FIX SQL syntax error when editing extrafields

Conflicts:
	htdocs/core/lib/security.lib.php

htdocs/core/lib/security.lib.php

@@ -223,52 +223,39 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
 
 	// Check read permission from module
 	$readok = 1; $nbko = 0;
-	foreach ($featuresarray as $feature)	// first we check nb of test ko
-	{
+	foreach ($featuresarray as $feature) {	// first we check nb of test ko
 		$featureforlistofmodule = $feature;
 		if ($featureforlistofmodule == 'produit') $featureforlistofmodule = 'product';
-		if (!empty($user->socid) && !empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && !in_array($featureforlistofmodule, $listofmodules))	// If limits on modules for external users, module must be into list of modules for external users
-		{
+		if (!empty($user->socid) && !empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && !in_array($featureforlistofmodule, $listofmodules)) {	// If limits on modules for external users, module must be into list of modules for external users
 			$readok = 0; $nbko++;
 			continue;
 		}
 
 		if ($feature == 'societe') {
 			if (!$user->rights->societe->lire && !$user->rights->fournisseur->lire) { $readok = 0; $nbko++; }
-		}
-		elseif ($feature == 'contact') {
+		} elseif ($feature == 'contact') {
 			if (!$user->rights->societe->contact->lire) { $readok = 0; $nbko++; }
-		}
-		elseif ($feature == 'produit|service') {
+		} elseif ($feature == 'produit|service') {
 			if (!$user->rights->produit->lire && !$user->rights->service->lire) { $readok = 0; $nbko++; }
-		}
-		elseif ($feature == 'prelevement') {
+		} elseif ($feature == 'prelevement') {
 			if (!$user->rights->prelevement->bons->lire) { $readok = 0; $nbko++; }
-		}
-		elseif ($feature == 'cheque') {
+		} elseif ($feature == 'cheque') {
 			if (!$user->rights->banque->cheque) { $readok = 0; $nbko++; }
-		}
-		elseif ($feature == 'projet') {
+		} elseif ($feature == 'projet') {
 			if (!$user->rights->projet->lire && !$user->rights->projet->all->lire) { $readok = 0; $nbko++; }
-		}
-		elseif (!empty($feature2))														// This is for permissions on 2 levels
-		{
+		} elseif (!empty($feature2)) { 													// This is for permissions on 2 levels
 			$tmpreadok = 1;
-			foreach ($feature2 as $subfeature)
-			{
+			foreach ($feature2 as $subfeature) {
 				if ($subfeature == 'user' && $user->id == $objectid) continue; // A user can always read its own card
 				if (!empty($subfeature) && empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) { $tmpreadok = 0; }
 				elseif (empty($subfeature) && empty($user->rights->$feature->lire) && empty($user->rights->$feature->read)) { $tmpreadok = 0; }
 				else { $tmpreadok = 1; break; } // Break is to bypass second test if the first is ok
 			}
-			if (!$tmpreadok)	// We found a test on feature that is ko
-			{
+			if (!$tmpreadok) {	// We found a test on feature that is ko
 				$readok = 0; // All tests are ko (we manage here the and, the or will be managed later using $nbko).
 				$nbko++;
 			}
-		}
-		elseif (!empty($feature) && ($feature != 'user' && $feature != 'usergroup'))		// This is permissions on 1 level
-		{
+		} elseif (!empty($feature) && ($feature != 'user' && $feature != 'usergroup')) {		// This is permissions on 1 level
 			if (empty($user->rights->$feature->lire)
 				&& empty($user->rights->$feature->read)
 				&& empty($user->rights->$feature->run)) { $readok = 0; $nbko++; }
@@ -292,29 +279,21 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
 		{
 			if ($feature == 'contact') {
 				if (!$user->rights->societe->contact->creer) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'produit|service') {
+			} elseif ($feature == 'produit|service') {
 				if (!$user->rights->produit->creer && !$user->rights->service->creer) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'prelevement') {
+			} elseif ($feature == 'prelevement') {
 				if (!$user->rights->prelevement->bons->creer) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'commande_fournisseur') {
+			} elseif ($feature == 'commande_fournisseur') {
 				if (!$user->rights->fournisseur->commande->creer) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'banque') {
+			} elseif ($feature == 'banque') {
 				if (!$user->rights->banque->modifier) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'cheque') {
+			} elseif ($feature == 'cheque') {
 				if (!$user->rights->banque->cheque) { $createok = 0; $nbko++; }
-			}
-			elseif ($feature == 'ecm') {
+			} elseif ($feature == 'ecm') {
 				if (!$user->rights->ecm->upload) { $createok = 0; $nbko++; }
 			}
-			elseif (!empty($feature2))														// This is for permissions on one level
-			{
-				foreach ($feature2 as $subfeature)
-				{
+			elseif (!empty($feature2)) {														// This is for permissions on one level
+				foreach ($feature2 as $subfeature) {
 					if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->creer) continue; // User can edit its own card
 					if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->password) continue; // User can edit its own password
 
@@ -329,10 +308,8 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
 						break;
 					}
 				}
-			}
-			elseif (!empty($feature))														// This is for permissions on 2 levels ('creer' or 'write')
-			{
-				//print '<br>feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write;
+			} elseif (!empty($feature))	{												// This is for permissions on 2 levels ('creer' or 'write')
+				//print '<br>feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write; exit;
 				if (empty($user->rights->$feature->creer)
 				&& empty($user->rights->$feature->write)
 				&& empty($user->rights->$feature->create)) {