dol_print_date(dol_now(), '%Y%m') && !$forceping) { print "\n\n"; } else { diff --git a/htdocs/margin/customerMargins.php b/htdocs/margin/customerMargins.php index 6861f67db0d..7fe151b93f7 100644 --- a/htdocs/margin/customerMargins.php +++ b/htdocs/margin/customerMargins.php @@ -229,14 +229,14 @@ if (!empty($TSelectedCats)) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_product as cp ON cp.fk_product=d.fk_product'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND f.fk_statut NOT IN (".$db->sanitize(implode(', ', $invoice_status_except_list)).")"; diff --git a/htdocs/margin/tabs/productMargins.php b/htdocs/margin/tabs/productMargins.php index 3b14f1db808..062462be267 100644 --- a/htdocs/margin/tabs/productMargins.php +++ b/htdocs/margin/tabs/productMargins.php @@ -139,7 +139,7 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " f.rowid as facid, f.ref, f.total_ht,"; $sql .= " f.datef, f.paye, f.fk_statut as statut, f.type,"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " sum(d.total_ht) as selling_price,"; // may be negative or positive @@ -149,7 +149,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."facturedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -157,7 +157,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND d.fk_facture = f.rowid"; $sql .= " AND d.fk_product = ".((int) $object->id); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if (!empty($socid)) { @@ -170,7 +170,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND d.buy_price_ht <> 0"; } $sql .= " GROUP BY s.nom, s.rowid, s.code_client, f.rowid, f.ref, f.total_ht, f.datef, f.paye, f.fk_statut, f.type"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index ea0af722885..cab90270d64 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -1295,21 +1295,33 @@ if ($dirins && $action == 'addproperty' && empty($cancel) && !empty($module) && $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Type")), null, 'errors'); } + } - if (!$error) { - $addfieldentry = array( - 'name'=>GETPOST('propname', 'aZ09'), 'label'=>GETPOST('proplabel', 'alpha'), 'type'=>GETPOST('proptype', 'alpha'), - 'arrayofkeyval'=>GETPOST('proparrayofkeyval', 'restricthtml'), // Example json string '{"0":"Draft","1":"Active","-1":"Cancel"}' - 'visible'=>GETPOST('propvisible', 'int'), 'enabled'=>GETPOST('propenabled', 'int'), - 'position'=>GETPOST('propposition', 'int'), 'notnull'=>GETPOST('propnotnull', 'int'), 'index'=>GETPOST('propindex', 'int'), 'searchall'=>GETPOST('propsearchall', 'int'), - 'isameasure'=>GETPOST('propisameasure', 'int'), 'comment'=>GETPOST('propcomment', 'alpha'), 'help'=>GETPOST('prophelp', 'alpha'), - 'css'=>GETPOST('propcss', 'aZ09'), 'cssview'=>GETPOST('propcssview', 'aZ09'), 'csslist'=>GETPOST('propcsslist', 'aZ09'), - 'validate' => GETPOST('propvalidate', 'int') - ); + if (!$error) { + $addfieldentry = array( + 'name'=>GETPOST('propname', 'aZ09'), + 'label'=>GETPOST('proplabel', 'alpha'), + 'type'=>GETPOST('proptype', 'alpha'), + 'arrayofkeyval'=>GETPOST('proparrayofkeyval', 'restricthtml'), // Example json string '{"0":"Draft","1":"Active","-1":"Cancel"}' + 'visible'=>GETPOST('propvisible', 'int'), + 'enabled'=>GETPOST('propenabled', 'int'), + 'position'=>GETPOST('propposition', 'int'), + 'notnull'=>GETPOST('propnotnull', 'int'), + 'index'=>GETPOST('propindex', 'int'), + 'searchall'=>GETPOST('propsearchall', 'int'), + 'isameasure'=>GETPOST('propisameasure', 'int'), + 'comment'=>GETPOST('propcomment', 'alpha'), + 'help'=>GETPOST('prophelp', 'alpha'), + 'css'=>GETPOST('propcss', 'aZ09'), + 'cssview'=>GETPOST('propcssview', 'aZ09'), + 'csslist'=>GETPOST('propcsslist', 'aZ09'), + 'default'=>GETPOST('propdefault', 'restricthtml'), + 'noteditable'=>intval(GETPOST('propnoteditable', 'int')), + 'validate' => GETPOST('propvalidate', 'int') + ); - if (!empty($addfieldentry['arrayofkeyval']) && !is_array($addfieldentry['arrayofkeyval'])) { - $addfieldentry['arrayofkeyval'] = json_decode($addfieldentry['arrayofkeyval'], true); - } + if (!empty($addfieldentry['arrayofkeyval']) && !is_array($addfieldentry['arrayofkeyval'])) { + $addfieldentry['arrayofkeyval'] = json_decode($addfieldentry['arrayofkeyval'], true); } } @@ -1530,7 +1542,8 @@ if ($dirins && $action == 'generatepackage') { if (!dol_is_dir($dirofmodule)) { dol_mkdir($dirofmodule); } - $result = dol_compress_dir($dir, $outputfilezip, 'zip', '', $modulelowercase); + // Note: We exclude /bin/ to not include the already generated zip + $result = dol_compress_dir($dir, $outputfilezip, 'zip', '/\/bin\//', $modulelowercase); } else { $result = -1; } @@ -1833,9 +1846,11 @@ if (is_array($listofmodules) && count($listofmodules) > 0) { $linktoenabledisable .= '   '.img_picto($langs->trans("Setup"), "setup", 'style="padding-right: 8px"').''; } } else { - $linktoenabledisable .= ''; - $linktoenabledisable .= img_picto($langs->trans("ModuleIsNotActive", $urltomodulesetup), 'switch_off', 'style="padding-right: 8px"', false, 0, 0, '', 'classfortooltip', 1); - $linktoenabledisable .= "\n"; + if (!empty($moduleobj)) { + $linktoenabledisable .= ''; + $linktoenabledisable .= img_picto($langs->trans("ModuleIsNotActive", $urltomodulesetup), 'switch_off', 'style="padding-right: 8px"', false, 0, 0, '', 'classfortooltip', 1); + $linktoenabledisable .= "\n"; + } } // Loop to show tab of each module @@ -2804,7 +2819,7 @@ if ($module == 'initmodule') { print ''; print ''; print ''; - print ''; + print ''; print ''; print ''; print ''; @@ -3577,7 +3592,7 @@ if ($module == 'initmodule') { print ''; } } else { - print ' '.$langs->trans("CLIFile").' : '.$langs->trans("FileNotYetGenerated");''; + print ' '.$langs->trans("CLIFile").' : '.$langs->trans("FileNotYetGenerated"); ''; print ''.img_picto('Generate', 'generate', 'class="paddingleft"').''; print ''; } diff --git a/htdocs/modulebuilder/template/mymoduleindex.php b/htdocs/modulebuilder/template/mymoduleindex.php index c0c98d88e8f..15f3d83ac54 100644 --- a/htdocs/modulebuilder/template/mymoduleindex.php +++ b/htdocs/modulebuilder/template/mymoduleindex.php @@ -173,7 +173,7 @@ if (! empty($conf->mymodule->enabled) && $user->rights->mymodule->read) END MODULEBUILDER DRAFT MYOBJECT */ -print '
    '; +print '
    '; $NBMAX = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; @@ -234,7 +234,7 @@ if (! empty($conf->mymodule->enabled) && $user->rights->mymodule->read) } */ -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index f790f433e8c..43c57ca1f94 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -558,7 +558,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -571,7 +571,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element.'@'.$object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/mrp/class/api_mos.class.php b/htdocs/mrp/class/api_mos.class.php index 92351184ebe..86d4758b45f 100644 --- a/htdocs/mrp/class/api_mos.class.php +++ b/htdocs/mrp/class/api_mos.class.php @@ -491,7 +491,8 @@ class Mos extends DolibarrApi if (!$error && $line->fk_warehouse > 0) { // Record stock movement $id_product_batch = 0; - $stockmove->origin = $this->mo; + $stockmove->origin_type = 'mo'; + $stockmove->origin_id = $this->mo->id; if ($qtytoprocess >= 0) { $idstockmove = $stockmove->livraison(DolibarrApiAccess::$user, $line->fk_product, $line->fk_warehouse, $qtytoprocess, 0, $labelmovement, dol_now(), '', '', $tmpproduct->status_batch, $id_product_batch, $codemovement); } else { @@ -550,7 +551,8 @@ class Mos extends DolibarrApi if (!$error && $line->fk_warehouse > 0) { // Record stock movement $id_product_batch = 0; - $stockmove->origin = $this->mo; + $stockmove->origin_type = 'mo'; + $stockmove->origin_id = $this->mo->id; if ($qtytoprocess >= 0) { $idstockmove = $stockmove->livraison(DolibarrApiAccess::$user, $line->fk_product, $line->fk_warehouse, $qtytoprocess, 0, $labelmovement, dol_now(), '', '', $tmpproduct->status_batch, $id_product_batch, $codemovement); } else { diff --git a/htdocs/mrp/class/mo.class.php b/htdocs/mrp/class/mo.class.php index a7ed52687df..cdad4e71968 100644 --- a/htdocs/mrp/class/mo.class.php +++ b/htdocs/mrp/class/mo.class.php @@ -625,6 +625,7 @@ class Mo extends CommonObject public function updateProduction(User $user, $notrigger = true) { $error = 0; + $role = ""; if ($this->status != self::STATUS_DRAFT) { $this->error = 'BadStatus'; diff --git a/htdocs/mrp/index.php b/htdocs/mrp/index.php index cbb7b5da305..c4480f76ed0 100644 --- a/htdocs/mrp/index.php +++ b/htdocs/mrp/index.php @@ -147,7 +147,7 @@ if ($conf->use_javascript_ajax) { print '
    '; -print '
    '; +print '
    '; /* * Last modified BOM @@ -245,7 +245,7 @@ if ($resql) { dol_print_error($db); } -print '
    '; +print ''; $parameters = array( //'type' => $type, diff --git a/htdocs/mrp/mo_card.php b/htdocs/mrp/mo_card.php index 136952662cc..b2c3de8f101 100644 --- a/htdocs/mrp/mo_card.php +++ b/htdocs/mrp/mo_card.php @@ -688,7 +688,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -701,7 +701,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, $socid, 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/mrp/mo_document.php b/htdocs/mrp/mo_document.php index 7e297206b3d..c81ed1f995e 100644 --- a/htdocs/mrp/mo_document.php +++ b/htdocs/mrp/mo_document.php @@ -83,12 +83,14 @@ if ($id > 0 || !empty($ref)) { $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); $result = restrictedArea($user, 'mrp', $object->id, 'mrp_mo', '', 'fk_soc', 'rowid', $isdraft); +$permissiontoadd = $user->rights->mrp->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php + /* * Actions */ -include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; +include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php /* diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index 0e2edb81203..d7cc53cdc8b 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -284,7 +284,9 @@ if (empty($reshook)) { if (!$error && GETPOST('idwarehousetoproduce-'.$line->id.'-'.$i) > 0) { // Record stock movement $id_product_batch = 0; - $stockmove->origin = $object; + $stockmove->origin_type = $object->element; + $stockmove->origin_id = $object->id; + $idstockmove = $stockmove->reception($user, $line->fk_product, GETPOST('idwarehousetoproduce-'.$line->id.'-'.$i), $qtytoprocess, $pricetoprocess, $labelmovement, '', '', GETPOST('batchtoproduce-'.$line->id.'-'.$i), dol_now(), $id_product_batch, $codemovement); if ($idstockmove < 0) { $error++; diff --git a/htdocs/multicurrency/class/multicurrency.class.php b/htdocs/multicurrency/class/multicurrency.class.php index 73eab7773bd..0dc9f7ce63a 100644 --- a/htdocs/multicurrency/class/multicurrency.class.php +++ b/htdocs/multicurrency/class/multicurrency.class.php @@ -643,13 +643,12 @@ class MultiCurrency extends CommonObject include_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php'; - $urlendpoint = 'http://apilayer.net/api/live?access_key='.$key; - //$urlendpoint.='&format=1'; - $urlendpoint .= (empty($conf->global->MULTICURRENCY_APP_SOURCE) ? '' : '&source='.$conf->global->MULTICURRENCY_APP_SOURCE); + $urlendpoint = 'http://api.currencylayer.com/live?access_key='.$key; + $urlendpoint .= '&source=' . (empty($conf->global->MULTICURRENCY_APP_SOURCE) ? 'USD' : $conf->global->MULTICURRENCY_APP_SOURCE); dol_syslog("Call url endpoint ".$urlendpoint); - $resget = getURLContent($urlendpoint, 'GET', '', 1, array(), array('http', 'https'), 1); + $resget = getURLContent($urlendpoint); if ($resget['content']) { $response = $resget['content']; diff --git a/htdocs/opensurvey/list.php b/htdocs/opensurvey/list.php index 3dc42def482..b05abe3fd40 100644 --- a/htdocs/opensurvey/list.php +++ b/htdocs/opensurvey/list.php @@ -107,7 +107,8 @@ $arrayfields = dol_sort_array($arrayfields, 'position'); $permissiontoread = $user->rights->opensurvey->read; $permissiontoadd = $user->rights->opensurvey->write; -$permissiontodelete = $user->rights->opensurvey->delete; +// permission delete doesn't exists +$permissiontodelete = $user->rights->opensurvey->write; /* diff --git a/htdocs/partnership/partnership_card.php b/htdocs/partnership/partnership_card.php index 2a281931046..99cdb74e264 100644 --- a/htdocs/partnership/partnership_card.php +++ b/htdocs/partnership/partnership_card.php @@ -639,7 +639,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -652,7 +652,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/partnership/partnershipindex.php b/htdocs/partnership/partnershipindex.php index f1a9f8c507b..0b8a6cd33c9 100644 --- a/htdocs/partnership/partnershipindex.php +++ b/htdocs/partnership/partnershipindex.php @@ -133,7 +133,7 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { END MODULEBUILDER DRAFT MYOBJECT */ -print '
    '; +print '
    '; $NBMAX = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; @@ -190,7 +190,7 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { } */ -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/product/ajax/products.php b/htdocs/product/ajax/products.php index 9ba8d9cec09..84562bf95a4 100644 --- a/htdocs/product/ajax/products.php +++ b/htdocs/product/ajax/products.php @@ -144,7 +144,7 @@ if (!empty($action) && $action == 'fetch' && !empty($id)) { if (!$found && isset($price_level) && $price_level >= 1 && (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES))) { // If we need a particular price level (from 1 to 6) $sql = "SELECT price, price_ttc, price_base_type, tva_tx"; $sql .= " FROM ".MAIN_DB_PREFIX."product_price "; - $sql .= " WHERE fk_product = '".$id."'"; + $sql .= " WHERE fk_product = ".((int) $id); $sql .= " AND entity IN (".getEntity('productprice').")"; $sql .= " AND price_level = ".((int) $price_level); $sql .= " ORDER BY date_price"; diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 28c7b0d1d5d..919931d34ce 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -179,6 +179,9 @@ if ($object->id > 0) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productcard', 'globalcard')); +$usercanread = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->lire) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->lire)); +$usercancreate = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); +$usercandelete = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->supprimer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->supprimer)); /* @@ -189,9 +192,6 @@ if ($cancel) { $action = ''; } -$usercanread = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->lire) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->lire)); -$usercancreate = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); -$usercandelete = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->supprimer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->supprimer)); $createbarcode = empty($conf->barcode->enabled) ? 0 : 1; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->barcode->creer_advance)) { $createbarcode = 0; @@ -1172,8 +1172,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $tooltip .= '
    '.$langs->trans("GenericMaskCodes3"); $tooltip .= '
    '.$langs->trans("GenericMaskCodes4a", $langs->transnoentities("Batch"), $langs->transnoentities("Batch")); $tooltip .= '
    '.$langs->trans("GenericMaskCodes5"); - if (($conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') - || ($conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced')) { + if ((!empty($conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS) && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') + || (!empty($conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS) && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced')) { print ''.$langs->trans("ManageLotMask").''; $inherited_mask_lot = $conf->global->LOT_ADVANCED_MASK; $inherited_mask_sn = $conf->global->SN_ADVANCED_MASK; @@ -1221,10 +1221,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($showbarcode) { print ''.$langs->trans('BarcodeType').''; if (GETPOSTISSET('fk_barcode_type')) { - $fk_barcode_type = GETPOST('fk_barcode_type'); + $fk_barcode_type = GETPOST('fk_barcode_type')?GETPOST('fk_barcode_type'):0; } else { if (empty($fk_barcode_type) && !empty($conf->global->PRODUIT_DEFAULT_BARCODE_TYPE)) { - $fk_barcode_type = $conf->global->PRODUIT_DEFAULT_BARCODE_TYPE; + $fk_barcode_type = getDolGlobalInt("PRODUIT_DEFAULT_BARCODE_TYPE"); + } else { + $fk_barcode_type=0; } } require_once DOL_DOCUMENT_ROOT.'/core/class/html.formbarcode.class.php'; @@ -2321,7 +2323,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; print ''; - print '
    '; + print '
    '; print '
    '; print ''; @@ -2477,7 +2479,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "
    \n"; print '
    '; - print '
    '; + print ''; print '
    '; print dol_get_fiche_end(); @@ -2699,7 +2701,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete') { print $formfile->showdocuments($modulepart, $object->ref, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $object->default_lang, '', $object); $somethingshown = $formfile->numoffiles; - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -2712,7 +2714,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'product', 0, 1, '', $MAXEVENT, '', $morehtmlright); // Show all action for product - print '
    '; + print ''; } // End of page diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 3e93fee5d04..6283b692a28 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -1945,7 +1945,7 @@ class Products extends DolibarrApi unset($object->supplierprices); // Mut use another API to get them - if (!DolibarrApiAccess::$user->rights->stock->lire) { + if (empty(DolibarrApiAccess::$user->rights->stock->lire)) { unset($object->stock_reel); unset($object->stock_theorique); } diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 0b15ad7a85c..230f8375538 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -96,8 +96,6 @@ if ($id > 0 || !empty($ref)) { $modulepart = 'produit'; -$permissiontoadd = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); - if ($object->id > 0) { if ($object->type == $object::TYPE_PRODUCT) { restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); @@ -109,6 +107,8 @@ if ($object->id > 0) { restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); } +$permissiontoadd = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); + /* * Actions diff --git a/htdocs/product/index.php b/htdocs/product/index.php index e3be4b91415..082e8a4d8d2 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -274,7 +274,7 @@ if (!empty($conf->categorie->enabled) && !empty($conf->global->CATEGORY_GRAPHSTA print ''; print ''; } -print '
    '; +print '
    '; /* @@ -416,7 +416,7 @@ if (!empty($conf->global->MAIN_SHOW_PRODUCT_ACTIVITY_TRIM)) { } -print '
    '; +print ''; $parameters = array('type' => $type, 'user' => $user); $reshook = $hookmanager->executeHooks('dashboardProductsServices', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/product/inventory/card.php b/htdocs/product/inventory/card.php index ee39486fb5b..b3a3fdc0b00 100644 --- a/htdocs/product/inventory/card.php +++ b/htdocs/product/inventory/card.php @@ -451,7 +451,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -464,7 +464,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element, 0, 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 44726bb489c..41e43fdf433 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -205,7 +205,7 @@ $sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/product/list.php b/htdocs/product/list.php index aaf9903aa85..8ec03d408f3 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -256,7 +256,7 @@ $arrayfields = array( // MultiPrices -if ($conf->global->PRODUIT_MULTIPRICES) { +if (!empty($conf->global->PRODUIT_MULTIPRICES)) { for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { $keyforlabel = 'PRODUIT_MULTIPRICES_LABEL'.$i; if (!empty($conf->global->$keyforlabel)) { @@ -405,7 +405,7 @@ $sql .= ' FROM '.MAIN_DB_PREFIX.'product as p'; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity); } -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { +if (!empty($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_extrafields as ef on (p.rowid = ef.fk_object)"; } if (!empty($searchCategoryProductList) || !empty($catid)) { diff --git a/htdocs/product/reassort.php b/htdocs/product/reassort.php index c327b24e8f0..b0a1ce87ddd 100644 --- a/htdocs/product/reassort.php +++ b/htdocs/product/reassort.php @@ -46,6 +46,7 @@ $toolowstock = GETPOST('toolowstock'); $tosell = GETPOST("tosell"); $tobuy = GETPOST("tobuy"); $fourn_id = GETPOST("fourn_id", 'int'); +$sbarcode = GETPOST("sbarcode", 'int'); $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); diff --git a/htdocs/product/reassortlot.php b/htdocs/product/reassortlot.php index 2380b4103a2..e75d1504267 100644 --- a/htdocs/product/reassortlot.php +++ b/htdocs/product/reassortlot.php @@ -50,6 +50,7 @@ $toolowstock = GETPOST('toolowstock'); $tosell = GETPOST("tosell"); $tobuy = GETPOST("tobuy"); $fourn_id = GETPOST("fourn_id", 'int'); +$sbarcode = GETPOST("sbarcode", 'int'); $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); @@ -135,11 +136,11 @@ $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'entrepot as e on ps.fk_entrepot = e.rowid' $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_batch as pb on pb.fk_product_stock = ps.rowid'; // Detail for each lot on each warehouse $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_lot as pl on pl.fk_product = p.rowid AND pl.batch = pb.batch'; // Link on unique key // We'll need this table joined to the select in order to filter by categ -if ($search_categ) { +if ($search_categ > 0) { $sql .= ", ".MAIN_DB_PREFIX."categorie_product as cp"; } $sql .= " WHERE p.entity IN (".getEntity('product').")"; -if ($search_categ) { +if ($search_categ > 0) { $sql .= " AND p.rowid = cp.fk_product"; // Join for the needed table to filter by categ } if ($sall) { @@ -178,7 +179,7 @@ if ($fourn_id > 0) { $sql .= " AND p.rowid = pf.fk_product AND pf.fk_soc = ".((int) $fourn_id); } // Insert categ filter -if ($search_categ) { +if ($search_categ > 0) { $sql .= " AND cp.fk_categorie = ".((int) $search_categ); } if ($search_warehouse) { @@ -277,7 +278,7 @@ if ($resql) { if ($search_sale) { $param .= "&search_sale=".urlencode($search_sale); } - if ($search_categ) { + if ($search_categ > 0) { $param .= "&search_categ=".urlencode($search_categ); } /*if ($eatby) $param.="&eatby=".$eatby; diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 932a57d0885..ef4abef5173 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -67,6 +67,7 @@ $currentyear = $tmp['year']; if (empty($search_year)) { $search_year = $currentyear; } +$moreforfilter = ""; $result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); @@ -418,10 +419,10 @@ if ($result || empty($id)) { if ($graphfiles == 'proposals_suppliers' && !$user->rights->supplier_proposal->lire) { continue; } - if ($graphfiles == 'invoices_suppliers' && !$user->rights->fournisseur->facture->lire) { + if ($graphfiles == 'invoices_suppliers' && empty($user->rights->fournisseur->facture->lire)) { continue; } - if ($graphfiles == 'orders_suppliers' && !$user->rights->fournisseur->commande->lire) { + if ($graphfiles == 'orders_suppliers' && empty($user->rights->fournisseur->commande->lire)) { continue; } if ($graphfiles == 'mrp' && empty($user->rights->mrp->mo->read)) { @@ -432,7 +433,7 @@ if ($result || empty($id)) { if ($i % 2 == 0) { print "\n".'
    '."\n"; } else { - print "\n".'
    '."\n"; + print "\n".'
    '."\n"; } // Date generation @@ -464,7 +465,7 @@ if ($result || empty($id)) { if ($i % 2 == 0) { print "\n".'
    '."\n"; } else { - print "\n".'
    '; + print "\n".'
    '; print '

    '."\n"; } @@ -473,8 +474,8 @@ if ($result || empty($id)) { } // div not closed if ($i % 2 == 1) { - print "\n".'
    '."\n"; - print "\n".'
    '; + print "\n".'
    '."\n"; + print "\n".'
    '; print '

    '."\n"; } } diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 623306536b7..abfd329dfa4 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -139,13 +139,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, c.rowid, d.total_ht as total_ht, c.ref,"; $sql .= " c.ref_client,"; $sql .= " c.date_commande, c.fk_statut as statut, c.facture, c.rowid as commandeid, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."commandedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -158,7 +158,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index fd64a1c0572..d9d81ad70dc 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -140,13 +140,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " c.rowid, d.total_ht as total_ht, c.ref,"; $sql .= " c.date_commande, c.fk_statut as statut, c.rowid as commandeid, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseurdet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index 65302ef2c7d..e44619d1b19 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -134,7 +134,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " c.rowid as rowid, c.ref, c.ref_customer, c.ref_supplier, c.date_contrat, c.statut as statut,"; $sql .= " s.nom as name, s.rowid as socid, s.code_client"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; @@ -143,7 +143,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract').")"; $sql .= " AND cd.fk_product = ".((int) $product->id); - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index b3e5571ac5a..8da6e97f55c 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -156,13 +156,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql .= " f.ref, f.datef, f.paye, f.type, f.fk_statut as statut, f.rowid as facid,"; $sql .= " d.rowid, d.total_ht as total_ht, d.qty"; // We must keep the d.rowid here to not loose record because of the distinct used to ignore duplicate line when link on societe_commerciaux is used - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."facturedet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -175,7 +175,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 212674582f9..d61b6de9491 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -139,13 +139,13 @@ if ($id > 0 || !empty($ref)) { if ($user->rights->fournisseur->facture->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, d.rowid, d.total_ht as line_total_ht,"; $sql .= " f.rowid as facid, f.ref, f.ref_supplier, f.datef, f.libelle as label, f.total_ht, f.total_ttc, f.total_tva, f.paye, f.fk_statut as statut, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn_det as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -158,7 +158,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(f.datef) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index b83d0368b75..068184feb7e 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -141,13 +141,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; $sql .= " p.ref_client,"; $sql .= "p.datep, p.fk_statut as statut, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."propaldet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -160,7 +160,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index d583d58bff8..ab02e51fa57 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -140,13 +140,13 @@ if ($id > 0 || !empty($ref)) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; //$sql .= " p.ref_supplier,"; $sql .= "p.date_valid, p.fk_statut as statut, d.rowid, d.qty"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ",".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposaldet as d"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { if (!empty($search_year)) { $sql .= ' AND YEAR(p.datep) IN ('.$db->sanitize($search_year).')'; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 529c0205d32..e485ea3d543 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -87,6 +87,10 @@ if ($id > 0 || !empty($ref)) { } } +$usercanread = (($user->rights->stock->lire)); +$usercancreate = (($user->rights->stock->creer)); +$usercandelete = (($user->rights->stock->supprimer)); + /* * Actions @@ -94,10 +98,6 @@ if ($id > 0 || !empty($ref)) { $error = 0; -$usercanread = (($user->rights->stock->lire)); -$usercancreate = (($user->rights->stock->creer)); -$usercandelete = (($user->rights->stock->supprimer)); - $parameters = array('id'=>$id, 'ref'=>$ref); $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { @@ -505,7 +505,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -551,7 +550,6 @@ if ($action == 'create') { print "
    "; - print '
    '; print '
    '; print ''; @@ -963,7 +961,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete') { print $formfile->showdocuments($modulepart, $object->ref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 0, 0, 0, 28, 0, '', 0, '', $object->default_lang, '', $object); $somethingshown = $formfile->numoffiles; - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -976,7 +974,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'stock', 0, 1, '', $MAXEVENT, '', $morehtmlright); // Show all action for product - print '
    '; + print ''; } // End of page diff --git a/htdocs/product/stock/index.php b/htdocs/product/stock/index.php index b64068df48b..9aad5f382cc 100644 --- a/htdocs/product/stock/index.php +++ b/htdocs/product/stock/index.php @@ -134,8 +134,7 @@ if ($result) { } -//print ''; -print '
    '; +print '
    '; // Latest movements @@ -235,8 +234,7 @@ if ($resql) { dol_print_error($db); } -//print ''; -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardWarehouse', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php index af6d6c08740..d7bd8bee9b4 100644 --- a/htdocs/product/stock/massstockmove.php +++ b/htdocs/product/stock/massstockmove.php @@ -443,6 +443,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { */ $now = dol_now(); +$error = 0; $form = new Form($db); $formproduct = new FormProduct($db); diff --git a/htdocs/product/stock/movement_card.php b/htdocs/product/stock/movement_card.php index 24e5ae2b689..b5373fc9de6 100644 --- a/htdocs/product/stock/movement_card.php +++ b/htdocs/product/stock/movement_card.php @@ -605,7 +605,6 @@ if ($resql) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -637,7 +636,6 @@ if ($resql) { print "
    "; - print '
    '; print '
    '; print ''; @@ -1205,7 +1203,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete' && $id > 0) print $formfile->showdocuments($modulepart, $objectref, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $object->default_lang, '', $object); $somethingshown = $formfile->numoffiles; - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -1218,7 +1216,7 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete' && $id > 0) $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'mouvement', 0, 1, '', $MAXEVENT, '', $morehtmlright); // Show all action for product - print '
    '; + print ''; } diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php index f3b9ea40559..e028c49396b 100644 --- a/htdocs/product/stock/movement_list.php +++ b/htdocs/product/stock/movement_list.php @@ -718,7 +718,6 @@ if ($object->id > 0) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -760,7 +759,6 @@ if ($object->id > 0) { print "
    "; - print '
    '; print '
    '; print ''; diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index f8c88ce6d01..23900c85c0b 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -709,7 +709,7 @@ if ($id > 0 || $ref) { print ''; print ''; - print '
    '; + print '
    '; print ''; @@ -863,7 +863,6 @@ if ($id > 0 || $ref) { print "
    "; - print '
    '; print '
    '; print '
    '; diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php index 36e230b911d..cbf7c901b37 100644 --- a/htdocs/product/stock/productlot_card.php +++ b/htdocs/product/stock/productlot_card.php @@ -569,7 +569,7 @@ if ($action != 'presend') { print $formfile->showdocuments('product_batch', $objref, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $langs->default_lang, '', $object); } - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -577,7 +577,7 @@ if ($action != 'presend') { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'productlot', 0, 1, '', $MAXEVENT); - print '
    '; + print ''; } // End of page diff --git a/htdocs/product/stock/productlot_document.php b/htdocs/product/stock/productlot_document.php index 08b565c90a0..c6e72c6f0da 100644 --- a/htdocs/product/stock/productlot_document.php +++ b/htdocs/product/stock/productlot_document.php @@ -100,6 +100,7 @@ if (empty($upload_dir)) { $permissiontoread = $usercanread; $permissiontoadd = $usercancreate; +$permtoedit = $user->rights->produit->creer; //$permissiontodelete = $usercandelete; // Security check @@ -130,8 +131,6 @@ if (empty($reshook)) { include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; } -$permtoedit = $user->rights->produit->creer; - /* * View diff --git a/htdocs/product/stock/replenishorders.php b/htdocs/product/stock/replenishorders.php index 01a7e2dd1a3..a0138743f20 100644 --- a/htdocs/product/stock/replenishorders.php +++ b/htdocs/product/stock/replenishorders.php @@ -122,7 +122,7 @@ $sql .= ' cf.rowid, cf.ref, cf.fk_statut, cf.total_ttc, cf.fk_user_author,'; $sql .= ' u.login'; $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande_fournisseur as cf'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON cf.fk_user_author = u.rowid'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ', '.MAIN_DB_PREFIX.'societe_commerciaux as sc'; } $sql .= ' WHERE cf.fk_soc = s.rowid '; @@ -134,7 +134,7 @@ if ($conf->global->STOCK_CALCULATE_ON_SUPPLIER_VALIDATE_ORDER) { } else { $sql .= ' AND cf.fk_statut < 5'; } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ' AND s.rowid = sc.fk_soc AND sc.fk_user = '.((int) $user->id); } if ($sref) { diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index 940acdb551d..3fc409f58be 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -188,7 +188,7 @@ if ($date && $dateIsValid) { if ($mode == 'future') { $sql .= " AND sm.datem <= '".$db->idate($dateendofday)."'"; } else { - $sql .= " AND sm.datem >= '".$db->idate($date)."'"; + $sql .= " AND sm.datem >= '".$db->idate($dateendofday)."'"; } if ($productid > 0) { $sql .= " AND sm.fk_product = ".((int) $productid); diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php index bdce4353faf..453a4078978 100644 --- a/htdocs/projet/activity/index.php +++ b/htdocs/projet/activity/index.php @@ -159,7 +159,7 @@ print ""; print ''; -print '
    '; +print '
    '; /* Affichage de la liste des projets d'hier */ @@ -557,7 +557,7 @@ if (empty($conf->global->PROJECT_HIDE_TASKS) && !empty($conf->global->PROJECT_SH } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardActivities', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index 5922de82d2c..091d20c24d6 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -1006,13 +1006,13 @@ if ($action == 'create' && $user->rights->projet->creer) { $morehtmlref .= dol_escape_htmltag($object->title); // Thirdparty $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '; - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= $object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; } @@ -1129,10 +1129,9 @@ if ($action == 'create' && $user->rights->projet->creer) { print ''; print '
    '; - print '
    '; print '
    '; - print ''; + print '
    '; // Description print '
    '.$langs->trans("Description").''; @@ -1148,7 +1147,6 @@ if ($action == 'create' && $user->rights->projet->creer) { print '
    '; - print '
    '; print '
    '; print ''; @@ -1372,7 +1370,7 @@ if ($action == 'create' && $user->rights->projet->creer) { print $formfile->showdocuments('project', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -1383,7 +1381,7 @@ if ($action == 'create' && $user->rights->projet->creer) { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'project', 0, 1, '', $MAXEVENT, '', $morehtmlcenter); - print '
    '; + print ''; } // Presend form diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 8da82f45201..aa823dc44d6 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -2015,7 +2015,7 @@ class Project extends CommonObject //$socid=$user->socid; $projectsListId = null; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1); } @@ -2107,7 +2107,7 @@ class Project extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " WHERE"; $sql .= " p.entity IN (".getEntity('project').")"; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1); $sql .= "AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; } diff --git a/htdocs/projet/class/projectstats.class.php b/htdocs/projet/class/projectstats.class.php index 1439ecd5f20..efd8ecc3424 100644 --- a/htdocs/projet/class/projectstats.class.php +++ b/htdocs/projet/class/projectstats.class.php @@ -158,7 +158,7 @@ class ProjectStats extends Stats // Get list of project id allowed to user (in a string list separated by coma) $object = new Project($this->db); $projectsListId = ''; - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $user->socid); } @@ -183,7 +183,7 @@ class ProjectStats extends Stats $sqlwhere[] = " t.fk_opp_status IN (".$this->db->sanitize($this->status).")"; } - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $sqlwhere[] = " t.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users } diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index 240552ecc48..dac2afa4834 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -2077,7 +2077,7 @@ class Task extends CommonObject $sql .= " AND p.fk_statut = 1"; $sql .= " AND t.fk_projet = p.rowid"; $sql .= " AND (t.progress IS NULL OR t.progress < 100)"; // tasks to do - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; } // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser @@ -2142,13 +2142,13 @@ class Task extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; } $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " WHERE p.entity IN (".getEntity('project', 0).')'; $sql .= " AND t.fk_projet = p.rowid"; // tasks to do - if ($mine || !$user->rights->projet->all->lire) { + if ($mine || empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; } // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser @@ -2156,7 +2156,7 @@ class Task extends CommonObject if ($socid) { $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id).") OR (s.rowid IS NULL))"; } diff --git a/htdocs/projet/class/taskstats.class.php b/htdocs/projet/class/taskstats.class.php index 594ad38d723..a5b088f01e8 100644 --- a/htdocs/projet/class/taskstats.class.php +++ b/htdocs/projet/class/taskstats.class.php @@ -59,7 +59,7 @@ class TaskStats extends Stats $sql = "SELECT"; $sql .= " COUNT(t.rowid), t.priority"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); @@ -118,7 +118,7 @@ class TaskStats extends Stats $sql = "SELECT date_format(t.datec,'%Y') as year, COUNT(t.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); @@ -180,7 +180,7 @@ class TaskStats extends Stats $sql = "SELECT date_format(t.datec,'%m') as dm, COUNT(t.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task as t INNER JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = t.fk_projet"; - if (!$user->rights->societe->client->voir && !$user->soc_id) { + if (empty($user->rights->societe->client->voir) && !$user->soc_id) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc=p.fk_soc AND sc.fk_user=".((int) $user->id); } $sql .= $this->buildWhere(); diff --git a/htdocs/projet/comment.php b/htdocs/projet/comment.php index 2aa8f473cb4..52a1f581df8 100644 --- a/htdocs/projet/comment.php +++ b/htdocs/projet/comment.php @@ -103,13 +103,13 @@ $morehtmlref = '
    '; // Title $morehtmlref .= $object->title; // Thirdparty -if ($object->thirdparty->id > 0) { +if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= '
    '; // Define a complementary filter for search of next/prev ref. -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; } @@ -155,7 +155,6 @@ print ''; print ''; print '
    '; -print '
    '; print '
    '; print ''; @@ -179,7 +178,6 @@ print ''; print '
    '; -print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php index ce9674dfd0a..48f12e23ec4 100644 --- a/htdocs/projet/contact.php +++ b/htdocs/projet/contact.php @@ -294,13 +294,13 @@ if ($id > 0 || !empty($ref)) { // Title $morehtmlref .= $object->title; // Thirdparty - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -406,10 +406,9 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; - print ''; + print '
    '; // Description print '
    '.$langs->trans("Description").''; @@ -425,7 +424,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index df31724d07c..1bfbb9aa4a6 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -82,6 +82,7 @@ $socid = 0; //if ($user->socid > 0) $socid = $user->socid; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $id, 'projet&project'); +$permissiontoadd = $user->rights->projet->creer; /* @@ -134,13 +135,13 @@ if ($object->id > 0) { // Title $morehtmlref .= $object->title; // Thirdparty - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index 9e14a53e7ea..66288159f39 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -164,7 +164,7 @@ if ($id == '' && $ref == '') { exit(); } -$mine = $_REQUEST['mode'] == 'mine' ? 1 : 0; +$mine = (!empty($_REQUEST['mode']) && $_REQUEST['mode'] == 'mine') ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects $object = new Project($db); @@ -216,13 +216,13 @@ $morehtmlref = '
    '; // Title $morehtmlref .= $object->title; // Thirdparty -if ($object->thirdparty->id > 0) { +if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= '
    '; // Define a complementary filter for search of next/prev ref. -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " te.rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -328,10 +328,9 @@ print ''; print ''; print '
    '; -print '
    '; print '
    '; -print ''; +print '
    '; // Description print '
    '.$langs->trans("Description").''; @@ -347,7 +346,6 @@ if ($conf->categorie->enabled) { print '
    '; -print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php index b5325ca93b2..9c20aa562d7 100644 --- a/htdocs/projet/ganttview.php +++ b/htdocs/projet/ganttview.php @@ -116,13 +116,13 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) { // Title $morehtmlref .= $object->title; // Thirdparty - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -204,7 +204,6 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -223,7 +222,6 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php index 213691f4e25..e1f86bcffc9 100644 --- a/htdocs/projet/index.php +++ b/htdocs/projet/index.php @@ -197,10 +197,10 @@ include DOL_DOCUMENT_ROOT.'/projet/graph_opportunities.inc.php'; print_projecttasks_array($db, $form, $socid, $projectsListId, 0, 0, $listofoppstatus, array('projectlabel', 'plannedworkload', 'declaredprogress', 'prospectionstatus', 'projectstatus')); -print '
    '; +print '
    '; // Latest modified projects -$sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut as status, p.tms as datem"; +$sql = "SELECT p.rowid, p.ref, p.title, p.dateo, p.datee, p.fk_statut as status, p.tms as datem"; $sql .= ", s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; @@ -239,8 +239,6 @@ if ($resql) { $projectstatic->id = $obj->rowid; $projectstatic->ref = $obj->ref; $projectstatic->title = $obj->title; - $projectstatic->dateo = $obj->dateo; - $projectstatic->datep = $obj->datep; $projectstatic->thirdparty_name = $obj->name; $projectstatic->status = $obj->status; @@ -420,7 +418,7 @@ if (empty($conf->global->PROJECT_HIDE_PROJECT_LIST_ON_PROJECT_AREA)) { print_projecttasks_array($db, $form, $socid, $projectsListId, 0, 1, $listofoppstatus, array()); } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardProjects', $parameters, $projectstatic); // Note that $action and $object may have been modified by hook diff --git a/htdocs/projet/info.php b/htdocs/projet/info.php index b8c6ae046cf..c0afe5d1370 100644 --- a/htdocs/projet/info.php +++ b/htdocs/projet/info.php @@ -128,13 +128,13 @@ $morehtmlref = '
    '; // Title $morehtmlref .= $object->title; // Thirdparty -if ($object->thirdparty->id > 0) { +if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= '
    '; // Define a complementary filter for search of next/prev ref. -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index a5f14431eda..444dc6d525f 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -357,7 +357,7 @@ $title = $langs->trans("Projects"); // Get list of project id allowed to user (in a string list separated by comma) $projectsListId = ''; -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $socid); } @@ -421,7 +421,7 @@ $sql .= " WHERE p.entity IN (".getEntity('project').')'; if (!empty($conf->categorie->enabled)) { $sql .= Categorie::getFilterSelectQuery(Categorie::TYPE_PROJECT, "p.rowid", $search_category_array); } -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users } // No need to check if company is external user, as filtering of projects must be done by getProjectsAuthorizedForUser diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php index 9fee6615c40..2ee52d3a247 100644 --- a/htdocs/projet/note.php +++ b/htdocs/projet/note.php @@ -33,7 +33,7 @@ $action = GETPOST('action', 'aZ09'); $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); -$mine = $_REQUEST['mode'] == 'mine' ? 1 : 0; +$mine = (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'mine') ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects $object = new Project($db); @@ -100,13 +100,13 @@ if ($id > 0 || !empty($ref)) { // Title $morehtmlref .= $object->title; // Thirdparty - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } diff --git a/htdocs/projet/stats/index.php b/htdocs/projet/stats/index.php index afd86f3ed07..c5acc20bfe6 100644 --- a/htdocs/projet/stats/index.php +++ b/htdocs/projet/stats/index.php @@ -349,7 +349,7 @@ foreach ($data_all_year as $val) { print ''; print ''; -print '
    '; +print '
    '; $stringtoshow = '
    '; if ($mesg) { diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index cfd2b89b0c2..80d39cf08d4 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -550,13 +550,13 @@ if ($id > 0 || !empty($ref)) { // Title $morehtmlref .= $object->title; // Thirdparty - if ($object->thirdparty->id > 0) { + if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -637,7 +637,6 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -656,7 +655,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/tasks/comment.php b/htdocs/projet/tasks/comment.php index 76c5239fc17..a2bbba52305 100644 --- a/htdocs/projet/tasks/comment.php +++ b/htdocs/projet/tasks/comment.php @@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; } @@ -247,7 +247,6 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -266,7 +265,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php index d79406d2d14..753ccc9b419 100644 --- a/htdocs/projet/tasks/contact.php +++ b/htdocs/projet/tasks/contact.php @@ -196,7 +196,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -277,10 +277,9 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; - print ''; + print '
    '; // Description print '
    '.$langs->trans("Description").''; @@ -296,7 +295,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index 3a56a7a018a..c60e3324741 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -74,6 +74,7 @@ $socid = 0; restrictedArea($user, 'projet', $object->fk_project, 'projet&project'); +$permissiontoadd = $$user->rights->mrp->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php /* @@ -151,7 +152,7 @@ if ($object->id > 0) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -232,7 +233,6 @@ if ($object->id > 0) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -251,7 +251,6 @@ if ($object->id > 0) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index e1ed162f9c2..53b1a85e889 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -273,7 +273,7 @@ if ($id) { } // Get list of project id allowed to user (in a string list separated by coma) -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); } //var_dump($projectsListId); @@ -357,7 +357,7 @@ if ($search_task_user > 0) { } $sql .= " WHERE t.fk_projet = p.rowid"; $sql .= " AND p.entity IN (".getEntity('project').')'; -if (!$user->rights->projet->all->lire) { +if (empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId ? $projectsListId : '0').")"; // public and assigned to projects, or restricted to company for external users } if (is_object($projectstatic) && $projectstatic->id > 0) { diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php index 21be9b6d5c4..3d1ec610b48 100644 --- a/htdocs/projet/tasks/note.php +++ b/htdocs/projet/tasks/note.php @@ -142,7 +142,7 @@ if ($object->id > 0) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -223,7 +223,6 @@ if ($object->id > 0) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -242,7 +241,6 @@ if ($object->id > 0) { print '
    '; - print '
    '; print '
    '; print ''; diff --git a/htdocs/projet/tasks/stats/index.php b/htdocs/projet/tasks/stats/index.php index 76c74ba343c..60cbdf37072 100644 --- a/htdocs/projet/tasks/stats/index.php +++ b/htdocs/projet/tasks/stats/index.php @@ -205,7 +205,7 @@ foreach ($data_all_year as $val) { print '
    '; print '
    '; -print '
    '; +print '
    '; $stringtoshow = '
    '; if ($mesg) { @@ -219,7 +219,7 @@ $stringtoshow .= '
    '; print $stringtoshow; -print '
    '; +print ''; print '
    '; // End of page diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php index 06faaaa7ae9..62714c72216 100644 --- a/htdocs/projet/tasks/task.php +++ b/htdocs/projet/tasks/task.php @@ -235,7 +235,7 @@ if ($id > 0 || !empty($ref)) { $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -317,7 +317,6 @@ if ($id > 0 || !empty($ref)) { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -336,7 +335,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print ''; @@ -543,7 +541,7 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; - print '
    '; + print '
    '; print '
    '; print ''; @@ -583,7 +581,6 @@ if ($id > 0 || !empty($ref)) { print '
    '; - print '
    '; print '
    '; print '
    '; @@ -639,7 +636,7 @@ if ($id > 0 || !empty($ref)) { print $formfile->showdocuments('project_task', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf); - print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; @@ -647,7 +644,7 @@ if ($id > 0 || !empty($ref)) { $defaultthirdpartyid = $socid > 0 ? $socid : $object->project->socid; $formactions->showactions($object, 'task', $defaultthirdpartyid, 1, '', 10, 'withproject='.$withproject); - print '
    '; + print ''; } } diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 83f27c11796..e8dc79951f7 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -719,7 +719,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { $head = project_prepare_head($projectstatic); print dol_get_fiche_head($head, $tab, $langs->trans("Project"), -1, ($projectstatic->public ? 'projectpub' : 'project')); - $param = ($mode == 'mine' ? '&mode=mine' : ''); + $param = ((!empty($mode) && $mode == 'mine') ? '&mode=mine' : ''); // Project card @@ -729,13 +729,13 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { // Title $morehtmlref .= $projectstatic->title; // Thirdparty - if ($projectstatic->thirdparty->id > 0) { + if (!empty($projectstatic->thirdparty->id) && $projectstatic->thirdparty->id > 0) { $morehtmlref .= '
    '.$langs->trans('ThirdParty').' : '.$projectstatic->thirdparty->getNomUrl(1, 'project'); } $morehtmlref .= ''; // Define a complementary filter for search of next/prev ref. - if (!$user->rights->projet->all->lire) { + if (empty($user->rights->projet->all->lire)) { $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; } @@ -773,7 +773,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { print '
    '; } if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } @@ -816,10 +816,9 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { print ''; print '
    '; - print '
    '; print '
    '; - print ''; + print '
    '; // Description print '
    '.$langs->trans("Description").''; @@ -835,7 +834,6 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { print '
    '; - print '
    '; print '
    '; print ''; @@ -955,7 +953,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { print ''; print ''; - print '
    '; + print '
    '; print '
    '; print ''; @@ -983,7 +981,6 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { print '
    '; - print '
    '; print '
    '; print '
    '; diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index a46488ab5f9..fe57f4ea424 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -205,12 +205,8 @@ if (empty($reshook) && $action == 'add') { // We try to find the thirdparty or the member if (empty($conf->global->PARTNERSHIP_IS_MANAGED_FOR) || $conf->global->PARTNERSHIP_IS_MANAGED_FOR == 'thirdparty') { - - $partnership->fk_member = 0; } elseif ($conf->global->PARTNERSHIP_IS_MANAGED_FOR == 'member') { - - $partnership->fk_soc = 0; } diff --git a/htdocs/reception/card.php b/htdocs/reception/card.php index 65f1c23d7c0..96953d93824 100644 --- a/htdocs/reception/card.php +++ b/htdocs/reception/card.php @@ -1529,7 +1529,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -1596,7 +1595,6 @@ if ($action == 'create') { print "
    "; - print '
    '; print '
    '; print ''; @@ -2074,7 +2072,9 @@ if ($action == 'create') { //$linktoelem = $form->showLinkToObjectBlock($object, null, array('order')); $somethingshown = $form->showLinkedObjectBlock($object, ''); - print '
    '; + print '
    '; + + print '
    '; } // Presend form diff --git a/htdocs/reception/class/receptionstats.class.php b/htdocs/reception/class/receptionstats.class.php index 4055d5d5dfe..872d6845a96 100644 --- a/htdocs/reception/class/receptionstats.class.php +++ b/htdocs/reception/class/receptionstats.class.php @@ -70,7 +70,7 @@ class ReceptionStats extends Stats //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= " AND c.entity = ".$conf->entity; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($this->socid) { @@ -93,7 +93,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -117,7 +117,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -138,7 +138,7 @@ class ReceptionStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->rights->societe->client->voir && !$this->socid) { + if (empty($user->rights->societe->client->voir) && !$this->socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/reception/contact.php b/htdocs/reception/contact.php index 498b67d1593..1c368dc9caa 100644 --- a/htdocs/reception/contact.php +++ b/htdocs/reception/contact.php @@ -217,11 +217,9 @@ if ($id > 0 || !empty($ref)) { //print ''; //print '
    '; - //print '
    '; //print '
    '; - //print '
    '; //print '
    '; print ''; diff --git a/htdocs/reception/index.php b/htdocs/reception/index.php index 948489aa843..580de4aca1a 100644 --- a/htdocs/reception/index.php +++ b/htdocs/reception/index.php @@ -86,7 +86,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."reception as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'reception'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur as c ON el.fk_source = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql .= $clause." sc.fk_user = ".((int) $user->id); $clause = " AND "; @@ -135,8 +135,7 @@ if ($resql) { } -//print ''; -print '
    '; +print '
    '; $max = 5; @@ -151,11 +150,11 @@ $sql .= " FROM ".MAIN_DB_PREFIX."reception as e"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'reception' AND el.sourcetype IN ('order_supplier')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur as c ON el.fk_source = c.rowid AND el.sourcetype IN ('order_supplier') AND el.targettype = 'reception'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('reception').")"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND sc.fk_user = ".((int) $user->id); } $sql .= " AND e.fk_statut = 1"; @@ -212,7 +211,7 @@ if ($resql) { $sql = "SELECT c.rowid, c.ref, c.ref_supplier as ref_supplier, c.fk_statut as status, c.billed as billed, s.nom as name, s.rowid as socid"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -221,7 +220,7 @@ $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".Comma if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid ASC"; @@ -265,7 +264,7 @@ if ($resql) { } } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardWarehouseReceptions', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/reception/list.php b/htdocs/reception/list.php index 7e8e2e725ca..5a6db5b53b1 100644 --- a/htdocs/reception/list.php +++ b/htdocs/reception/list.php @@ -488,7 +488,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_ty $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as ee ON e.rowid = ee.fk_source AND ee.sourcetype = 'reception' AND ee.targettype = 'delivery'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."delivery as l ON l.rowid = ee.fk_target"; -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -498,7 +498,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters); // Not $sql .= $hookmanager->resPrint; $sql .= " WHERE e.entity IN (".getEntity('reception').")"; -if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no permission to see all +if (empty($user->rights->societe->client->voir) && !$socid) { // Internal user with no permission to see all $sql .= " AND e.fk_soc = sc.fk_soc"; $sql .= " AND sc.fk_user = ".((int) $user->id); } diff --git a/htdocs/reception/stats/index.php b/htdocs/reception/stats/index.php index 61098e74322..8f20ed58065 100644 --- a/htdocs/reception/stats/index.php +++ b/htdocs/reception/stats/index.php @@ -70,7 +70,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) { +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenamenb = $dir.'/receptionsnbinyear-'.$user->id.'-'.$year.'.png'; } else { $filenamenb = $dir.'/receptionsnbinyear-'.$year.'.png'; @@ -105,7 +105,7 @@ $data = $stats->getAmountByMonthWithPrevYear($endyear,$startyear); //var_dump($data); // $data = array(array('Lib',val1,val2,val3),...) -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filenameamount = $dir.'/receptionsamountinyear-'.$user->id.'-'.$year.'.png'; } @@ -143,7 +143,7 @@ if (! $mesg) /* $data = $stats->getAverageByMonthWithPrevYear($endyear, $startyear); -if (!$user->rights->societe->client->voir || $user->socid) +if (empty($user->rights->societe->client->voir) || $user->socid) { $filename_avg = $dir.'/receptionsaverage-'.$user->id.'-'.$year.'.png'; } @@ -282,7 +282,7 @@ foreach ($data as $val) { print ''; -print '
    '; +print '
    '; // Show graphs @@ -299,7 +299,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; print dol_get_fiche_end(); diff --git a/htdocs/recruitment/recruitmentcandidature_card.php b/htdocs/recruitment/recruitmentcandidature_card.php index 5fbc1029e4e..9feebcc1434 100644 --- a/htdocs/recruitment/recruitmentcandidature_card.php +++ b/htdocs/recruitment/recruitmentcandidature_card.php @@ -656,7 +656,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -669,7 +669,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element.'@recruitment', (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/recruitment/recruitmentcandidature_list.php b/htdocs/recruitment/recruitmentcandidature_list.php index 56b00c94949..f16b8c3dcf9 100644 --- a/htdocs/recruitment/recruitmentcandidature_list.php +++ b/htdocs/recruitment/recruitmentcandidature_list.php @@ -237,13 +237,11 @@ $title = $langs->trans('ListOfCandidatures'); // Build and execute select // -------------------------------------------------------------------- $sql = 'SELECT '; -foreach ($object->fields as $key => $val) { - $sql .= "t.".$key.", "; -} +$sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key : ''); } } // Add fields from hooks diff --git a/htdocs/recruitment/recruitmentindex.php b/htdocs/recruitment/recruitmentindex.php index 5473572f842..b4d943584cd 100644 --- a/htdocs/recruitment/recruitmentindex.php +++ b/htdocs/recruitment/recruitmentindex.php @@ -320,7 +320,7 @@ if (! empty($conf->recruitment->enabled) && $user->rights->recruitment->read) END MODULEBUILDER DRAFT MYOBJECT */ -print '
    '; +print '
    '; $NBMAX = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; @@ -331,11 +331,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT s.rowid, s.ref, s.label, s.date_creation, s.tms, s.status, COUNT(rc.rowid) as nbapplications"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc ON rc.fk_recruitmentjobposition = s.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -402,11 +402,11 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT rc.rowid, rc.ref, rc.email, rc.lastname, rc.firstname, rc.date_creation, rc.tms, rc.status"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s ON rc.fk_recruitmentjobposition = s.rowid"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -463,7 +463,7 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme } } -print '
    '; +print ''; // End of page llxFooter(); diff --git a/htdocs/recruitment/recruitmentjobposition_card.php b/htdocs/recruitment/recruitmentjobposition_card.php index 3fa7617f55c..5c9d902b817 100644 --- a/htdocs/recruitment/recruitmentjobposition_card.php +++ b/htdocs/recruitment/recruitmentjobposition_card.php @@ -556,7 +556,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print $out; } - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -569,7 +569,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, $object->element.'@recruitment', (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlright); - print '
    '; + print ''; } //Select mail models is same action as presend diff --git a/htdocs/recruitment/recruitmentjobposition_list.php b/htdocs/recruitment/recruitmentjobposition_list.php index 26a3a81e998..f0935bc8798 100644 --- a/htdocs/recruitment/recruitmentjobposition_list.php +++ b/htdocs/recruitment/recruitmentjobposition_list.php @@ -243,10 +243,11 @@ $title = $langs->trans('ListOfPositionsToBeFilled'); // -------------------------------------------------------------------- $sql = 'SELECT '; $sql .= $object->getFieldList('t'); + // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : ''); } } // Add fields from hooks diff --git a/htdocs/resource/agenda.php b/htdocs/resource/agenda.php index 6f9cfa8ce34..bf300141bc4 100644 --- a/htdocs/resource/agenda.php +++ b/htdocs/resource/agenda.php @@ -71,14 +71,18 @@ if (!$sortorder) { $sortorder = 'DESC,DESC'; } -$object = new DolResource($db); -$object->fetch($id, $ref); - // Initialize technical objects //$object=new MyObject($db); $extrafields = new ExtraFields($db); $hookmanager->initHooks(array('agendaresource')); +$object = new DolResource($db); + +// Load object +include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. + +$result = restrictedArea($user, 'resource', $object->id, 'resource'); + // Security check if (!$user->rights->resource->read) { accessforbidden(); diff --git a/htdocs/resource/card.php b/htdocs/resource/card.php index 989aa4ccf91..f89e16da3f9 100644 --- a/htdocs/resource/card.php +++ b/htdocs/resource/card.php @@ -48,10 +48,6 @@ if ($user->socid > 0) { accessforbidden(); } -if (!$user->rights->resource->read) { - accessforbidden(); -} - $object = new Dolresource($db); $extrafields = new ExtraFields($db); @@ -59,6 +55,14 @@ $extrafields = new ExtraFields($db); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); +// Load object +include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. + + +$result = restrictedArea($user, 'resource', $object->id, 'resource'); + +$permissiontoadd = $user->rights->resource->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php + /* diff --git a/htdocs/resource/contact.php b/htdocs/resource/contact.php index 811bb476430..aca47d49743 100644 --- a/htdocs/resource/contact.php +++ b/htdocs/resource/contact.php @@ -38,14 +38,21 @@ $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); +$object = new DolResource($db); + +// Load object +include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. + // Security check if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'resource', $id, 'resource'); +$result = restrictedArea($user, 'resource', $object->id, 'resource'); -$object = new DolResource($db); -$result = $object->fetch($id, $ref); +// Security check +if (!$user->rights->resource->read) { + accessforbidden(); +} /* diff --git a/htdocs/resource/document.php b/htdocs/resource/document.php index fec869d5620..001598d2023 100644 --- a/htdocs/resource/document.php +++ b/htdocs/resource/document.php @@ -70,11 +70,17 @@ if (!$sortfield) { $object = new DolResource($db); -$object->fetch($id, $ref); + +// Load object +include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. $upload_dir = $conf->resource->dir_output.'/'.dol_sanitizeFileName($object->ref); $modulepart = 'resource'; +$result = restrictedArea($user, 'resource', $object->id, 'resource'); + +$permissiontoadd = $user->rights->resource->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles + /* * Actions diff --git a/htdocs/resource/element_resource.php b/htdocs/resource/element_resource.php index 4a51f1dfbb3..e6a8a02d59a 100644 --- a/htdocs/resource/element_resource.php +++ b/htdocs/resource/element_resource.php @@ -76,6 +76,19 @@ if ($socid > 0) { // Special for thirdparty $element = 'societe'; } +// Permission is not permission on resources. We just make link here on objects. +if ($element == 'action') { + $result = restrictedArea($user, 'agenda', $element_id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); +} +if ($element == 'fichinter') { + $result = restrictedArea($user, 'ficheinter', $element_id, 'fichinter'); +} +if ($element == 'product' || $element == 'service') { // When RESOURCE_ON_PRODUCTS or RESOURCE_ON_SERVICES is set + $tmpobject = new Product($db); + $tmpobject->fetch($element_id); + $fieldtype = $tmpobject->type; + $result = restrictedArea($user, 'produit|service', $element_id, 'product&product', '', '', $fieldtype); +} /* @@ -370,9 +383,9 @@ if (!$ret) { // Date start print ''.$langs->trans("DateActionStart").''; if (!$act->fulldayevent) { - print dol_print_date($act->datep, 'dayhour'); + print dol_print_date($act->datep, 'dayhour', 'tzuser'); } else { - print dol_print_date($act->datep, 'day'); + print dol_print_date($act->datep, 'day', 'tzuser'); } if ($act->percentage == 0 && $act->datep && $act->datep < ($now - $delay_warning)) { print img_warning($langs->trans("Late")); @@ -383,9 +396,9 @@ if (!$ret) { // Date end print ''.$langs->trans("DateActionEnd").''; if (!$act->fulldayevent) { - print dol_print_date($act->datef, 'dayhour'); + print dol_print_date($act->datef, 'dayhour', 'tzuser'); } else { - print dol_print_date($act->datef, 'day'); + print dol_print_date($act->datef, 'day', 'tzuser'); } if ($act->percentage > 0 && $act->percentage < 100 && $act->datef && $act->datef < ($now - $delay_warning)) { print img_warning($langs->trans("Late")); diff --git a/htdocs/resource/list.php b/htdocs/resource/list.php index 356df3a746e..4e7a5c57ae7 100644 --- a/htdocs/resource/list.php +++ b/htdocs/resource/list.php @@ -66,10 +66,10 @@ $filter = array(); $param = ''; if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) { - $param .= '&contextpage='.urlencode($contextpage); + $param .= '&contextpage='.urlencode($contextpage); } if ($limit > 0 && $limit != $conf->liste_limit) { - $param .= '&limit='.urlencode($limit); + $param .= '&limit='.urlencode($limit); } if ($search_ref != '') { @@ -126,9 +126,6 @@ $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -if (!$user->rights->resource->read) { - accessforbidden(); -} $arrayfields = array( 't.ref' => array( 'label' => $langs->trans("Ref"), @@ -156,6 +153,10 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x' $filter = array(); } +if (empty($user->rights->resource->read)) { + accessforbidden(); +} + /* * Action diff --git a/htdocs/resource/note.php b/htdocs/resource/note.php index b43c9f8cb37..98efb72d55b 100644 --- a/htdocs/resource/note.php +++ b/htdocs/resource/note.php @@ -43,10 +43,12 @@ if ($user->socid) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('resourcenote')); -$result = restrictedArea($user, 'resource', $id, 'resource'); - $object = new DolResource($db); -$object->fetch($id, $ref); + +// Load object +include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. + +$result = restrictedArea($user, 'resource', $object->id, 'resource'); $permissionnote = $user->rights->resource->write; // Used by the include of actions_setnotes.inc.php diff --git a/htdocs/salaries/admin/salaries.php b/htdocs/salaries/admin/salaries.php index f8ed3f3f7ce..1c9eeec6464 100644 --- a/htdocs/salaries/admin/salaries.php +++ b/htdocs/salaries/admin/salaries.php @@ -120,7 +120,7 @@ foreach ($list as $key) { // Value print ''; if (!empty($conf->accounting->enabled)) { - print $formaccounting->select_account($conf->global->$key, $key, 1, '', 1, 1); + print $formaccounting->select_account(getDolGlobalString($key), $key, 1, '', 1, 1); } else { print ''; } diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index b2da534fda8..0d47a90796f 100755 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -854,7 +854,6 @@ if ($id) { print ''; print '
    '; - print '
    '; $nbcols = 3; if (!empty($conf->banque->enabled)) { @@ -955,7 +954,6 @@ if ($id) { dol_print_error($db); } - print '
    '; print '
    '; print ''; diff --git a/htdocs/salaries/document.php b/htdocs/salaries/document.php index 4f49858eb7a..47d03e62380 100644 --- a/htdocs/salaries/document.php +++ b/htdocs/salaries/document.php @@ -104,6 +104,8 @@ if ($user->socid) { } restrictedArea($user, 'salaries', $object->id, 'salary', ''); +$permissiontoadd = $user->rights->salaries->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles + /* * Actions diff --git a/htdocs/salaries/stats/index.php b/htdocs/salaries/stats/index.php index ecc62c2a237..7eefe7982fc 100644 --- a/htdocs/salaries/stats/index.php +++ b/htdocs/salaries/stats/index.php @@ -256,7 +256,7 @@ print ''; print ''; -print '
    '; +print '
    '; // Show graphs @@ -273,7 +273,7 @@ if ($mesg) { print ''; -print '
    '; +print ''; print '
    '; diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 651d24a6d54..ab200397dc6 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -2515,7 +2515,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; print ''; print showValueWithClipboardCPButton(dol_escape_htmltag($object->code_client)); - print ''; $tmpcheck = $object->check_codeclient(); if ($tmpcheck != 0 && $tmpcheck != -5) { print ' ('.$langs->trans("WrongCustomerCode").')'; @@ -2722,10 +2721,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; print ''; - print '
    '; + print '
    '; print '
    '; - print ''; + print '
    '; // Tags / categories if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { @@ -2895,7 +2894,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print '
    '; print '
    '; - print '
    '; + print ''; print '
    '; print dol_get_fiche_end(); @@ -2984,7 +2983,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $result = show_subsidiaries($conf, $langs, $db, $object); } - print '
    '; + print '
    '; $MAXEVENT = 10; @@ -2995,7 +2994,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, '', $socid, 1, '', $MAXEVENT, '', $morehtmlcenter); // Show all action for thirdparty - print '
    '; + print ''; if (!empty($conf->global->MAIN_DUPLICATE_CONTACTS_TAB_ON_MAIN_CARD)) { // Contacts list diff --git a/htdocs/societe/class/client.class.php b/htdocs/societe/class/client.class.php index 91e8cbc290b..4e55a914339 100644 --- a/htdocs/societe/class/client.class.php +++ b/htdocs/societe/class/client.class.php @@ -64,7 +64,7 @@ class Client extends Societe $sql = "SELECT count(s.rowid) as nb, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 460ee6d798a..416c16e46a3 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2703,7 +2703,7 @@ class Societe extends CommonObject $linkend = ''; global $user; - if (!$user->rights->societe->client->voir && $user->socid > 0 && $this->id != $user->socid) { + if (empty($user->rights->societe->client->voir) && $user->socid > 0 && $this->id != $user->socid) { $linkstart = ''; $linkend = ''; } diff --git a/htdocs/societe/document.php b/htdocs/societe/document.php index 23720ebd54c..9ce01c64638 100644 --- a/htdocs/societe/document.php +++ b/htdocs/societe/document.php @@ -85,6 +85,8 @@ if ($user->socid > 0) { } $result = restrictedArea($user, 'societe', $object->id, '&societe'); +$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles + /* * Actions diff --git a/htdocs/societe/index.php b/htdocs/societe/index.php index de3bae16627..422ec5c8552 100644 --- a/htdocs/societe/index.php +++ b/htdocs/societe/index.php @@ -94,17 +94,17 @@ $total = 0; $sql = "SELECT s.rowid, s.client, s.fournisseur"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur <> 1 OR s.client <> 0)"; // client=0, fournisseur=0 must be visible } //print $sql; @@ -277,17 +277,17 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ' WHERE s.entity IN ('.getEntity('societe').')'; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur != 1 OR s.client != 0)"; } $sql .= $db->order("s.tms", "DESC"); diff --git a/htdocs/societe/list.php b/htdocs/societe/list.php index ab567733959..d071e8f9921 100644 --- a/htdocs/societe/list.php +++ b/htdocs/societe/list.php @@ -258,7 +258,7 @@ $arrayfields = array( 's.import_key'=>array('label'=>"ImportId", 'checked'=>0, 'position'=>1100), ); if (!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES)) { - $arrayfields['s.price_level'] =array('label'=>"PriceLevel", 'position'=>30, 'checked'=>0); + $arrayfields['s.price_level'] = array('label'=>"PriceLevel", 'position'=>30, 'checked'=>0); } // Extra fields @@ -467,10 +467,10 @@ if ($search_sale && $search_sale != '-1') { $sql .= ", sc.fk_soc, sc.fk_user"; } // We'll need these fields in order to filter by categ -if ($search_categ_cus && $search_categ_cus!=-1) { +if ($search_categ_cus && $search_categ_cus != -1) { $sql .= ", cc.fk_categorie, cc.fk_soc"; } -if ($search_categ_sup && $search_categ_sup!=-1) { +if ($search_categ_sup && $search_categ_sup != -1) { $sql .= ", cs.fk_categorie, cs.fk_soc"; } // Add fields from extrafields @@ -520,7 +520,7 @@ if (empty($user->rights->societe->client->voir) && !$socid) { if ($search_sale && $search_sale != '-1' && $search_sale != '-2') { $sql .= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale } -if (!$user->rights->fournisseur->lire) { +if (empty($user->rights->fournisseur->lire)) { $sql .= " AND (s.fournisseur <> 1 OR s.client <> 0)"; // client=0, fournisseur=0 must be visible } if ($search_sale == -2) { @@ -573,7 +573,7 @@ if ($search_account_supplier_code) { $sql .= natural_search("s.code_compta_fournisseur", $search_account_supplier_code); } if ($search_address) { - $sql.= natural_search('s.address', $search_address); + $sql .= natural_search('s.address', $search_address); } if ($search_town) { $sql .= natural_search("s.town", $search_town); @@ -751,7 +751,7 @@ if ($search_alias != '') { $param .= "&search_alias=".urlencode($search_alias); } if ($search_address != '') { - $param .= '&search_address=' . urlencode($search_address); + $param .= '&search_address='.urlencode($search_address); } if ($search_town != '') { $param .= "&search_town=".urlencode($search_town); @@ -1094,7 +1094,7 @@ if (!empty($arrayfields['country.code_iso']['checked'])) { if (!empty($arrayfields['typent.code']['checked'])) { print ''; // We use showempty=0 here because there is already an unknown value into dictionary. - print $form->selectarray("search_type_thirdparty", $formcompany->typent_array(0), $search_type_thirdparty, 1, 0, 0, '', 0, 0, 0, (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT), 'minwidth50 maxwidth100', 1); + print $form->selectarray("search_type_thirdparty", $formcompany->typent_array(0), $search_type_thirdparty, 1, 0, 0, '', 0, 0, 0, (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT), 'minwidth50 maxwidth125', 1); print ''; } // Multiprice level @@ -1363,6 +1363,7 @@ print "\n"; $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); @@ -1507,11 +1508,13 @@ while ($i < min($num, $limit)) { } // Type ent if (!empty($arrayfields['typent.code']['checked'])) { - print ''; if (!isset($typenArray) || !is_array($typenArray) || count($typenArray) == 0) { $typenArray = $formcompany->typent_array(1); } - print empty($typenArray[$obj->typent_code]) ? '' : $typenArray[$obj->typent_code]; + $labeltypeofcompany= empty($typenArray[$obj->typent_code]) ? '' : $typenArray[$obj->typent_code]; + + print ''; + print dol_escape_htmltag($labeltypeofcompany); print ''; if (!$i) { $totalarray['nbfield']++; diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index 6a0b9fac742..9cb0eadecf5 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -1507,10 +1507,10 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } } - print '
    '; + print '
    '; - print '
    '; + print ''; print '
    '; } diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index 7c8f16f59db..6fc7f4df73a 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -1685,7 +1685,6 @@ if ($action == 'create') { print ''; print '
    '; - print '
    '; print '
    '; print ''; @@ -1741,7 +1740,6 @@ if ($action == 'create') { $formmargin->displayMarginInfos($object); }*/ - print ''; print ''; print ''; @@ -1935,14 +1933,14 @@ if ($action == 'create') { $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - print '
    '; + print '
    '; // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'supplier_proposal', $socid, 1); - print '
    '; + print ''; } // Select mail models is same action as presend diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index de73b7a0296..907c3bf26c3 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1935,17 +1935,17 @@ class SupplierProposal extends CommonObject $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " p.rowid as supplier_proposalid, p.fk_statut, p.total_ht, p.ref, p.remise, "; $sql .= " p.datep as dp, p.fin_validite as datelimite"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as p, ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = c.id"; - if (!$user->rights->societe->client->voir && !$socid) { //restriction + if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -2218,7 +2218,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -2375,7 +2375,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if (empty($user->rights->societe->client->voir) && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/supplier_proposal/document.php b/htdocs/supplier_proposal/document.php index 2795c006723..3d5ce3fbb47 100644 --- a/htdocs/supplier_proposal/document.php +++ b/htdocs/supplier_proposal/document.php @@ -73,6 +73,15 @@ $object->fetch($id, $ref); if ($object->id > 0) { $object->fetch_thirdparty(); $upload_dir = $conf->supplier_proposal->dir_output.'/'.dol_sanitizeFileName($object->ref); +} + + + +/* + * Actions + */ + +if ($object->id > 0) { include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; } @@ -80,6 +89,7 @@ if ($object->id > 0) { /* * View */ + $title = $langs->trans('CommRequest')." - ".$langs->trans('Documents'); $help_url = 'EN:Ask_Price_Supplier|FR:Demande_de_prix_fournisseur'; llxHeader('', $title, $help_url); diff --git a/htdocs/supplier_proposal/index.php b/htdocs/supplier_proposal/index.php index ac937fe480d..f151651d186 100644 --- a/htdocs/supplier_proposal/index.php +++ b/htdocs/supplier_proposal/index.php @@ -66,7 +66,7 @@ print '
    '; $sql = "SELECT count(p.rowid), p.fk_statut"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposal as p"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; @@ -74,7 +74,7 @@ $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (0,1,2,3,4)"; @@ -166,7 +166,7 @@ if (!empty($conf->supplier_proposal->enabled)) { $sql = "SELECT c.rowid, c.ref, s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -175,7 +175,7 @@ if (!empty($conf->supplier_proposal->enabled)) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -211,7 +211,7 @@ if (!empty($conf->supplier_proposal->enabled)) { } } -print '
    '; +print '
    '; $max = 5; @@ -224,7 +224,7 @@ $sql = "SELECT c.rowid, c.ref, c.fk_statut, s.nom as socname, s.rowid as socid, $sql .= " date_cloture as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -233,7 +233,7 @@ $sql .= " AND c.entity = ".$conf->entity; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -305,13 +305,13 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa $sql = "SELECT s.nom as socname, s.rowid as socid, s.canvas, s.client, p.rowid as supplier_proposalid, p.total_ttc, p.total_tva, p.total_ht, p.ref, p.fk_statut, p.datec as dp"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND p.fk_statut = 1"; - if (!$user->rights->societe->client->voir && !$socid) { + if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -385,7 +385,7 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa } } -print '
    '; +print ''; $parameters = array('user' => $user); $reshook = $hookmanager->executeHooks('dashboardSupplierProposal', $parameters, $object); // Note that $action and $object may have been modified by hook diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index 71cd1c1fa69..d34d3ae01e0 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -299,7 +299,7 @@ $sql .= ' sp.rowid, sp.note_public, sp.note_private, sp.total_ht, sp.total_tva, $sql .= ' sp.fk_multicurrency, sp.multicurrency_code, sp.multicurrency_tx, sp.multicurrency_total_ht, sp.multicurrency_total_tva as multicurrency_total_vat, sp.multicurrency_total_ttc,'; $sql .= ' sp.datec as date_creation, sp.tms as date_update,'; $sql .= " p.rowid as project_id, p.ref as project_ref,"; -if (!$user->rights->societe->client->voir && !$socid) { +if (empty($user->rights->societe->client->voir) && !$socid) { $sql .= " sc.fk_soc, sc.fk_user,"; } $sql .= " u.firstname, u.lastname, u.photo, u.login"; @@ -330,7 +330,7 @@ if ($search_product_category > 0) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON sp.fk_user_author = u.rowid'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet as p ON p.rowid = sp.fk_projet"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (!$user->rights->societe->client->voir && !$socid)) { +if ($search_sale > 0 || (empty($user->rights->societe->client->voir) && !$socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } if ($search_user > 0) { @@ -339,7 +339,7 @@ if ($search_user > 0) { } $sql .= ' WHERE sp.fk_soc = s.rowid'; $sql .= ' AND sp.entity IN ('.getEntity('supplier_proposal').')'; -if (!$user->rights->societe->client->voir && !$socid) { //restriction +if (empty($user->rights->societe->client->voir) && !$socid) { //restriction $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_town) { diff --git a/htdocs/takepos/admin/orderprinters.php b/htdocs/takepos/admin/orderprinters.php index eb23f26806c..cddf839375a 100644 --- a/htdocs/takepos/admin/orderprinters.php +++ b/htdocs/takepos/admin/orderprinters.php @@ -135,14 +135,11 @@ print load_fiche_titre($langs->trans("OrderPrinters")); //print '
    '; print '
    '; +print '
    '; -//print '
    		'; -print '
    '; +print '
    '; -//print '
    '; -print '
    '; - print '

    '; diff --git a/htdocs/takepos/index.php b/htdocs/takepos/index.php index 0266ba491f6..2c4da0515f1 100644 --- a/htdocs/takepos/index.php +++ b/htdocs/takepos/index.php @@ -823,6 +823,7 @@ $( document ).ready(function() { if (getDolGlobalString('TAKEPOS_CONTROL_CASH_OPENING')) { $sql = "SELECT rowid, status FROM ".MAIN_DB_PREFIX."pos_cash_fence WHERE"; $sql .= " entity = ".$conf->entity." AND "; + $sql .= " posnumber = ".$_SESSION["takeposterminal"]." AND "; $sql .= " date_creation > '".$db->idate(dol_get_first_hour(dol_now()))."'"; $resql = $db->query($sql); if ($resql) { @@ -1105,6 +1106,7 @@ if (getDolGlobalString('TAKEPOS_PRINT_METHOD') == "receiptprinter") { $sql = "SELECT rowid, status, entity FROM ".MAIN_DB_PREFIX."pos_cash_fence WHERE"; $sql .= " entity = ".$conf->entity." AND "; +$sql .= " posnumber = ".$_SESSION["takeposterminal"]." AND "; $sql .= " date_creation > '".$db->idate(dol_get_first_hour(dol_now()))."'"; $resql = $db->query($sql); if ($resql) { diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php index f4242c616e0..3b40d726a77 100644 --- a/htdocs/takepos/invoice.php +++ b/htdocs/takepos/invoice.php @@ -1543,7 +1543,7 @@ if ($placeid > 0) { $htmlforlines .= ''; } $htmlforlines .= ''."\n"; - $htmlforlines .= empty($htmlsupplements[$line->id]) ? '' : empty($htmlsupplements[$line->id]); + $htmlforlines .= empty($htmlsupplements[$line->id]) ? '' : $htmlsupplements[$line->id]; print $htmlforlines; } diff --git a/htdocs/takepos/pay.php b/htdocs/takepos/pay.php index 687bd9ff19a..ffa33fbe8fc 100644 --- a/htdocs/takepos/pay.php +++ b/htdocs/takepos/pay.php @@ -336,7 +336,7 @@ print ''; + print ''; } else { print ''; } @@ -362,7 +362,7 @@ print ''; + print ''; } else { $button = array_pop($action_buttons); print ''; @@ -389,7 +389,7 @@ print ''; + print ''; } else { $button = array_pop($action_buttons); print ''; @@ -417,7 +417,7 @@ while ($i < count($arrayOfValidPaymentModes)) { } } - print ''; + print ''; $i = $i + 1; } diff --git a/htdocs/takepos/split.php b/htdocs/takepos/split.php index 4de053513f5..75599d0160f 100644 --- a/htdocs/takepos/split.php +++ b/htdocs/takepos/split.php @@ -103,12 +103,10 @@ if ($action=="split") { dol_htmloutput_errors($invoice->error, $invoice->errors, 1); } $sql = "UPDATE ".MAIN_DB_PREFIX."facture set ref='(PROV-POS".$_SESSION["takeposterminal"]."-".$place.")' where rowid=".$placeid; - echo $sql; $db->query($sql); } } $sql = "UPDATE ".MAIN_DB_PREFIX."facturedet set fk_facture=".$placeid." where rowid=".$line; - echo $sql; $db->query($sql); } $invoice->fetch('', '(PROV-POS'.$_SESSION["takeposterminal"].'-SPLIT)'); @@ -167,11 +165,11 @@ if ($conf->global->TAKEPOS_COLOR_THEME == 1) {