Dolibarr /
dolibarr
@@ -74,7 +74,7 @@ |
||
| 74 | 74 | |
| 75 | 75 | // update of object |
| 76 | 76 | if ($forcelangprod == $current_lang) { |
| 77 | - $object->label = GETPOST("libelle", 'alphanohtml'); |
|
| 77 | + $object->label = GETPOST("libelle", 'alphanohtml'); |
|
| 78 | 78 | $object->description = dol_htmlcleanlastbr(GETPOST("desc", 'restricthtml')); |
| 79 | 79 | //$object->other = dol_htmlcleanlastbr(GETPOST("other", 'restricthtml')); |
| 80 | 80 | } else { |
@@ -238,7 +238,7 @@ |
||
| 238 | 238 | $sql .= ", st.libelle as stcomm"; |
| 239 | 239 | $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; |
| 240 | 240 | if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { |
| 241 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); |
|
| 241 | + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = ".((int) $conf->entity); |
|
| 242 | 242 | } |
| 243 | 243 | $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st"; |
| 244 | 244 | if (empty($user->rights->societe->client->voir) && !$socid) { |
@@ -275,7 +275,7 @@ discard block |
||
| 275 | 275 | $sql .= ", s.canvas, s.tms as date_modification, s.status as status"; |
| 276 | 276 | $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; |
| 277 | 277 | if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { |
| 278 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); |
|
| 278 | + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = ".((int) $conf->entity); |
|
| 279 | 279 | } |
| 280 | 280 | if (empty($user->rights->societe->client->voir) && !$socid) { |
| 281 | 281 | $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
@@ -294,7 +294,7 @@ discard block |
||
| 294 | 294 | $sql .= $db->plimit($max, 0); |
| 295 | 295 | |
| 296 | 296 | //print $sql; |
| 297 | -$lastmodified=""; |
|
| 297 | +$lastmodified = ""; |
|
| 298 | 298 | $result = $db->query($sql); |
| 299 | 299 | if ($result) { |
| 300 | 300 | $num = $db->num_rows($result); |
@@ -106,7 +106,7 @@ |
||
| 106 | 106 | $sql .= ", sum(pf.amount) as am"; |
| 107 | 107 | $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; |
| 108 | 108 | if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { |
| 109 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); |
|
| 109 | + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = ".((int) $conf->entity); |
|
| 110 | 110 | } |
| 111 | 111 | if (empty($user->rights->societe->client->voir) && !$user->socid) { |
| 112 | 112 | $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
@@ -75,7 +75,9 @@ discard block |
||
| 75 | 75 | //$facturestatic=new Facture($this->db); |
| 76 | 76 | |
| 77 | 77 | $startmonth = $conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1; |
| 78 | - if (empty($conf->global->GRAPH_USE_FISCAL_YEAR)) $startmonth = 1; |
|
| 78 | + if (empty($conf->global->GRAPH_USE_FISCAL_YEAR)) { |
|
| 79 | + $startmonth = 1; |
|
| 80 | + } |
|
| 79 | 81 | |
| 80 | 82 | $text = $langs->trans("Turnover", $max); |
| 81 | 83 | $this->info_box_head = array( |
@@ -92,8 +94,13 @@ discard block |
||
| 92 | 94 | $dir = ''; // We don't need a path because image file will not be saved into disk |
| 93 | 95 | $prefix = ''; |
| 94 | 96 | $socid = 0; |
| 95 | - if ($user->socid) $socid = $user->socid; |
|
| 96 | - if (empty($user->rights->societe->client->voir) || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user |
|
| 97 | + if ($user->socid) { |
|
| 98 | + $socid = $user->socid; |
|
| 99 | + } |
|
| 100 | + if (empty($user->rights->societe->client->voir) || $socid) { |
|
| 101 | + $prefix .= 'private-'.$user->id.'-'; |
|
| 102 | + } |
|
| 103 | + // If user has no permission to see all, output dir is specific to user |
|
| 97 | 104 | |
| 98 | 105 | if ($user->rights->facture->lire) { |
| 99 | 106 | $mesg = ''; |
@@ -114,7 +121,9 @@ discard block |
||
| 114 | 121 | } |
| 115 | 122 | if (empty($showtot)) { $showtot = 1; } |
| 116 | 123 | $nowarray = dol_getdate(dol_now(), true); |
| 117 | - if (empty($endyear)) $endyear = $nowarray['year']; |
|
| 124 | + if (empty($endyear)) { |
|
| 125 | + $endyear = $nowarray['year']; |
|
| 126 | + } |
|
| 118 | 127 | $numberyears = (empty($conf->global->MAIN_NB_OF_YEAR_IN_WIDGET_GRAPH) ? 5 : $conf->global->MAIN_NB_OF_YEAR_IN_WIDGET_GRAPH); |
| 119 | 128 | $startyear = $endyear - $numberyears; |
| 120 | 129 | |
@@ -109,7 +109,7 @@ |
||
| 109 | 109 | $sql .= " AND e.fk_statut = 1"; |
| 110 | 110 | } |
| 111 | 111 | if ($user->socid > 0) { |
| 112 | - $sql.= " AND s.rowid = ".((int) $user->socid); |
|
| 112 | + $sql .= " AND s.rowid = ".((int) $user->socid); |
|
| 113 | 113 | } |
| 114 | 114 | if (empty($user->rights->societe->client->voir) && !$user->socid) { |
| 115 | 115 | $sql .= " AND sc.fk_user = ".((int) $user->id); |
@@ -101,7 +101,7 @@ |
||
| 101 | 101 | $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON sp.fk_pays = co.rowid"; |
| 102 | 102 | $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON sp.fk_soc = s.rowid"; |
| 103 | 103 | if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { |
| 104 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); |
|
| 104 | + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = ".((int) $conf->entity); |
|
| 105 | 105 | } |
| 106 | 106 | if (empty($user->rights->societe->client->voir) && !$user->socid) { |
| 107 | 107 | $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
@@ -195,7 +195,7 @@ |
||
| 195 | 195 | } |
| 196 | 196 | |
| 197 | 197 | // Security: Delete string ../ or ..\ into $original_file |
| 198 | -$original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' |
|
| 198 | +$original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' |
|
| 199 | 199 | $original_file = str_replace('../', '/', $original_file); |
| 200 | 200 | $original_file = str_replace('..\\', '/', $original_file); |
| 201 | 201 | |
@@ -70,7 +70,7 @@ |
||
| 70 | 70 | $upload_dir = $conf->ticket->dir_output."/".dol_sanitizeFileName($object->ref); |
| 71 | 71 | } |
| 72 | 72 | |
| 73 | -$permissiontoadd = $user->rights->ticket->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles |
|
| 73 | +$permissiontoadd = $user->rights->ticket->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles |
|
| 74 | 74 | |
| 75 | 75 | // Security check - Protection if external user |
| 76 | 76 | $result = restrictedArea($user, 'ticket', $object->id); |
