Dolibarr /
dolibarr
@@ -42,8 +42,9 @@ discard block |
||
| 42 | 42 | $id = GETPOST('id', 'int'); |
| 43 | 43 | |
| 44 | 44 | // Security check |
| 45 | -if ($user->socid > 0) |
|
| 45 | +if ($user->socid > 0) { |
|
| 46 | 46 | accessforbidden(); |
| 47 | +} |
|
| 47 | 48 | |
| 48 | 49 | |
| 49 | 50 | /* |
@@ -54,7 +55,9 @@ discard block |
||
| 54 | 55 | { |
| 55 | 56 | if (!$cancel) |
| 56 | 57 | { |
| 57 | - if ($codeventil < 0) $codeventil = 0; |
|
| 58 | + if ($codeventil < 0) { |
|
| 59 | + $codeventil = 0; |
|
| 60 | + } |
|
| 58 | 61 | |
| 59 | 62 | $sql = " UPDATE ".MAIN_DB_PREFIX."expensereport_det"; |
| 60 | 63 | $sql .= " SET fk_code_ventilation = ".$codeventil; |
@@ -50,7 +50,9 @@ discard block |
||
| 50 | 50 | |
| 51 | 51 | // Load object |
| 52 | 52 | include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals |
| 53 | -if ($id > 0 || !empty($ref)) $upload_dir = $conf->mrp->multidir_output[$object->entity]."/".$object->id; |
|
| 53 | +if ($id > 0 || !empty($ref)) { |
|
| 54 | + $upload_dir = $conf->mrp->multidir_output[$object->entity]."/".$object->id; |
|
| 55 | +} |
|
| 54 | 56 | |
| 55 | 57 | // Security check - Protection if external user |
| 56 | 58 | //if ($user->socid > 0) accessforbidden(); |
@@ -106,8 +108,9 @@ discard block |
||
| 106 | 108 | $morehtmlref .= '<br>'.$langs->trans('Project').' '; |
| 107 | 109 | if ($permissiontoadd) |
| 108 | 110 | { |
| 109 | - if ($action != 'classify') |
|
| 110 | - $morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : '; |
|
| 111 | + if ($action != 'classify') { |
|
| 112 | + $morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : '; |
|
| 113 | + } |
|
| 111 | 114 | if ($action == 'classify') { |
| 112 | 115 | //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->fk_soc, $object->fk_project, 'projectid', 0, 0, 1, 1); |
| 113 | 116 | $morehtmlref .= '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">'; |
@@ -118,23 +118,40 @@ discard block |
||
| 118 | 118 | |
| 119 | 119 | // If the internal user must only see his customers, force searching by him |
| 120 | 120 | $search_sale = 0; |
| 121 | - if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id; |
|
| 121 | + if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) { |
|
| 122 | + $search_sale = DolibarrApiAccess::$user->id; |
|
| 123 | + } |
|
| 122 | 124 | |
| 123 | 125 | $sql = "SELECT t.rowid"; |
| 124 | - if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) |
|
| 126 | + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { |
|
| 127 | + $sql .= ", sc.fk_soc, sc.fk_user"; |
|
| 128 | + } |
|
| 129 | + // We need these fields in order to filter by sale (including the case where the user can only see his prospects) |
|
| 125 | 130 | $sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." as t"; |
| 126 | 131 | |
| 127 | - if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale |
|
| 132 | + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { |
|
| 133 | + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
|
| 134 | + } |
|
| 135 | + // We need this table joined to the select in order to filter by sale |
|
| 128 | 136 | $sql .= " WHERE 1 = 1"; |
| 129 | 137 | |
| 130 | 138 | // Example of use $mode |
| 131 | 139 | //if ($mode == 1) $sql.= " AND s.client IN (1, 3)"; |
| 132 | 140 | //if ($mode == 2) $sql.= " AND s.client IN (2, 3)"; |
| 133 | 141 | |
| 134 | - if ($tmpobject->ismultientitymanaged) $sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')'; |
|
| 135 | - if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= " AND t.fk_soc = sc.fk_soc"; |
|
| 136 | - if ($restrictonsocid && $socid) $sql .= " AND t.fk_soc = ".$socid; |
|
| 137 | - if ($restrictonsocid && $search_sale > 0) $sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale |
|
| 142 | + if ($tmpobject->ismultientitymanaged) { |
|
| 143 | + $sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')'; |
|
| 144 | + } |
|
| 145 | + if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) { |
|
| 146 | + $sql .= " AND t.fk_soc = sc.fk_soc"; |
|
| 147 | + } |
|
| 148 | + if ($restrictonsocid && $socid) { |
|
| 149 | + $sql .= " AND t.fk_soc = ".$socid; |
|
| 150 | + } |
|
| 151 | + if ($restrictonsocid && $search_sale > 0) { |
|
| 152 | + $sql .= " AND t.rowid = sc.fk_soc"; |
|
| 153 | + } |
|
| 154 | + // Join for the needed table to filter by sale |
|
| 138 | 155 | // Insert sale filter |
| 139 | 156 | if ($restrictonsocid && $search_sale > 0) { |
| 140 | 157 | $sql .= " AND sc.fk_user = ".$search_sale; |
@@ -235,7 +252,9 @@ discard block |
||
| 235 | 252 | } |
| 236 | 253 | |
| 237 | 254 | foreach ($request_data as $field => $value) { |
| 238 | - if ($field == 'id') continue; |
|
| 255 | + if ($field == 'id') { |
|
| 256 | + continue; |
|
| 257 | + } |
|
| 239 | 258 | $this->myobject->$field = $value; |
| 240 | 259 | } |
| 241 | 260 | |
@@ -361,9 +380,13 @@ discard block |
||
| 361 | 380 | { |
| 362 | 381 | $myobject = array(); |
| 363 | 382 | foreach ($this->myobject->fields as $field => $propfield) { |
| 364 | - if (in_array($field, array('rowid', 'entity', 'date_creation', 'tms', 'fk_user_creat')) || $propfield['notnull'] != 1) continue; // Not a mandatory field |
|
| 365 | - if (!isset($data[$field])) |
|
| 366 | - throw new RestException(400, "$field field missing"); |
|
| 383 | + if (in_array($field, array('rowid', 'entity', 'date_creation', 'tms', 'fk_user_creat')) || $propfield['notnull'] != 1) { |
|
| 384 | + continue; |
|
| 385 | + } |
|
| 386 | + // Not a mandatory field |
|
| 387 | + if (!isset($data[$field])) { |
|
| 388 | + throw new RestException(400, "$field field missing"); |
|
| 389 | + } |
|
| 367 | 390 | $myobject[$field] = $data[$field]; |
| 368 | 391 | } |
| 369 | 392 | return $myobject; |
@@ -24,7 +24,9 @@ discard block |
||
| 24 | 24 | require '../../main.inc.php'; |
| 25 | 25 | |
| 26 | 26 | // Security check |
| 27 | -if (!$user->admin) accessforbidden(); |
|
| 27 | +if (!$user->admin) { |
|
| 28 | + accessforbidden(); |
|
| 29 | +} |
|
| 28 | 30 | |
| 29 | 31 | $langs->load("cashdesk"); |
| 30 | 32 | |
@@ -37,8 +39,7 @@ discard block |
||
| 37 | 39 | if (GETPOSTISSET("id")) { |
| 38 | 40 | print '<h1><b>'.$langs->trans("ScanToOrder").'</b></h1>'; |
| 39 | 41 | print "<img src='".DOL_URL_ROOT."/takepos/genimg/qr.php?key=".dol_encode($id)."' width='30%'>"; |
| 40 | -} |
|
| 41 | -else { |
|
| 42 | +} else { |
|
| 42 | 43 | print '<h1><b>'.$langs->trans("ScanToMenu").'</b></h1>'; |
| 43 | 44 | print "<img src='".DOL_URL_ROOT."/takepos/genimg/qr.php' width='30%'>"; |
| 44 | 45 | } |
@@ -473,8 +473,9 @@ |
||
| 473 | 473 | $extrafields->fetch_name_optionals_label($elementype); |
| 474 | 474 | if (!empty($extrafields->attributes[$elementtype]['type'])) { |
| 475 | 475 | foreach ($extrafields->attributes[$elementtype]['type'] as $key => &$value) { |
| 476 | - if ($value == 'radio') |
|
| 477 | - $value = 'select'; |
|
| 476 | + if ($value == 'radio') { |
|
| 477 | + $value = 'select'; |
|
| 478 | + } |
|
| 478 | 479 | } |
| 479 | 480 | } |
| 480 | 481 | if (!empty($extrafields->attributes[$elementtype]['label'])) { |
@@ -47,12 +47,22 @@ |
||
| 47 | 47 | // Try master.inc.php into web root detected using web root calculated from SCRIPT_FILENAME |
| 48 | 48 | $tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; |
| 49 | 49 | while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; } |
| 50 | -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/master.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/master.inc.php"; |
|
| 51 | -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/master.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/master.inc.php"; |
|
| 50 | +if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/master.inc.php")) { |
|
| 51 | + $res = @include substr($tmp, 0, ($i + 1))."/master.inc.php"; |
|
| 52 | +} |
|
| 53 | +if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/master.inc.php")) { |
|
| 54 | + $res = @include dirname(substr($tmp, 0, ($i + 1)))."/master.inc.php"; |
|
| 55 | +} |
|
| 52 | 56 | // Try master.inc.php using relative path |
| 53 | -if (!$res && file_exists("../master.inc.php")) $res = @include "../master.inc.php"; |
|
| 54 | -if (!$res && file_exists("../../master.inc.php")) $res = @include "../../master.inc.php"; |
|
| 55 | -if (!$res && file_exists("../../../master.inc.php")) $res = @include "../../../master.inc.php"; |
|
| 57 | +if (!$res && file_exists("../master.inc.php")) { |
|
| 58 | + $res = @include "../master.inc.php"; |
|
| 59 | +} |
|
| 60 | +if (!$res && file_exists("../../master.inc.php")) { |
|
| 61 | + $res = @include "../../master.inc.php"; |
|
| 62 | +} |
|
| 63 | +if (!$res && file_exists("../../../master.inc.php")) { |
|
| 64 | + $res = @include "../../../master.inc.php"; |
|
| 65 | +} |
|
| 56 | 66 | if (!$res) { |
| 57 | 67 | print "Include of master fails"; |
| 58 | 68 | exit(-1); |
@@ -38,7 +38,9 @@ discard block |
||
| 38 | 38 | |
| 39 | 39 | // Security check |
| 40 | 40 | $socid = GETPOST('socid', 'int'); |
| 41 | -if ($user->socid) $socid = $user->socid; |
|
| 41 | +if ($user->socid) { |
|
| 42 | + $socid = $user->socid; |
|
| 43 | +} |
|
| 42 | 44 | $result = restrictedArea($user, 'prelevement', '', ''); |
| 43 | 45 | |
| 44 | 46 | |
@@ -97,7 +99,9 @@ discard block |
||
| 97 | 99 | $sql .= " s.nom as name, s.email, s.rowid as socid"; |
| 98 | 100 | $sql .= " FROM ".MAIN_DB_PREFIX."facture as f,"; |
| 99 | 101 | $sql .= " ".MAIN_DB_PREFIX."societe as s"; |
| 100 | -if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
|
| 102 | +if (!$user->rights->societe->client->voir && !$socid) { |
|
| 103 | + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; |
|
| 104 | +} |
|
| 101 | 105 | $sql .= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; |
| 102 | 106 | $sql .= " WHERE s.rowid = f.fk_soc"; |
| 103 | 107 | $sql .= " AND f.entity IN (".getEntity('invoice').")"; |
@@ -109,8 +113,12 @@ discard block |
||
| 109 | 113 | $sql .= " AND pfd.traite = 0"; |
| 110 | 114 | $sql .= " AND pfd.ext_payment_id IS NULL"; |
| 111 | 115 | $sql .= " AND pfd.fk_facture = f.rowid"; |
| 112 | -if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; |
|
| 113 | -if ($socid) $sql .= " AND f.fk_soc = ".$socid; |
|
| 116 | +if (!$user->rights->societe->client->voir && !$socid) { |
|
| 117 | + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; |
|
| 118 | +} |
|
| 119 | +if ($socid) { |
|
| 120 | + $sql .= " AND f.fk_soc = ".$socid; |
|
| 121 | +} |
|
| 114 | 122 | |
| 115 | 123 | $resql = $db->query($sql); |
| 116 | 124 | if ($resql) |
@@ -47,8 +47,9 @@ discard block |
||
| 47 | 47 | $action = ''; |
| 48 | 48 | $socid = $user->socid; |
| 49 | 49 | } |
| 50 | -if ($user->socid) |
|
| 50 | +if ($user->socid) { |
|
| 51 | 51 | $socid = $user->socid; |
| 52 | +} |
|
| 52 | 53 | |
| 53 | 54 | // Get parameters |
| 54 | 55 | $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; |
@@ -59,10 +60,12 @@ discard block |
||
| 59 | 60 | $offset = $limit * $page; |
| 60 | 61 | $pageprev = $page - 1; |
| 61 | 62 | $pagenext = $page + 1; |
| 62 | -if (!$sortorder) |
|
| 63 | +if (!$sortorder) { |
|
| 63 | 64 | $sortorder = "ASC"; |
| 64 | -if (!$sortfield) |
|
| 65 | +} |
|
| 66 | +if (!$sortfield) { |
|
| 65 | 67 | $sortfield = "name"; |
| 68 | +} |
|
| 66 | 69 | |
| 67 | 70 | $object = new Account($db); |
| 68 | 71 | if ($id > 0 || !empty($ref)) |
@@ -92,10 +92,18 @@ |
||
| 92 | 92 | global $langs; |
| 93 | 93 | $langs->load("admin"); |
| 94 | 94 | |
| 95 | - if ($this->version == 'development') return $langs->trans("VersionDevelopment"); |
|
| 96 | - if ($this->version == 'experimental') return $langs->trans("VersionExperimental"); |
|
| 97 | - if ($this->version == 'dolibarr') return DOL_VERSION; |
|
| 98 | - if ($this->version) return $this->version; |
|
| 95 | + if ($this->version == 'development') { |
|
| 96 | + return $langs->trans("VersionDevelopment"); |
|
| 97 | + } |
|
| 98 | + if ($this->version == 'experimental') { |
|
| 99 | + return $langs->trans("VersionExperimental"); |
|
| 100 | + } |
|
| 101 | + if ($this->version == 'dolibarr') { |
|
| 102 | + return DOL_VERSION; |
|
| 103 | + } |
|
| 104 | + if ($this->version) { |
|
| 105 | + return $this->version; |
|
| 106 | + } |
|
| 99 | 107 | return $langs->trans("NotAvailable"); |
| 100 | 108 | } |
| 101 | 109 | } |
