diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 9d20775a287..6977109d1f5 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1588,6 +1588,7 @@ class Propal extends CommonObject if ($this->db->query($sql)) { $this->statut = 0; + $this->brouillon = 1; return 1; } else diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 0a44121e8b6..f301395706e 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -321,7 +321,7 @@ abstract class CommonObject $tab=array(); - $sql = "SELECT ec.rowid, ec.statut, ec.fk_socpeople as id"; + $sql = "SELECT ec.rowid, ec.statut, ec.fk_socpeople as id"; // This field contains id of llx_socpeople or id of llx_user if ($source == 'internal') $sql.=", '-1' as socid"; if ($source == 'external' || $source == 'thirdparty') $sql.=", t.fk_soc as socid"; $sql.= ", t.civilite as civility, t.name as lastname, t.firstname, t.email"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 75107f05a86..414d2c25709 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -373,7 +373,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature { include_once(DOL_DOCUMENT_ROOT."/projet/class/project.class.php"); $projectstatic=new Project($db); - $tmps=$projectstatic->getProjectsAuthorizedForUser($user,0,1,$user->societe_id); + $tmps=$projectstatic->getProjectsAuthorizedForUser($user,0,1,0); $tmparray=explode(',',$tmps); if (! in_array($objectid,$tmparray)) accessforbidden(); } diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index d61bba6447c..aabdbaf4b2a 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -108,8 +108,10 @@ class doc_generic_order_odt extends ModelePDFCommandes 'object_date_modification'=>dol_print_date($object->date_modification,'day'), 'object_date_validation'=>dol_print_date($object->date_validation,'dayhour'), 'object_date_close'=>dol_print_date($object->date_cloture,'dayhour'), - 'object_payment_mode'=>($object->mode_reglement!='-'?$object->mode_reglement:''), - 'object_payment_term'=>$object->cond_reglement, + 'object_payment_mode_code'=>$object->mode_reglement_code, + 'object_payment_mode'=>($outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code)!='PaymentType'.$object->mode_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code):$object->mode_reglement), + 'object_payment_term_code'=>$object->cond_reglement_code, + 'object_payment_term'=>($outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code)!='PaymentCondition'.$object->cond_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code):$object->cond_reglement), 'object_total_ht'=>price($object->total_ht,0,$outputlangs), 'object_total_vat'=>price($object->total_tva,0,$outputlangs), 'object_total_ttc'=>price($object->total_ttc,0,$outputlangs), diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index f8417ecae04..c2c43c04c94 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -115,8 +115,10 @@ class doc_generic_invoice_odt extends ModelePDFFactures 'object_date_creation'=>dol_print_date($object->date_creation,'day'), 'object_date_modification'=>dol_print_date($object->date_modification,'day'), 'object_date_validation'=>dol_print_date($object->date_validation,'dayhour'), - 'object_payment_mode'=>($object->mode_reglement!='-'?$object->mode_reglement:''), - 'object_payment_term'=>$object->cond_reglement, + 'object_payment_mode_code'=>$object->mode_reglement_code, + 'object_payment_mode'=>($outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code)!='PaymentType'.$object->mode_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code):$object->mode_reglement), + 'object_payment_term_code'=>$object->cond_reglement_code, + 'object_payment_term'=>($outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code)!='PaymentCondition'.$object->cond_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code):$object->cond_reglement), 'object_total_ht'=>price($object->total_ht,0,$outputlangs), 'object_total_vat'=>price($object->total_tva,0,$outputlangs), 'object_total_ttc'=>price($object->total_ttc,0,$outputlangs), diff --git a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php index 2270319ce3f..abfaf395822 100644 --- a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php +++ b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php @@ -107,8 +107,10 @@ class doc_generic_proposal_odt extends ModelePDFPropales 'object_date_creation'=>dol_print_date($object->date_creation,'day'), 'object_date_modification'=>dol_print_date($object->date_modification,'day'), 'object_date_validation'=>dol_print_date($object->date_validation,'dayhour'), - 'object_payment_mode'=>($object->mode_reglement!='-'?$object->mode_reglement:''), - 'object_payment_term'=>$object->cond_reglement, + 'object_payment_mode_code'=>$object->mode_reglement_code, + 'object_payment_mode'=>($outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code)!='PaymentType'.$object->mode_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentType'.$object->mode_reglement_code):$object->mode_reglement), + 'object_payment_term_code'=>$object->cond_reglement_code, + 'object_payment_term'=>($outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code)!='PaymentCondition'.$object->cond_reglement_code?$outputlangs->transnoentitiesnoconv('PaymentCondition'.$object->cond_reglement_code):$object->cond_reglement), 'object_total_ht'=>price($object->total_ht,0,$outputlangs), 'object_total_vat'=>price($object->total_tva,0,$outputlangs), 'object_total_ttc'=>price($object->total_ttc,0,$outputlangs), diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 84553edcc38..dff56695ace 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -150,26 +150,29 @@ if ($action == 'add' && $user->rights->ecm->setup) } // Remove file -if ($action == 'confirm_deletefile' && GETPOST('confirm') == 'yes') +if ($action == 'confirm_deletefile') { - $result=$ecmdir->fetch($section); - if (! $result > 0) - { - dol_print_error($db,$ecmdir->error); - exit; - } - $relativepath=$ecmdir->getRelativePath(); - $upload_dir = $conf->ecm->dir_output.'/'.$relativepath; - $file = $upload_dir . "/" . GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). + if (GETPOST('confirm') == 'yes') + { + $result=$ecmdir->fetch($section); + if (! $result > 0) + { + dol_print_error($db,$ecmdir->error); + exit; + } + $relativepath=$ecmdir->getRelativePath(); + $upload_dir = $conf->ecm->dir_output.'/'.$relativepath; + $file = $upload_dir . "/" . GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). - $result=dol_delete_file($file); + $result=dol_delete_file($file); - $mesg = '
'.$langs->trans("FileWasRemoved").'
'; + $mesg = '
'.$langs->trans("FileWasRemoved").'
'; - $result=$ecmdir->changeNbOfFiles('-'); - $action='file_manager'; + $result=$ecmdir->changeNbOfFiles('-'); - clearstatcache(); + clearstatcache(); + } + $action='file_manager'; } // Remove directory diff --git a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql index 155c87fc722..ba477d13764 100755 --- a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql +++ b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql @@ -450,3 +450,5 @@ ALTER TABLE llx_commande_fournisseur ADD COLUMN extraparams varchar(255) AFTER i ALTER TABLE llx_facture_fourn ADD COLUMN extraparams varchar(255) AFTER import_key; ALTER TABLE llx_boxes ADD COLUMN maxline integer NULL; + +ALTER TABLE llx_product_fournisseur_price MODIFY fk_product_fournisseur integer DEFAULT 0; diff --git a/htdocs/install/repair.php b/htdocs/install/repair.php index cf6a5a830fb..7179f94efc1 100644 --- a/htdocs/install/repair.php +++ b/htdocs/install/repair.php @@ -211,12 +211,21 @@ foreach($listofmodulesextra as $tablename => $elementtype) $i=0; while($obj=$db->fetch_object($resql)) { - $fieldname = isset($obj->Key)?$obj->Key:$obj->attname; - $fieldtype = isset($obj->Type)?$obj->Type:'varchar'; + $fieldname=$fieldtype=''; + if (preg_match('/mysql/',$db->type)) + { + $fieldname=$obj->Field; + $fieldtype=$obj->Type; + } + else + { + $fieldname = isset($obj->Key)?$obj->Key:$obj->attname; + $fieldtype = isset($obj->Type)?$obj->Type:'varchar'; + } if (empty($fieldname)) continue; if (in_array($fieldname,array('rowid','tms','fk_object','import_key'))) continue; - $arrayoffieldsfound[$fieldname]=$fieldtype; + $arrayoffieldsfound[$fieldname]=array('type'=>$fieldtype); } // If it does not match, we create fields @@ -225,14 +234,16 @@ foreach($listofmodulesextra as $tablename => $elementtype) if (! in_array($code,array_keys($arrayoffieldsfound))) { print 'Found field '.$code.' declared into '.MAIN_DB_PREFIX.'extrafields table but not found into desc of table '.$tableextra." -> "; + $type=$extrafields->attribute_type[$code]; $value=$extrafields->attribute_size[$code]; $attribute=''; $default=''; $extra=''; $null='null'; $field_desc=array( - 'type'=>'varchar', - 'value'=>'', - 'attribute'=>'', - 'default'=>'', - 'extra'=>'', - 'null'=>'null' + 'type'=>$type, + 'value'=>$value, + 'attribute'=>$attribute, + 'default'=>$default, + 'extra'=>$extra, + 'null'=>$null ); + //var_dump($field_desc);exit; $result=$db->DDLAddField($tableextra,$code,$field_desc,""); if ($result < 0) diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index e7670f77974..af0c96f6220 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -1,6 +1,6 @@ - * Copyright (C) 2004-2011 Laurent Destailleur + * Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2004 Eric Seigne * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2010-2011 Juanjo Menent @@ -92,7 +92,7 @@ if ($action == 'updateprice' && $_POST["cancel"] <> $langs->trans("Cancel")) $ref_fourn=GETPOST("ref_fourn"); if (empty($ref_fourn)) $ref_fourn=GETPOST("search_ref_fourn"); $quantity=GETPOST("qty"); - $tva_tx=GETPOST('tva_tx','alpha'); + $tva_tx=price2num(GETPOST('tva_tx','alpha')); if (empty($quantity)) { @@ -282,7 +282,7 @@ if ($id || $ref) $events=array(); $events[]=array('method' => 'getVatRates', 'url' => dol_buildpath('/core/ajax/vatrates.php',1), 'htmlname' => 'tva_tx', 'params' => array()); print $form->select_company(GETPOST("id_fourn"),'id_fourn','fournisseur=1',1,0,0,$events); - + if (is_object($hookmanager)) { $parameters=array('filtre'=>"fournisseur=1",'html_name'=>'id_fourn','selected'=>GETPOST("id_fourn"),'showempty'=>1,'prod_id'=>$product->id); @@ -299,14 +299,17 @@ if ($id || $ref) } else { - print ''; + print ''; } print ''; print ''; - - // Vat rate - print ''.$langs->trans("VATRate").''; - print ''.$form->load_tva('tva_tx',$product->tva_tx,$supplier,$mysoc).''; + + // Vat rate + print ''.$langs->trans("VATRate").''; + print ''; + //print $form->load_tva('tva_tx',$product->tva_tx,$supplier,$mysoc); // Do not use list here as it may be any vat rates for any country + print 'tva_tx).'">'; + print ''; // Availability if (! empty($conf->global->FOURN_PRODUCT_AVAILABILITY)) @@ -332,7 +335,7 @@ if ($id || $ref) print ''; } print ''; - + // Price qty min print ''.$langs->trans("PriceQtyMin").''; print 'fourn_price)?price($product->fourn_price):'')).'">'; @@ -420,10 +423,11 @@ if ($id || $ref) print ''; print $productfourn->fourn_qty; print ''; - - // VAT rate - print ''; - print vatrate($productfourn->fourn_tva_tx,true); + + // VAT rate + print ''; + print vatrate($productfourn->fourn_tva_tx,true); + print ''; // Price quantity @@ -465,4 +469,4 @@ else // End of page llxFooter(); $db->close(); -?> \ No newline at end of file +?> diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index bd6282ea94e..d6f0d7e7293 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -242,11 +242,11 @@ class Project extends CommonObject $sql = "SELECT rowid, ref, title, description, public, datec"; $sql.= ", tms, dateo, datee, fk_soc, fk_user_creat, fk_statut, note_private, note_public"; $sql.= " FROM " . MAIN_DB_PREFIX . "projet"; - if ($ref) - { - $sql.= " WHERE ref='".$ref."'"; - $sql.= " AND entity IN (".getEntity('project').")"; - } + if ($ref) + { + $sql.= " WHERE ref='".$ref."'"; + $sql.= " AND entity IN (".getEntity('project').")"; + } else $sql.= " WHERE rowid=".$id; dol_syslog("Project::fetch sql=" . $sql, LOG_DEBUG); @@ -787,12 +787,19 @@ class Project extends CommonObject $nblinks = 0; while ($nblinks < $num) { - if (preg_match('/PROJECT/', $userRole[$nblinks]['code']) && $user->id == $userRole[$nblinks]['id']) + if ($source == 'internal' && preg_match('/PROJECT/', $userRole[$nblinks]['code']) && $user->id == $userRole[$nblinks]['id']) { if ($mode == 'read' && $user->rights->projet->lire) $userAccess++; if ($mode == 'write' && $user->rights->projet->creer) $userAccess++; if ($mode == 'delete' && $user->rights->projet->supprimer) $userAccess++; } + // Permission are supported on users only. To have an external thirdparty contact to see a project, its user must allowed to contacts of projects. + /*if ($source == 'external' && preg_match('/PROJECT/', $userRole[$nblinks]['code']) && $user->contact_id == $userRole[$nblinks]['id']) + { + if ($mode == 'read' && $user->rights->projet->lire) $userAccess++; + if ($mode == 'write' && $user->rights->projet->creer) $userAccess++; + if ($mode == 'delete' && $user->rights->projet->supprimer) $userAccess++; + }*/ $nblinks++; } } @@ -836,18 +843,24 @@ class Project extends CommonObject if ($mode == 0) { - $sql.= " AND ec.element_id = p.rowid AND ( p.public = 1"; + $sql.= " AND ec.element_id = p.rowid"; + $sql.= " AND ( p.public = 1"; //$sql.= " OR p.fk_user_creat = ".$user->id; $sql.= " OR ( ctc.rowid = ec.fk_c_type_contact"; $sql.= " AND ctc.element = '" . $this->element . "'"; - $sql.= " AND ec.fk_socpeople = " . $user->id . " ) )"; + $sql.= " AND ( (ctc.source = 'internal' AND ec.fk_socpeople = ".$user->id.")"; + //$sql.= " OR (ctc.source = 'external' AND ec.fk_socpeople = ".($user->contact_id?$user->contact_id:0).")"; // Permission are supported on users only. To have an external thirdparty contact to see a project, its user must allowed to contacts of projects. + $sql.= " )"; + $sql.= " ))"; } if ($mode == 1) { $sql.= " AND ec.element_id = p.rowid"; $sql.= " AND ctc.rowid = ec.fk_c_type_contact"; $sql.= " AND ctc.element = '" . $this->element . "'"; - $sql.= " AND ec.fk_socpeople = " . $user->id; + $sql.= " AND ( (ctc.source = 'internal' AND ec.fk_socpeople = ".$user->id.")"; + //$sql.= " OR (ctc.source = 'external' AND ec.fk_socpeople = ".($user->contact_id?$user->contact_id:0).")"; // Permission are supported on users only. To have an external thirdparty contact to see a project, its user must allowed to contacts of projects. + $sql.= " )"; } if ($mode == 2) { diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php index f1fe6eb5c55..6879a00ed80 100644 --- a/htdocs/projet/contact.php +++ b/htdocs/projet/contact.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2010 Regis Houssin + * Copyright (C) 2012 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,14 +32,21 @@ $langs->load("projects"); $langs->load("companies"); $id = GETPOST('id','int'); -$ref= GETPOST('ref'); +$ref= GETPOST('ref','alpha'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$project = new Project($db); +if ($ref) +{ + $project->fetch(0,$ref); + $id=$project->id; +} + // Security check $socid=0; -if ($user->societe_id) $socid=$user->societe_id; +if ($user->societe_id > 0) $socid=$user->societe_id; $result = restrictedArea($user, 'projet', $id); @@ -49,9 +57,7 @@ $result = restrictedArea($user, 'projet', $id); // Add new contact if ($_POST["action"] == 'addcontact' && $user->rights->projet->creer) { - $result = 0; - $project = new Project($db); $result = $project->fetch($id); if ($result > 0 && $id > 0) @@ -81,7 +87,6 @@ if ($_POST["action"] == 'addcontact' && $user->rights->projet->creer) // bascule du statut d'un contact if ($_GET["action"] == 'swapstatut' && $user->rights->projet->creer) { - $project = new Project($db); if ($project->fetch($id)) { $result=$project->swapContactStatus(GETPOST('ligne')); @@ -95,7 +100,6 @@ if ($_GET["action"] == 'swapstatut' && $user->rights->projet->creer) // Efface un contact if ($_GET["action"] == 'deleteline' && $user->rights->projet->creer) { - $project = new Project($db); $project->fetch($id); $result = $project->delete_contact($_GET["lineid"]); @@ -133,8 +137,6 @@ dol_htmloutput_mesg($mesg); if ($id > 0 || ! empty($ref)) { - $project = new Project($db); - if ( $project->fetch($id,$ref) > 0) { if ($project->societe->id > 0) $result=$project->societe->fetch($project->societe->id); @@ -211,14 +213,14 @@ if ($id > 0 || ! empty($ref)) $var = false; - print '
'; + print ''; print ''; print ''; print ''; - print ''; + print ''; // Ligne ajout pour contact interne - print ""; + print ""; print ''; print img_object('','user').' '.$langs->trans("Users"); diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index 5bf9971b9d7..4568b376cd4 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2010 Regis Houssin + * Copyright (C) 2012 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,6 +37,14 @@ $mine = $_REQUEST['mode']=='mine' ? 1 : 0; $id = GETPOST('id','int'); $ref= GETPOST('ref'); +$project = new Project($db); +if (! $project->fetch($id,$ref) > 0) +{ + dol_print_error($db); + exit; +} +else $id=$project->id; + // Security check $socid=0; if ($user->societe_id > 0) $socid=$user->societe_id; @@ -52,12 +61,6 @@ $pagenext = $page + 1; if (! $sortorder) $sortorder="ASC"; if (! $sortfield) $sortfield="name"; -$project = new Project($db); -if (! $project->fetch($id,$ref) > 0) -{ - dol_print_error($db); - exit; -} /* diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index 468ffcee2c4..d76c5e9f7b7 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -46,10 +46,8 @@ if ($conf->commande->enabled) $langs->load("orders"); if ($conf->propal->enabled) $langs->load("propal"); if ($conf->ficheinter->enabled) $langs->load("interventions"); -$projectid=''; -$ref=''; -if (isset($_GET["id"])) { $projectid=$_GET["id"]; } -if (isset($_GET["ref"])) { $ref=$_GET["ref"]; } +$projectid=GETPOST('id'); +$ref=GETPOST('ref'); if ($projectid == '' && $ref == '') { dol_print_error('','Bad parameter'); @@ -59,6 +57,13 @@ if ($projectid == '' && $ref == '') $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$project = new Project($db); +if ($ref) +{ + $project->fetch(0,$ref); + $projectid=$project->id; +} + // Security check $socid=0; if ($user->societe_id > 0) $socid=$user->societe_id; diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index 1fd2bc37e90..af96f49d8cb 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -43,6 +43,13 @@ if ($id == '' && $ref == '' && ($action != "create" && $action != "add" && $acti $mine = GETPOST('mode')=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$project = new Project($db); +if ($ref) +{ + $project->fetch(0,$ref); + $id=$project->id; +} + // Security check $socid=0; if ($user->societe_id > 0) $socid=$user->societe_id; @@ -82,8 +89,6 @@ if ($action == 'add' && $user->rights->projet->creer) $db->begin(); - $project = new Project($db); - $project->ref = $_POST["ref"]; $project->title = $_POST["title"]; $project->socid = $_POST["socid"]; @@ -150,8 +155,7 @@ if ($action == 'update' && ! $_POST["cancel"] && $user->rights->projet->creer) } if (! $error) { - $project = new Project($db); - $project->fetch($_POST["id"]); + $project->fetch($id); $project->ref = $_POST["ref"]; $project->title = $_POST["title"]; @@ -174,7 +178,6 @@ if ($action == 'update' && ! $_POST["cancel"] && $user->rights->projet->creer) // Build doc if ($action == 'builddoc' && $user->rights->projet->creer) { - $project = new Project($db); $project->fetch($id); if (GETPOST('model')) { @@ -202,7 +205,6 @@ if ($action == 'builddoc' && $user->rights->projet->creer) if ($action == 'confirm_validate' && GETPOST('confirm') == 'yes') { - $project = new Project($db); $project->fetch($id); $result = $project->setValid($user); @@ -214,7 +216,6 @@ if ($action == 'confirm_validate' && GETPOST('confirm') == 'yes') if ($action == 'confirm_close' && GETPOST('confirm') == 'yes') { - $project = new Project($db); $project->fetch($id); $result = $project->setClose($user); if ($result <= 0) @@ -225,7 +226,6 @@ if ($action == 'confirm_close' && GETPOST('confirm') == 'yes') if ($action == 'confirm_reopen' && GETPOST('confirm') == 'yes') { - $project = new Project($db); $project->fetch($id); $result = $project->setValid($user); if ($result <= 0) @@ -236,7 +236,6 @@ if ($action == 'confirm_reopen' && GETPOST('confirm') == 'yes') if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->projet->supprimer) { - $project = new Project($db); $project->fetch($id); $result=$project->delete($user); if ($result > 0) diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php index 02d2d678215..d908c72962a 100644 --- a/htdocs/projet/ganttview.php +++ b/htdocs/projet/ganttview.php @@ -35,6 +35,13 @@ $ref=GETPOST('ref','alpha'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$object = new Project($db); +if ($ref) +{ + $object->fetch(0,$ref); + $id=$object->id; +} + // Security check $socid=0; if ($user->societe_id > 0) $socid=$user->societe_id; diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php index 86f47072ffb..4f7dc5aaf94 100644 --- a/htdocs/projet/note.php +++ b/htdocs/projet/note.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2010 Regis Houssin + * Copyright (C) 2012 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,6 +35,13 @@ $ref= GETPOST('ref'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$project = new Project($db); +if ($ref) +{ + $project->fetch(0,$ref); + $id=$project->id; +} + // Security check $socid=0; if ($user->societe_id > 0) $socid=$user->societe_id; @@ -47,7 +55,6 @@ $result = restrictedArea($user, 'projet', $id); if ($action == 'update_public' && $user->rights->projet->creer) { - $project = new Project($db); $project->fetch($_GET['id']); $db->begin(); @@ -66,7 +73,6 @@ if ($action == 'update_public' && $user->rights->projet->creer) if ($action == 'update_private' && $user->rights->projet->creer) { - $project = new Project($db); $project->fetch($_GET['id']); $db->begin(); @@ -99,8 +105,7 @@ $now=dol_now(); if ($id > 0 || ! empty($ref)) { - if ($mesg) print $mesg; - + dol_htmloutput_mesg($mesg); if ($project->fetch($id, $ref)) { diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index 6c4ccb733fa..0e43894dc55 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -42,11 +42,17 @@ $mode = GETPOST('mode', 'alpha'); $mine = ($mode == 'mine' ? 1 : 0); //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects +$object = new Project($db); +if ($ref) +{ + $object->fetch(0,$ref); + $id=$object->id; +} + // Security check $socid=0; if ($user->societe_id > 0) $socid = $user->societe_id; -//$result = restrictedArea($user, 'projet', $projectid); -if (!$user->rights->projet->lire) accessforbidden(); +$result = restrictedArea($user, 'projet', $id); $progress=GETPOST('progress', 'int'); $label=GETPOST('label', 'alpha'); @@ -54,7 +60,6 @@ $description=GETPOST('description', 'alpha'); $userAccess=0; -$object = new Project($db); /* diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index aebb3f044db..f2746ff50ea 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -66,8 +66,11 @@ class User extends CommonObject var $datec; var $datem; + //! If this is defined, it is an external user var $societe_id; + var $contact_id; + var $fk_member; var $webcal_login;