Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur
2018-07-03 12:33:17 +02:00
parent 63f3143718 cfb41d4329
commit 12c43d7722
24 changed files with 254 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
ChangeLog
View File

@@ -2,6 +2,28 @@
English Dolibarr ChangeLog
--------------------------------------------------------------
***** ChangeLog for 8.0.0 compared to 7.0.3 *****
WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* Remove old deprecated hook 'insertExtraFields'. Triggers must be used for action on CRUD events.
* Hook 'maildao' was renamed into 'mail' into the method sendfile that send emails, and method was renamed from
'doaction' into 'sendMail'.
* Rename trigger CONTRACT_SERVICE_ACTIVATE into LINECONTRACT_ACTIVATE and
CONTRACT_SERVICE_CLOSE into LINECONTRACT_CLOSE
* Remove triggers *_CLONE. The trigger CREATE with context 'createfromclone' is already called so this is
a duplicated feature. Cloning is not a business event, the business event is CREATE, so no trigger required.
* PHP 5.3 is no more supported. Minimum PHP is now 5.4+
* Remove the old deprecated code of doActions and getInstanceDao in canvas. The doActions of standard hooks are
already available and are better.
* Removed method fetch_prods() and get_each_prod() not used, keep only get_arbo_each_prod() that is better.
* The hook contaxt commcard has been renamed thirdpartycomm
* The hook contaxt thirdpartycard has been renamed thirdpartycontact
* Remove method Categorie:get_nb_categories() that was not used.
* Hook getnomurltooltip provide a duplicate feature compared to hook getNomUrl so all hooks getnomurltooltip
are now replaced with hook getNomUrl.
***** ChangeLog for 7.0.3 compared to 7.0.2 *****
FIX: 7.0 task contact card without withproject parameters
FIX: #8722
@@ -40,29 +62,6 @@ FIX: supplier order: product supplier ref not saved on addline
FIX: test is_erasable() must be done before call function delete() too to avoid delete invoice with &action=delete in url
FIX: wrong var name $search_month_lim
***** ChangeLog for 8.0.0 compared to 7.0.0 *****
WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* Remove old deprecated hook 'insertExtraFields'. Triggers must be used for action on CRUD events.
* Hook 'maildao' was renamed into 'mail' into the method sendfile that send emails, and method was renamed from
'doaction' into 'sendMail'.
* Rename trigger CONTRACT_SERVICE_ACTIVATE into LINECONTRACT_ACTIVATE and
CONTRACT_SERVICE_CLOSE into LINECONTRACT_CLOSE
* Remove triggers *_CLONE. The trigger CREATE with context 'createfromclone' is already called so this is
a duplicated feature. Cloning is not a business event, the business event is CREATE, so no trigger required.
* PHP 5.3 is no more supported. Minimum PHP is now 5.4+
* Remove the old deprecated code of doActions and getInstanceDao in canvas. The doActions of standard hooks are
already available and are better.
* Removed method fetch_prods() and get_each_prod() not used, keep only get_arbo_each_prod() that is better.
* The hook contaxt commcard has been renamed thirdpartycomm
* The hook contaxt thirdpartycard has been renamed thirdpartycontact
* Remove method Categorie:get_nb_categories() that was not used.
* Hook getnomurltooltip provide a duplicate feature compared to hook getNomUrl so all hooks getnomurltooltip
are now replaced with hook getNomUrl.
***** ChangeLog for 7.0.2 compared to 7.0.1 *****
FIX: #8023
FIX: #8259 can't update contact birthday with REST API
@@ -220,7 +219,7 @@ FIX: Use of undefined constant _ROWS_2
FIX: warning when adding ECM files using old photo path
***** ChangeLog for 7.0.0 compared to 6.0.5 *****
***** ChangeLog for 7.0.0 compared to 6.0.7 *****
For users:
NEW: Add a preview icon after files that can be previewed (pdf + images)
NEW: When payment is registered, PDF of invoices are also regenerated so payments

10
htdocs/admin/workflow.php
View File

@@ -39,7 +39,7 @@ $action = GETPOST('action', 'alpha');
*/
if (preg_match('/set(.*)/',$action,$reg))
{
if (! dolibarr_set_const($db, $reg[1], 1, 'chaine', 0, '', $conf->entity) > 0)
if (! dolibarr_set_const($db, $reg[1], '1', 'chaine', 0, '', $conf->entity) > 0)
{
dol_print_error($db);
}
@@ -75,14 +75,12 @@ $workflowcodes=array(
'WORKFLOW_PROPAL_AUTOCREATE_ORDER'=>array('family'=>'create', 'position'=>10, 'enabled'=>'! empty($conf->propal->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order'),
'WORKFLOW_ORDER_AUTOCREATE_INVOICE'=>array('family'=>'create', 'position'=>20, 'enabled'=>'! empty($conf->commande->enabled) && ! empty($conf->facture->enabled)', 'picto'=>'bill'),
'separator1'=>array('family'=>'separator', 'position'=>25),
// Automatic classification proposal
// Automatic classification of proposal
'WORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL'=>array('family'=>'classify_proposal', 'position'=>30, 'enabled'=>'! empty($conf->propal->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'propal','warning'=>''),
'WORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL'=>array('family'=>'classify_proposal', 'position'=>31, 'enabled'=>'! empty($conf->propal->enabled) && ! empty($conf->facture->enabled)', 'picto'=>'propal','warning'=>''),
// Automatic classification invoice
// Automatic classification of order
'WORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING'=>array('family'=>'classify_order', 'position'=>40, 'enabled'=>'! empty($conf->expedition->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order'),
// For the following 2 options, if module invoice is disabled, they does not exists, so "Classify billed" for order must be done manually from order card.
'WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER'=>array('family'=>'classify_order', 'position'=>41, 'enabled'=>'! empty($conf->facture->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order','warning'=>''),
//Moved as hidden feature: 'WORKFLOW_INVOICE_CLASSIFY_BILLED_ORDER'=>array('family'=>'classify_order', 'position'=>42, 'enabled'=>'! empty($conf->facture->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order','warning'=>''),
'WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER'=>array('family'=>'classify_order', 'position'=>41, 'enabled'=>'! empty($conf->facture->enabled) && ! empty($conf->commande->enabled)', 'picto'=>'order','warning'=>''), // For this option, if module invoice is disabled, it does not exists, so "Classify billed" for order must be done manually from order card.
'separator2'=>array('family'=>'separator', 'position'=>50),
// Automatic classification supplier proposal
'WORKFLOW_ORDER_CLASSIFY_BILLED_SUPPLIER_PROPOSAL'=>array('family'=>'classify_supplier_proposal', 'position'=>60, 'enabled'=>'! empty($conf->supplier_proposal->enabled) && ! empty($conf->fournisseur->enabled)', 'picto'=>'propal','warning'=>''),

162
htdocs/comm/propal/card.php
View File

@@ -108,9 +108,21 @@ if ($id > 0 || ! empty($ref)) {
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('propalcard','globalcard'));
$permissionnote = $user->rights->propale->creer; // Used by the include of actions_setnotes.inc.php
$permissiondellink=$user->rights->propale->creer; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $user->rights->propale->creer; // Used by the include of actions_lineupdown.inc.php
$usercanread = $user->rights->propal->lire;
$usercancreate = $user->rights->propal->creer;
$usercanclose = $user->rights->propal->cloturer;
$usercandelete = $user->rights->propal->supprimer;
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->propal->propal_advance->validate)));
$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->propal->propal_advance->send);
$usercancreateorder = $user->rights->commande->creer;
$usercancreateinvoice = $user->rights->facture->creer;
$usercancreatecontract = $user->rights->contrat->creer;
$usercancreateintervention = $user->rights->ficheinter->creer;
$permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
/*
@@ -140,7 +152,7 @@ if (empty($reshook))
include DOL_DOCUMENT_ROOT.'/core/actions_lineupdown.inc.php'; // Must be include, not include_once
// Action clone object
if ($action == 'confirm_clone' && $confirm == 'yes')
if ($action == 'confirm_clone' && $confirm == 'yes' && $usercancreate)
{
if (! GETPOST('socid', 3))
{
@@ -191,7 +203,7 @@ if (empty($reshook))
}
// Delete proposal
else if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->propal->supprimer)
else if ($action == 'confirm_delete' && $confirm == 'yes' && $usercandelete)
{
$result = $object->delete($user);
if ($result > 0) {
@@ -204,7 +216,7 @@ if (empty($reshook))
}
// Remove line
else if ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->propal->creer)
else if ($action == 'confirm_deleteline' && $confirm == 'yes' && $usercancreate)
{
$result = $object->deleteline($lineid);
// reorder lines
@@ -228,10 +240,7 @@ if (empty($reshook))
}
// Validation
else if ($action == 'confirm_validate' && $confirm == 'yes' &&
((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->propal->creer))
|| (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->propal->propal_advance->validate)))
)
else if ($action == 'confirm_validate' && $confirm == 'yes' && $usercanvalidate)
{
$result = $object->valid($user);
if ($result >= 0)
@@ -258,7 +267,7 @@ if (empty($reshook))
}
}
else if ($action == 'setdate' && $user->rights->propal->creer)
else if ($action == 'setdate' && $usercancreate)
{
$datep = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']);
@@ -273,13 +282,13 @@ if (empty($reshook))
dol_print_error($db, $object->error);
}
}
else if ($action == 'setecheance' && $user->rights->propal->creer)
else if ($action == 'setecheance' && $usercancreate)
{
$result = $object->set_echeance($user, dol_mktime(12, 0, 0, $_POST['echmonth'], $_POST['echday'], $_POST['echyear']));
if ($result < 0)
dol_print_error($db, $object->error);
}
else if ($action == 'setdate_livraison' && $user->rights->propal->creer)
else if ($action == 'setdate_livraison' && $usercancreate)
{
$result = $object->set_date_livraison($user, dol_mktime(12, 0, 0, $_POST['date_livraisonmonth'], $_POST['date_livraisonday'], $_POST['date_livraisonyear']));
if ($result < 0)
@@ -287,7 +296,7 @@ if (empty($reshook))
}
// Positionne ref client
else if ($action == 'setref_client' && $user->rights->propal->creer)
else if ($action == 'setref_client' && $usercancreate)
{
$result = $object->set_ref_client($user, GETPOST('ref_client'));
if ($result < 0)
@@ -297,13 +306,13 @@ if (empty($reshook))
}
// Set incoterm
elseif ($action == 'set_incoterms' && !empty($conf->incoterm->enabled))
elseif ($action == 'set_incoterms' && !empty($conf->incoterm->enabled) && $usercancreate)
{
$result = $object->setIncoterms(GETPOST('incoterm_id', 'int'), GETPOST('location_incoterms', 'alpha'));
}
// Create proposal
else if ($action == 'add' && $user->rights->propal->creer)
else if ($action == 'add' && $usercancreate)
{
$object->socid = $socid;
$object->fetch_thirdparty();
@@ -597,7 +606,7 @@ if (empty($reshook))
}
// Classify billed
else if ($action == 'classifybilled' && $user->rights->propal->cloturer)
else if ($action == 'classifybilled' && $usercanclose)
{
$result=$object->cloture($user, 4, '');
if ($result < 0)
@@ -608,7 +617,7 @@ if (empty($reshook))
}
// Close proposal
else if ($action == 'setstatut' && $user->rights->propal->cloturer && ! GETPOST('cancel','alpha'))
else if ($action == 'setstatut' && $usercanclose && ! GETPOST('cancel','alpha'))
{
if (! (GETPOST('statut','int') > 0)) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("CloseAs")), null, 'errors');
@@ -628,7 +637,7 @@ if (empty($reshook))
}
// Reopen proposal
else if ($action == 'confirm_reopen' && $user->rights->propal->cloturer && ! GETPOST('cancel','alpha'))
else if ($action == 'confirm_reopen' && $usercanclose && ! GETPOST('cancel','alpha'))
{
// prevent browser refresh from reopening proposal several times
if ($object->statut == Propal::STATUS_SIGNED || $object->statut == Propal::STATUS_NOTSIGNED || $object->statut == Propal::STATUS_BILLED)
@@ -653,7 +662,7 @@ if (empty($reshook))
// Go back to draft
if ($action == 'modif' && $user->rights->propal->creer)
if ($action == 'modif' && $usercancreate)
{
$object->set_draft($user);
@@ -671,7 +680,7 @@ if (empty($reshook))
}
}
else if ($action == "setabsolutediscount" && $user->rights->propal->creer) {
else if ($action == "setabsolutediscount" && $usercancreate) {
if ($_POST["remise_id"]) {
if ($object->id > 0) {
$result = $object->insert_discount($_POST["remise_id"]);
@@ -683,7 +692,7 @@ if (empty($reshook))
}
// Add line
else if ($action == 'addline' && $user->rights->propal->creer) {
else if ($action == 'addline' && $usercancreate) {
// Set if we used free entry or predefined product
$predef='';
@@ -1046,7 +1055,7 @@ if (empty($reshook))
}
// Update a line within proposal
else if ($action == 'updateligne' && $user->rights->propal->creer && GETPOST('save'))
else if ($action == 'updateligne' && $usercancreate && GETPOST('save'))
{
// Define info_bits
$info_bits = 0;
@@ -1183,62 +1192,62 @@ if (empty($reshook))
}
}
else if ($action == 'updateligne' && $user->rights->propal->creer && GETPOST('cancel','alpha'))
else if ($action == 'updateligne' && $usercancreate && GETPOST('cancel','alpha'))
{
header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $object->id); // Pour reaffichage de la fiche en cours d'edition
exit();
}
// Set project
else if ($action == 'classin' && $user->rights->propal->creer) {
else if ($action == 'classin' && $usercancreate) {
$object->setProject(GETPOST('projectid','int'));
}
// Delai de livraison
else if ($action == 'setavailability' && $user->rights->propal->creer) {
else if ($action == 'setavailability' && $usercancreate) {
$result = $object->set_availability($user, GETPOST('availability_id','int'));
}
// Origine de la propale
else if ($action == 'setdemandreason' && $user->rights->propal->creer) {
else if ($action == 'setdemandreason' && $usercancreate) {
$result = $object->set_demand_reason($user, GETPOST('demand_reason_id','int'));
}
// Conditions de reglement
else if ($action == 'setconditions' && $user->rights->propal->creer) {
else if ($action == 'setconditions' && $usercancreate) {
$result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int'));
}
else if ($action == 'setremisepercent' && $user->rights->propal->creer) {
else if ($action == 'setremisepercent' && $usercancreate) {
$result = $object->set_remise_percent($user, $_POST['remise_percent']);
}
else if ($action == 'setremiseabsolue' && $user->rights->propal->creer) {
else if ($action == 'setremiseabsolue' && $usercancreate) {
$result = $object->set_remise_absolue($user, $_POST['remise_absolue']);
}
// Mode de reglement
else if ($action == 'setmode' && $user->rights->propal->creer) {
else if ($action == 'setmode' && $usercancreate) {
$result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int'));
}
// Multicurrency Code
else if ($action == 'setmulticurrencycode' && $user->rights->propal->creer) {
else if ($action == 'setmulticurrencycode' && $usercancreate) {
$result = $object->setMulticurrencyCode(GETPOST('multicurrency_code', 'alpha'));
}
// Multicurrency rate
else if ($action == 'setmulticurrencyrate' && $user->rights->propal->creer) {
else if ($action == 'setmulticurrencyrate' && $usercancreate) {
$result = $object->setMulticurrencyRate(price2num(GETPOST('multicurrency_tx')));
}
// bank account
else if ($action == 'setbankaccount' && $user->rights->propal->creer) {
else if ($action == 'setbankaccount' && $usercancreate) {
$result=$object->setBankAccount(GETPOST('fk_account', 'int'));
}
// shipping method
else if ($action == 'setshippingmethod' && $user->rights->propal->creer) {
else if ($action == 'setshippingmethod' && $usercancreate) {
$result=$object->setShippingMethod(GETPOST('shipping_method_id', 'int'));
}
@@ -1261,7 +1270,7 @@ if (empty($reshook))
if ($error) $action = 'edit_extras';
}
if (! empty($conf->global->MAIN_DISABLE_CONTACTS_TAB) && $user->rights->propal->creer)
if (! empty($conf->global->MAIN_DISABLE_CONTACTS_TAB) && $usercancreate)
{
if ($action == 'addcontact')
{
@@ -1308,7 +1317,7 @@ if (empty($reshook))
// Actions to build doc
$upload_dir = $conf->propal->multidir_output[$object->entity];
$permissioncreate=$user->rights->propal->creer;
$permissioncreate=$usercancreate;
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
}
@@ -1837,8 +1846,8 @@ if ($action == 'create')
$morehtmlref='<div class="refidno">';
// Ref customer
$morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, $user->rights->propal->creer, 'string', '', 0, 1);
$morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, $user->rights->propal->creer, 'string', '', null, null, '', 1);
$morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, $usercancreate, 'string', '', 0, 1);
$morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, $usercancreate, 'string', '', null, null, '', 1);
// Thirdparty
$morehtmlref.='<br>'.$langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1,'customer');
if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) $morehtmlref.=' (<a href="'.DOL_URL_ROOT.'/comm/propal/list.php?socid='.$object->thirdparty->id.'">'.$langs->trans("OtherProposals").'</a>)';
@@ -1847,7 +1856,7 @@ if ($action == 'create')
{
$langs->load("projects");
$morehtmlref.='<br>'.$langs->trans('Project') . ' ';
if ($user->rights->propal->creer)
if ($usercancreate)
{
if ($action != 'classify')
$morehtmlref.='<a href="' . $_SERVER['PHP_SELF'] . '?action=classify&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetProject')) . '</a> : ';
@@ -1915,11 +1924,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('Date');
print '</td>';
if ($action != 'editdate' && ! empty($object->brouillon))
if ($action != 'editdate' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editdate&amp;id=' . $object->id . '">' . img_edit($langs->trans('SetDate'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if (! empty($object->brouillon) && $action == 'editdate') {
if (! empty($object->brouillon) && $action == 'editdate' && $usercancreate) {
print '<form name="editdate" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '" method="post">';
print '<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">';
print '<input type="hidden" name="action" value="setdate">';
@@ -1941,11 +1950,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('DateEndPropal');
print '</td>';
if ($action != 'editecheance' && ! empty($object->brouillon))
if ($action != 'editecheance' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editecheance&amp;id=' . $object->id . '">' . img_edit($langs->trans('SetConditions'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if (! empty($object->brouillon) && $action == 'editecheance') {
if (! empty($object->brouillon) && $action == 'editecheance' && $usercancreate) {
print '<form name="editecheance" action="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '" method="post">';
print '<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">';
print '<input type="hidden" name="action" value="setecheance">';
@@ -1969,11 +1978,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('PaymentConditionsShort');
print '</td>';
if ($action != 'editconditions' && ! empty($object->brouillon))
if ($action != 'editconditions' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editconditions&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetConditions'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editconditions') {
if (! empty($object->brouillon) && $action == 'editconditions' && $usercancreate) {
$form->form_conditions_reglement($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->cond_reglement_id, 'cond_reglement_id');
} else {
$form->form_conditions_reglement($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->cond_reglement_id, 'none');
@@ -1984,9 +1993,9 @@ if ($action == 'create')
// Delivery date
$langs->load('deliveries');
print '<tr><td>';
print $form->editfieldkey($langs->trans('DeliveryDate'), 'date_livraison', $object->date_livraison, $object, $user->rights->propal->creer, 'datepicker');
print $form->editfieldkey($langs->trans('DeliveryDate'), 'date_livraison', $object->date_livraison, $object, $usercancreate, 'datepicker');
print '</td><td>';
print $form->editfieldval($langs->trans('DeliveryDate'), 'date_livraison', $object->date_livraison, $object, $user->rights->propal->creer, 'datepicker');
print $form->editfieldval($langs->trans('DeliveryDate'), 'date_livraison', $object->date_livraison, $object, $usercancreate, 'datepicker');
print '</td>';
print '</tr>';
@@ -1997,11 +2006,11 @@ if ($action == 'create')
if (! empty($conf->commande->enabled))
print ' (' . $langs->trans('AfterOrder') . ')';
print '</td>';
if ($action != 'editavailability' && ! empty($object->brouillon))
if ($action != 'editavailability' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editavailability&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetAvailability'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editavailability') {
if (! empty($object->brouillon) && $action == 'editavailability' && $usercancreate) {
$form->form_availability($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->availability_id, 'availability_id', 1);
} else {
$form->form_availability($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->availability_id, 'none', 1);
@@ -2016,11 +2025,11 @@ if ($action == 'create')
print '<table width="100%" class="nobordernopadding"><tr><td>';
print $langs->trans('SendingMethod');
print '</td>';
if ($action != 'editshippingmethod' && $user->rights->propal->creer)
if ($action != 'editshippingmethod' && $usercancreate)
print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editshippingmethod&amp;id='.$object->id.'">'.img_edit($langs->trans('SetShippingMode'),1).'</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editshippingmethod') {
if ($action == 'editshippingmethod' && $usercancreate) {
$form->formSelectShippingMethod($_SERVER['PHP_SELF'].'?id='.$object->id, $object->shipping_method_id, 'shipping_method_id', 1);
} else {
$form->formSelectShippingMethod($_SERVER['PHP_SELF'].'?id='.$object->id, $object->shipping_method_id, 'none');
@@ -2034,11 +2043,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('Source');
print '</td>';
if ($action != 'editdemandreason' && ! empty($object->brouillon))
if ($action != 'editdemandreason' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editdemandreason&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetDemandReason'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editdemandreason') {
if (! empty($object->brouillon) && $action == 'editdemandreason' && $usercancreate) {
$form->formInputReason($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->demand_reason_id, 'demand_reason_id', 1);
} else {
$form->formInputReason($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->demand_reason_id, 'none');
@@ -2052,11 +2061,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode' && ! empty($object->brouillon))
if ($action != 'editmode' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editmode&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetMode'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editmode') {
if (! empty($object->brouillon) && $action == 'editmode' && $usercancreate) {
$form->form_modes_reglement($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->mode_reglement_id, 'mode_reglement_id');
} else {
$form->form_modes_reglement($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->mode_reglement_id, 'none');
@@ -2072,11 +2081,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print fieldLabel('Currency','multicurrency_code');
print '</td>';
if ($action != 'editmulticurrencycode' && ! empty($object->brouillon))
if ($action != 'editmulticurrencycode' && ! empty($object->brouillon) && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editmulticurrencycode&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editmulticurrencycode') {
if (! empty($object->brouillon) && $action == 'editmulticurrencycode' && $usercancreate) {
$form->form_multicurrency_code($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->multicurrency_code, 'multicurrency_code');
} else {
$form->form_multicurrency_code($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->multicurrency_code, 'none');
@@ -2089,11 +2098,11 @@ if ($action == 'create')
print '<table class="nobordernopadding" width="100%"><tr><td>';
print fieldLabel('CurrencyRate','multicurrency_tx');
print '</td>';
if ($action != 'editmulticurrencyrate' && ! empty($object->brouillon) && $object->multicurrency_code && $object->multicurrency_code != $conf->currency)
if ($action != 'editmulticurrencyrate' && ! empty($object->brouillon) && $object->multicurrency_code && $object->multicurrency_code != $conf->currency && $usercancreate)
print '<td align="right"><a href="' . $_SERVER["PHP_SELF"] . '?action=editmulticurrencyrate&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1) . '</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editmulticurrencyrate' || $action == 'actualizemulticurrencyrate') {
if (! empty($object->brouillon) && ($action == 'editmulticurrencyrate' || $action == 'actualizemulticurrencyrate') && $usercancreate) {
if($action == 'actualizemulticurrencyrate') {
list($object->fk_multicurrency, $object->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($object->db, $object->multicurrency_code);
}
@@ -2128,7 +2137,7 @@ if ($action == 'create')
print '<table width="100%" class="nobordernopadding"><tr><td>';
print $langs->trans('BankAccount');
print '</td>';
if ($action != 'editbankaccount' && $user->rights->propal->creer)
if ($action != 'editbankaccount' && $usercancreate)
print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'),1).'</a></td>';
print '</tr></table>';
print '</td><td>';
@@ -2164,7 +2173,7 @@ if ($action == 'create')
print '<table width="100%" class="nobordernopadding"><tr><td>';
print $langs->trans('IncotermLabel');
print '<td><td align="right">';
if ($user->rights->propal->creer) print '<a href="'.DOL_URL_ROOT.'/comm/propal/card.php?id='.$object->id.'&action=editincoterm">'.img_edit().'</a>';
if ($usercancreate) print '<a href="'.DOL_URL_ROOT.'/comm/propal/card.php?id='.$object->id.'&action=editincoterm">'.img_edit().'</a>';
else print '&nbsp;';
print '</td></tr></table>';
print '</td>';
@@ -2293,7 +2302,7 @@ if ($action == 'create')
$ret = $object->printObjectLines($action, $mysoc, $soc, $lineid, 1);
// Form to add new line
if ($object->statut == Propal::STATUS_DRAFT && $user->rights->propal->creer && $action != 'selectlines')
if ($object->statut == Propal::STATUS_DRAFT && $usercancreate && $action != 'selectlines')
{
if ($action != 'editline')
{
@@ -2328,8 +2337,7 @@ if ($action == 'create')
// Validate
if ($object->statut == Propal::STATUS_DRAFT && $object->total_ttc >= 0 && count($object->lines) > 0)
{
if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->propal->creer))
|| (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->propal->propal_advance->validate)))
if ($usercanvalidate)
{
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&amp;action=validate">' . $langs->trans('Validate') . '</a></div>';
}
@@ -2342,19 +2350,19 @@ if ($action == 'create')
print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/comm/action/card.php?action=create&amp;origin=' . $object->element . '&amp;originid=' . $object->id . '&amp;socid=' . $object->socid . '">' . $langs->trans("AddAction") . '</a></div>';
}*/
// Edit
if ($object->statut == Propal::STATUS_VALIDATED && $user->rights->propal->creer) {
if ($object->statut == Propal::STATUS_VALIDATED && $usercancreate) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&amp;action=modif">' . $langs->trans('Modify') . '</a></div>';
}
// ReOpen
if (($object->statut == Propal::STATUS_SIGNED || $object->statut == Propal::STATUS_NOTSIGNED || $object->statut == Propal::STATUS_BILLED) && $user->rights->propal->cloturer) {
if (($object->statut == Propal::STATUS_SIGNED || $object->statut == Propal::STATUS_NOTSIGNED || $object->statut == Propal::STATUS_BILLED) && $usercanclose) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&amp;action=reopen' . (empty($conf->global->MAIN_JUMP_TAG) ? '' : '#reopen') . '"';
print '>' . $langs->trans('ReOpen') . '</a></div>';
}
// Send
if ($object->statut == Propal::STATUS_VALIDATED || $object->statut == Propal::STATUS_SIGNED) {
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->propal->propal_advance->send) {
if ($usercansend) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&action=presend&mode=init#formmailbeforetitle">' . $langs->trans('SendMail') . '</a></div>';
} else
print '<div class="inline-block divButAction"><a class="butActionRefused" href="#">' . $langs->trans('SendMail') . '</a></div>';
@@ -2362,14 +2370,14 @@ if ($action == 'create')
// Create an order
if (! empty($conf->commande->enabled) && $object->statut == Propal::STATUS_SIGNED) {
if ($user->rights->commande->creer) {
if ($usercancreateorder) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/commande/card.php?action=create&amp;origin=' . $object->element . '&amp;originid=' . $object->id . '&amp;socid=' . $object->socid . '">' . $langs->trans("AddOrder") . '</a></div>';
}
}
// Create an intervention
if (! empty($conf->service->enabled) && ! empty($conf->ficheinter->enabled) && $object->statut == Propal::STATUS_SIGNED) {
if ($user->rights->ficheinter->creer) {
if ($usercancreateintervention) {
$langs->load("interventions");
print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/fichinter/card.php?action=create&amp;origin=' . $object->element . '&amp;originid=' . $object->id . '&amp;socid=' . $object->socid . '">' . $langs->trans("AddIntervention") . '</a></div>';
}
@@ -2379,7 +2387,7 @@ if ($action == 'create')
if ($conf->contrat->enabled && $object->statut == Propal::STATUS_SIGNED) {
$langs->load("contracts");
if ($user->rights->contrat->creer) {
if ($usercancreatecontract) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/contrat/card.php?action=create&amp;origin=' . $object->element . '&amp;originid=' . $object->id . '&amp;socid=' . $object->socid . '">' . $langs->trans('AddContract') . '</a></div>';
}
}
@@ -2387,7 +2395,7 @@ if ($action == 'create')
// Create an invoice and classify billed
if ($object->statut == Propal::STATUS_SIGNED)
{
if (! empty($conf->facture->enabled) && $user->rights->facture->creer)
if (! empty($conf->facture->enabled) && $usercancreateinvoice)
{
print '<div class="inline-block divButAction"><a class="butAction" href="' . DOL_URL_ROOT . '/compta/facture/card.php?action=create&amp;origin=' . $object->element . '&amp;originid=' . $object->id . '&amp;socid=' . $object->socid . '">' . $langs->trans("AddBill") . '</a></div>';
}
@@ -2400,18 +2408,18 @@ if ($action == 'create')
}
// Set accepted/refused
if ($object->statut == Propal::STATUS_VALIDATED && $user->rights->propal->cloturer) {
if ($object->statut == Propal::STATUS_VALIDATED && $usercanclose) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&amp;action=statut' . (empty($conf->global->MAIN_JUMP_TAG) ? '' : '#close') . '"';
print '>' . $langs->trans('SetAcceptedRefused') . '</a></div>';
}
// Clone
if ($user->rights->propal->creer) {
if ($usercancreate) {
print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER['PHP_SELF'] . '?id=' . $object->id . '&amp;socid=' . $object->socid . '&amp;action=clone&amp;object=' . $object->element . '">' . $langs->trans("ToClone") . '</a></div>';
}
// Delete
if ($user->rights->propal->supprimer) {
if ($usercandelete) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="' . $_SERVER["PHP_SELF"] . '?id=' . $object->id . '&amp;action=delete"';
print '>' . $langs->trans('Delete') . '</a></div>';
}
@@ -2434,8 +2442,8 @@ if ($action == 'create')
$filename = dol_sanitizeFileName($object->ref);
$filedir = $conf->propal->multidir_output[$object->entity] . "/" . dol_sanitizeFileName($object->ref);
$urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id;
$genallowed = $user->rights->propal->lire;
$delallowed = $user->rights->propal->creer;
$genallowed = $usercanread;
$delallowed = $usercancreate;
print $formfile->showdocuments('propal', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang, '', $object);

27
htdocs/comm/propal/class/propal.class.php
View File

@@ -1328,15 +1328,19 @@ class Propal extends CommonObject
$sql.= ", dr.code as demand_reason_code, dr.label as demand_reason";
$sql.= ", cr.code as cond_reglement_code, cr.libelle as cond_reglement, cr.libelle_facture as cond_reglement_libelle_doc";
$sql.= ", cp.code as mode_reglement_code, cp.libelle as mode_reglement";
$sql.= " FROM ".MAIN_DB_PREFIX."c_propalst as c, ".MAIN_DB_PREFIX."propal as p";
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as cp ON p.fk_mode_reglement = cp.id';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_payment_term as cr ON p.fk_cond_reglement = cr.rowid';
$sql.= " FROM ".MAIN_DB_PREFIX."propal as p";
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_propalst as c ON p.fk_statut = c.id';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as cp ON p.fk_mode_reglement = cp.id AND cp.entity IN ('.getEntity('c_paiement').')';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_payment_term as cr ON p.fk_cond_reglement = cr.rowid AND cr.entity IN ('.getEntity('c_payment_term').')';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_availability as ca ON p.fk_availability = ca.rowid';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON p.fk_input_reason = dr.rowid';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON p.fk_incoterms = i.rowid';
$sql.= " WHERE p.fk_statut = c.id";
$sql.= " AND p.entity IN (".getEntity('propal').")";
if ($ref) $sql.= " AND p.ref='".$ref."'";
if ($ref) {
$sql.= " AND p.entity IN (".getEntity('propal').")"; // Dont't use entity if you use rowid
$sql.= " AND p.ref='".$ref."'";
}
else $sql.= " AND p.rowid=".$rowid;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@@ -3347,12 +3351,19 @@ class Propal extends CommonObject
global $conf,$langs;
$langs->load("propal");
if (! empty($conf->global->PROPALE_ADDON))
$constant = 'PROPALE_ADDON_'.$this->entity;
if (! empty($conf->global->$constant)) {
$classname = $conf->global->$constant; // for multicompany proposal sharing
} else {
$classname = $conf->global->PROPALE_ADDON;
}
if (! empty($classname))
{
$mybool=false;
$file = $conf->global->PROPALE_ADDON.".php";
$classname = $conf->global->PROPALE_ADDON;
$file = $classname.".php";
// Include file with class
$dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']);

6
htdocs/commande/class/commande.class.php
View File

@@ -1591,8 +1591,10 @@ class Commande extends CommonOrder
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_availability as ca ON c.fk_availability = ca.rowid';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON c.fk_input_reason = ca.rowid';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON c.fk_incoterms = i.rowid';
$sql.= " WHERE c.entity IN (".getEntity('commande').")";
if ($id) $sql.= " AND c.rowid=".$id;
if ($id) $sql.= " WHERE c.rowid=".$id;
else $sql.= " WHERE c.entity IN (".getEntity('commande').")"; // Dont't use entity if you use rowid
if ($ref) $sql.= " AND c.ref='".$this->db->escape($ref)."'";
if ($ref_ext) $sql.= " AND c.ref_ext='".$this->db->escape($ref_ext)."'";
if ($ref_int) $sql.= " AND c.ref_int='".$this->db->escape($ref_int)."'";

2
htdocs/commande/list.php
View File

@@ -509,7 +509,7 @@ if ($resql)
{
print $form->selectyesno('valdate_invoices', 0, 1);
}
if (! empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER)) print ' &nbsp; &nbsp; <span class="opacitymedium">'.$langs->trans("IfValidateInvoiceIsNoOrderStayUnbilled").'</span>';
if (! empty($conf->workflow->enabled) && ! empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER)) print ' &nbsp; &nbsp; <span class="opacitymedium">'.$langs->trans("IfValidateInvoiceIsNoOrderStayUnbilled").'</span>';
else print ' &nbsp; &nbsp; <span class="opacitymedium">'.$langs->trans("OptionToSetOrderBilledNotEnabled").'</span>';
print '</td>';
print '</tr>';

4
htdocs/compta/facture/card.php
View File

@@ -3200,7 +3200,7 @@ if ($action == 'create')
print '<input type="hidden" name="origin" value="' . $objectsrc->element . '">';
print '<input type="hidden" name="originid" value="' . $objectsrc->id . '">';
switch ($classname) {
switch (get_class($objectsrc)) {
case 'Propal':
$newclassname = 'CommercialProposal';
break;
@@ -3217,7 +3217,7 @@ if ($action == 'create')
$newclassname = 'Intervention';
break;
default:
$newclassname = $classname;
$newclassname = get_class($objectsrc);
}
print '<tr><td>' . $langs->trans($newclassname) . '</td><td colspan="2">' . $objectsrc->getNomUrl(1);

6
htdocs/compta/facture/class/facture.class.php
View File

@@ -1274,8 +1274,10 @@ class Facture extends CommonInvoice
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_payment_term as c ON f.fk_cond_reglement = c.rowid';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement as p ON f.fk_mode_reglement = p.id';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON f.fk_incoterms = i.rowid';
$sql.= ' WHERE f.entity IN ('.getEntity('facture').')';
if ($rowid) $sql.= " AND f.rowid=".$rowid;
if ($rowid) $sql.= " WHERE f.rowid=".$rowid;
else $sql.= ' WHERE f.entity IN ('.getEntity('facture').')'; // Dont't use entity if you use rowid
if ($ref) $sql.= " AND f.facnumber='".$this->db->escape($ref)."'";
if ($ref_ext) $sql.= " AND f.ref_ext='".$this->db->escape($ref_ext)."'";
if ($ref_int) $sql.= " AND f.ref_int='".$this->db->escape($ref_int)."'";

36
htdocs/core/class/commonobject.class.php
View File

@@ -1500,7 +1500,7 @@ abstract class CommonObject
*/
function load_previous_next_ref($filter, $fieldid, $nodbprefix=0)
{
global $user;
global $conf, $user;
if (! $this->table_element)
{
@@ -1520,6 +1520,9 @@ abstract class CommonObject
$sql = "SELECT MAX(te.".$fieldid.")";
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
}
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
@@ -1534,7 +1537,18 @@ abstract class CommonObject
}
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element).')';
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
if (! empty($user->admin) && empty($user->entity) && $conf->entity == 1) {
$sql.= " AND te.entity IS NOT NULL"; // Show all users
} else {
$sql.= " AND ug.fk_user = te.rowid";
$sql.= " AND ug.entity IN (".getEntity($this->element).")";
}
} else {
$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
}
}
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
@@ -1552,6 +1566,9 @@ abstract class CommonObject
$sql = "SELECT MIN(te.".$fieldid.")";
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
}
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
@@ -1566,7 +1583,18 @@ abstract class CommonObject
}
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element).')';
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
if (! empty($user->admin) && empty($user->entity) && $conf->entity == 1) {
$sql.= " AND te.entity IS NOT NULL"; // Show all users
} else {
$sql.= " AND ug.fk_user = te.rowid";
$sql.= " AND ug.entity IN (".getEntity($this->element).")";
}
} else {
$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
}
}
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
@@ -3838,7 +3866,7 @@ abstract class CommonObject
{
global $conf,$langs,$user,$object,$hookmanager;
global $form,$bc,$bcdd;
global $object_rights, $disableedit, $disablemove; // TODO We should not use global var for this !
global $object_rights, $disableedit, $disablemove, $disableremove; // TODO We should not use global var for this !
$object_rights = $this->getRights();

7
htdocs/core/class/html.form.class.php
View File

@@ -291,7 +291,7 @@ class Form
$out='';
// Check parameters
if ($inputType == 'textarea') $value = dol_nl2br($value);
if (preg_match('/^text/',$inputType)) $value = dol_nl2br($value);
else if (preg_match('/^numeric/',$inputType)) $value = price($value);
else if ($inputType == 'day' || $inputType == 'datepicker') $value = dol_print_date($value, 'day');
@@ -6024,6 +6024,7 @@ class Form
// Bypass the default method
$hookmanager->initHooks(array('commonobject'));
$parameters=array(
'morehtmlright' => $morehtmlright,
'compatibleImportElementsList' =>& $compatibleImportElementsList,
);
$reshook=$hookmanager->executeHooks('showLinkedObjectBlock',$parameters,$object,$action); // Note that $action and $object may have been modified by hook
@@ -6197,7 +6198,7 @@ class Form
// Can complete the possiblelink array
$hookmanager->initHooks(array('commonobject'));
$parameters=array();
$parameters=array('listofidcompanytoscan' => $listofidcompanytoscan);
$reshook=$hookmanager->executeHooks('showLinkToObjectBlock',$parameters,$object,$action); // Note that $action and $object may have been modified by hook
if (empty($reshook))
{
@@ -6245,7 +6246,7 @@ class Form
print '</tr>';
while ($i < $num)
{
$objp = $this->db->fetch_object($resqlorderlist);
$objp = $this->db->fetch_object($resqllist);
$var = ! $var;
print '<tr ' . $bc [$var] . '>';

10
htdocs/core/lib/functions2.lib.php
View File

@@ -708,9 +708,10 @@ function array2table($data,$tableMarkup=1,$tableoptions='',$troptions='',$tdopti
* @param string $mode 'next' for next value or 'last' for last value
* @param bool $bentityon Activate the entity filter. Default is true (for modules not compatible with multicompany)
* @param User $objuser Object user we need data from.
* @param int $forceentity Entity id to force
* @return string New value (numeric) or error message
*/
function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$mode='next', $bentityon=true, $objuser=null)
function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$mode='next', $bentityon=true, $objuser=null, $forceentity=null)
{
global $conf,$user;
@@ -987,7 +988,8 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
$sql.= " AND ".$field." NOT LIKE '(PROV%)'";
if ($bentityon) // only if entity enable
$sql.= " AND entity IN (".getEntity($sharetable).")";
else if (! empty($forceentity))
$sql.= " AND entity = ".(int) $forceentity;
if ($where) $sql.=$where;
if ($sqlwhere) $sql.=' AND '.$sqlwhere;
@@ -1035,6 +1037,8 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
$sql.= " AND ".$field." NOT LIKE '%PROV%'";
if ($bentityon) // only if entity enable
$sql.= " AND entity IN (".getEntity($sharetable).")";
else if (! empty($forceentity))
$sql.= " AND entity = ".(int) $forceentity;
if ($where) $sql.=$where;
if ($sqlwhere) $sql.=' AND '.$sqlwhere;
@@ -1089,6 +1093,8 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
$maskrefclient_sql.= " WHERE ".$field." LIKE '".$maskrefclient_maskLike."'";
if ($bentityon) // only if entity enable
$maskrefclient_sql.= " AND entity IN (".getEntity($sharetable).")";
else if (! empty($forceentity))
$sql.= " AND entity = ".(int) $forceentity;
if ($where) $maskrefclient_sql.=$where; //use the same optional where as general mask
if ($sqlwhere) $maskrefclient_sql.=' AND '.$sqlwhere; //use the same sqlwhere as general mask
$maskrefclient_sql.=' AND (SUBSTRING('.$field.', '.(strpos($maskwithnocode,$maskrefclient)+1).', '.dol_strlen($maskrefclient_maskclientcode).")='".$maskrefclient_clientcode."')";

31
htdocs/core/lib/security.lib.php
View File

@@ -469,13 +469,32 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
{
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
if (($feature == 'user' || $feature == 'usergroup') && ! empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && ! $user->entity)
if (($feature == 'user' || $feature == 'usergroup') && ! empty($conf->multicompany->enabled))
{
if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))
{
if ($conf->entity == 1 && $user->admin && ! $user->entity)
{
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND dbt.entity IS NOT NULL";
}
else
{
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND (ug.fk_user = dbt.rowid";
$sql.= " AND ug.entity IN (".getEntity('user')."))";
$sql.= " OR dbt.entity = 0"; // Show always superadmin
}
}
else {
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
}
}
else
{
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
}
}
@@ -509,12 +528,12 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
else if (in_array($feature,$checkother)) // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).
{
// If external user: Check permission for external users
if ($user->societe_id > 0)
if ($user->socid > 0)
{
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND dbt.fk_soc = ".$user->societe_id;
$sql.= " AND dbt.fk_soc = ".$user->socid;
}
// If internal user: Check permission for internal users that are restricted on their objects
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
@@ -577,13 +596,13 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
else if (! in_array($feature,$nocheck)) // By default (case of $checkdefault), we check on object entity + link to third party on field $dbt_keyfield
{
// If external user: Check permission for external users
if ($user->societe_id > 0)
if ($user->socid > 0)
{
if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
$sql = "SELECT COUNT(dbt.".$dbt_keyfield.") as nb";
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.rowid IN (".$objectid.")";
$sql.= " AND dbt.".$dbt_keyfield." = ".$user->societe_id;
$sql.= " AND dbt.".$dbt_keyfield." = ".$user->socid;
}
// If internal user: Check permission for internal users that are restricted on their objects
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))

8
htdocs/core/modules/facture/doc/pdf_crabe.modules.php
View File

@@ -812,10 +812,10 @@ class pdf_crabe extends ModelePDFFactures
$y+=3;
$obj = $this->db->fetch_object($resql);
if ($obj->type == 2) $text=$outputlangs->trans("CreditNote");
elseif ($obj->type == 3) $text=$outputlangs->trans("Deposit");
elseif ($obj->type == 0) $text=$outputlangs->trans("ExcessReceived");
else $text=$outputlangs->trans("UnknownType");
if ($obj->type == 2) $text=$outputlangs->transnoentities("CreditNote");
elseif ($obj->type == 3) $text=$outputlangs->transnoentities("Deposit");
elseif ($obj->type == 0) $text=$outputlangs->transnoentities("ExcessReceived");
else $text=$outputlangs->transnoentities("UnknownType");
$invoice->fetch($obj->fk_facture_source);

5
htdocs/core/modules/propale/mod_propale_marbre.php
View File

@@ -108,12 +108,15 @@ class mod_propale_marbre extends ModeleNumRefPropales
{
global $db,$conf;
// Use object entity ID
$entity = ((isset($propal->entity) && is_numeric($propal->entity)) ? $propal->entity : $conf->entity);
// D'abord on recupere la valeur max
$posindice=8;
$sql = "SELECT MAX(CAST(SUBSTRING(ref FROM ".$posindice.") AS SIGNED)) as max"; // This is standard SQL
$sql.= " FROM ".MAIN_DB_PREFIX."propal";
$sql.= " WHERE ref LIKE '".$db->escape($this->prefix)."____-%'";
$sql.= " AND entity = ".$conf->entity;
$sql.= " AND entity = ".$entity;
$resql=$db->query($sql);
if ($resql)

11
htdocs/core/modules/propale/mod_propale_saphir.php
View File

@@ -115,8 +115,14 @@ class mod_propale_saphir extends ModeleNumRefPropales
require_once DOL_DOCUMENT_ROOT .'/core/lib/functions2.lib.php';
$constant = 'PROPALE_SAPHIR_MASK_'.$propal->entity;
// On defini critere recherche compteur
if (! empty($conf->global->$constant)) {
$mask = $conf->global->$constant; // for multicompany proposal sharing
} else {
$mask = $conf->global->PROPALE_SAPHIR_MASK;
}
if (! $mask)
{
@@ -124,9 +130,12 @@ class mod_propale_saphir extends ModeleNumRefPropales
return 0;
}
// Use object entity ID
$entity = ((isset($propal->entity) && is_numeric($propal->entity)) ? $propal->entity : $conf->entity);
$date = $propal->date;
$numFinal=get_next_value($db,$mask,'propal','ref','',$objsoc,$date);
$numFinal=get_next_value($db,$mask,'propal','ref','',$objsoc,$date,'next',false,null,$entity);
return $numFinal;
}

2
htdocs/core/tpl/notes.tpl.php
View File

@@ -71,7 +71,7 @@ elseif ($module == 'shipping') { $permission=$user->rights->expedition->cr
elseif ($module == 'product') { $permission=$user->rights->produit->creer;}
//else dol_print_error('','Bad value '.$module.' for param module');
if (! empty($conf->global->FCKEDITOR_ENABLE_SOCIETE)) $typeofdata='ckeditor:dolibarr_notes:100%:200::1:12:95%'; // Rem: This var is for all notes, not only thirdparties note.
if (! empty($conf->fckeditor->enabled) && ! empty($conf->global->FCKEDITOR_ENABLE_SOCIETE)) $typeofdata='ckeditor:dolibarr_notes:100%:200::1:12:95%'; // Rem: This var is for all notes, not only thirdparties note.
else $typeofdata='textarea:12:95%';
print '<!-- BEGIN PHP TEMPLATE NOTES -->'."\n";

8
htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php
View File

@@ -94,7 +94,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
if ($action == 'ORDER_CLASSIFY_BILLED')
{
dol_syslog( "Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id );
if (! empty($conf->propal->enabled) && ! empty($conf->global->WORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL))
if (! empty($conf->propal->enabled) && ! empty($conf->workflow->enabled) && ! empty($conf->global->WORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL))
{
$object->fetchObjectLinked('','propal',$object->id,$object->element);
if (! empty($object->linkedObjects))
@@ -123,7 +123,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
dol_syslog( "Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id );
// First classify billed the order to allow the proposal classify process
if (! empty($conf->commande->enabled) && ! empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER))
if (! empty($conf->commande->enabled) && ! empty($conf->workflow->enabled) && ! empty($conf->global->WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_ORDER))
{
$object->fetchObjectLinked('','commande',$object->id,$object->element);
if (! empty($object->linkedObjects))
@@ -146,7 +146,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
}
// Second classify billed the proposal.
if (! empty($conf->propal->enabled) && ! empty($conf->global->WORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL))
if (! empty($conf->propal->enabled) && ! empty($conf->workflow->enabled) && ! empty($conf->global->WORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL))
{
$object->fetchObjectLinked('','propal',$object->id,$object->element);
if (! empty($object->linkedObjects))
@@ -253,7 +253,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
{
dol_syslog( "Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id );
if (! empty($conf->commande->enabled) && ! empty($conf->expedition->enabled) && ! empty($conf->global->WORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING))
if (! empty($conf->commande->enabled) && ! empty($conf->expedition->enabled) && ! empty($conf->workflow->enabled) && ! empty($conf->global->WORKFLOW_ORDER_CLASSIFY_SHIPPED_SHIPPING))
{
$qtyshipped=array();
$qtyordred=array();

4
htdocs/install/mysql/tables/llx_product_fournisseur_price.sql
View File

@@ -51,6 +51,6 @@ create table llx_product_fournisseur_price
fk_multicurrency integer,
multicurrency_code varchar(255),
multicurrency_tx double(24,8) DEFAULT 1,
multicurrency_price double(24,8) DEFAULT NULL,
multicurrency_price_ttc double(24,8) DEFAULT NULL
multicurrency_unitprice double(24,8) DEFAULT NULL, -- unit price without tax
multicurrency_price double(24,8) DEFAULT NULL
)ENGINE=innodb;

4
htdocs/install/mysql/tables/llx_product_fournisseur_price_log.sql
View File

@@ -29,6 +29,6 @@ create table llx_product_fournisseur_price_log
fk_multicurrency integer,
multicurrency_code varchar(255),
multicurrency_tx double(24,8) DEFAULT 1,
multicurrency_price double(24,8) DEFAULT NULL,
multicurrency_price_ttc double(24,8) DEFAULT NULL
multicurrency_unitprice double(24,8) DEFAULT NULL, -- unit price without tax
multicurrency_price double(24,8) DEFAULT NULL
)ENGINE=innodb;

12
htdocs/install/step1.php
View File

@@ -47,16 +47,16 @@ $main_data_dir = GETPOST('main_data_dir') ? GETPOST('main_data_dir') : (empty($a
// Dolibarr root URL
$main_url = GETPOST('main_url')?GETPOST('main_url'):(empty($argv[5])?'':$argv[5]);
// Database login informations
$userroot=GETPOST('db_user_root')?GETPOST('db_user_root'):(empty($argv[6])?'':$argv[6]);
$passroot=GETPOST('db_pass_root')?GETPOST('db_pass_root'):(empty($argv[7])?'':$argv[7]);
$userroot=GETPOST('db_user_root','alpha')?GETPOST('db_user_root','alpha'):(empty($argv[6])?'':$argv[6]);
$passroot=GETPOST('db_pass_root','none')?GETPOST('db_pass_root','none'):(empty($argv[7])?'':$argv[7]);
// Database server
$db_type=GETPOST('db_type','alpha')?GETPOST('db_type','alpha'):(empty($argv[8])?'':$argv[8]);
$db_type=GETPOST('db_type','aZ09')?GETPOST('db_type','aZ09'):(empty($argv[8])?'':$argv[8]);
$db_host=GETPOST('db_host','alpha')?GETPOST('db_host','alpha'):(empty($argv[9])?'':$argv[9]);
$db_name=GETPOST('db_name','alpha')?GETPOST('db_name','alpha'):(empty($argv[10])?'':$argv[10]);
$db_name=GETPOST('db_name','aZ09')?GETPOST('db_name','aZ09'):(empty($argv[10])?'':$argv[10]);
$db_user=GETPOST('db_user','alpha')?GETPOST('db_user','alpha'):(empty($argv[11])?'':$argv[11]);
$db_pass=GETPOST('db_pass')?GETPOST('db_pass'):(empty($argv[12])?'':$argv[12]);
$db_pass=GETPOST('db_pass','none')?GETPOST('db_pass','none'):(empty($argv[12])?'':$argv[12]);
$db_port=GETPOST('db_port','int')?GETPOST('db_port','int'):(empty($argv[13])?'':$argv[13]);
$db_prefix=GETPOST('db_prefix','alpha')?GETPOST('db_prefix','alpha'):(empty($argv[14])?'':$argv[14]);
$db_prefix=GETPOST('db_prefix','aZ09')?GETPOST('db_prefix','aZ09'):(empty($argv[14])?'':$argv[14]);
$db_create_database = GETPOST('db_create_database','none')?GETPOST('db_create_database','none'):(empty($argv[15])?'':$argv[15]);
$db_create_user = GETPOST('db_create_user','none')?GETPOST('db_create_user','none'):(empty($argv[16])?'':$argv[16]);
// Force https

2
htdocs/langs/en_US/admin.lang
View File

@@ -605,7 +605,7 @@ Module4000Desc=Human resources management (management of department, employee co
Module5000Name=Multi-company
Module5000Desc=Allows you to manage multiple companies
Module6000Name=Workflow
Module6000Desc=Workflow management
Module6000Desc=Workflow management (automatic creation of object and/or automatic status change)
Module10000Name=Websites
Module10000Desc=Create public websites with a WYSIWG editor. Just setup your web server (Apache, Nginx, ...) to point to the dedicated Dolibarr directory to have it online on the Internet with your own domain name.
Module20000Name=Leave Requests management

4
htdocs/projet/activity/perday.php
View File

@@ -331,7 +331,7 @@ if ($id)
$onlyopenedproject=1; // or -1
$morewherefilter='';
if ($search_project_ref) $morewherefilter.=natural_search("p.ref", $search_project_ref);
if ($search_project_ref) $morewherefilter.=natural_search(array("p.ref", "p.title"), $search_project_ref);
if ($search_task_ref) $morewherefilter.=natural_search("t.ref", $search_task_ref);
if ($search_task_label) $morewherefilter.=natural_search(array("t.ref", "t.label"), $search_task_label);
if ($search_thirdparty) $morewherefilter.=natural_search("s.nom", $search_thirdparty);
@@ -516,7 +516,7 @@ if (! empty($conf->global->MAIN_DEFAULT_WORKING_DAYS))
}
$statusofholidaytocheck = '3';
$isavailablefordayanduser = $holiday->verifDateHolidayForTimestamp($usertoprocess->id, $daytoparse, $statusofholiday); // $daytoparse is a date with hours = 0
$isavailablefordayanduser = $holiday->verifDateHolidayForTimestamp($usertoprocess->id, $daytoparse, $statusofholidaytocheck); // $daytoparse is a date with hours = 0
$isavailable[$daytoparse]=$isavailablefordayanduser; // in projectLinesPerWeek later, we are using $firstdaytoshow and dol_time_plus_duree to loop on each day
$tmparray = dol_getdate($daytoparse,true); // detail of current day

2
htdocs/projet/activity/perweek.php
View File

@@ -334,7 +334,7 @@ if ($id)
$onlyopenedproject=1; // or -1
$morewherefilter='';
if ($search_project_ref) $morewherefilter.=natural_search("p.ref", $search_project_ref);
if ($search_project_ref) $morewherefilter.=natural_search(array("p.ref", "p.title"), $search_project_ref);
if ($search_task_ref) $morewherefilter.=natural_search("t.ref", $search_task_ref);
if ($search_task_label) $morewherefilter.=natural_search(array("t.ref", "t.label"), $search_task_label);
if ($search_thirdparty) $morewherefilter.=natural_search("s.nom", $search_thirdparty);

4
htdocs/projet/class/project.class.php
View File

@@ -1727,7 +1727,7 @@ class Project extends CommonObject
// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
//if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
$sql.= " WHERE p.fk_statut = 1";
$sql.= " AND p.entity IN (".getEntity('project', 0).')';
$sql.= " AND p.entity IN (".getEntity('project').')';
if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
//if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
@@ -1803,7 +1803,7 @@ class Project extends CommonObject
$sql = "SELECT count(p.rowid) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql.= " WHERE";
$sql.= " p.entity IN (".getEntity('projet').")";
$sql.= " p.entity IN (".getEntity('project').")";
if (! $user->rights->projet->all->lire)
{
$projectsListId = $this->getProjectsAuthorizedForUser($user,0,1);