Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

New: getEntity function use true $shared value by default

Browse Source
This commit is contained in:
Regis Houssin
2017-05-30 18:50:54 +02:00
parent d9cdad6a77
commit 5c5663c5ae
237 changed files with 456 additions and 454 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/core/lib/files.lib.php
View File

@@ -1946,7 +1946,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
$accessallowed=1;
}
$original_file=$conf->societe->multidir_output[$entity].'/'.$original_file;
$sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$db->escape($refname)."' AND entity IN (".getEntity('societe', 1).")";
$sqlprotectagainstexternals = "SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX."societe WHERE rowid='".$db->escape($refname)."' AND entity IN (".getEntity('societe').")";
}
// Wrapping for contact
@@ -2087,7 +2087,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
$accessallowed=1;
}
$original_file=$conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project', 1).")";
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")";
}
else if ($modulepart == 'project_task' && !empty($conf->projet->dir_output))
{
@@ -2096,7 +2096,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
$accessallowed=1;
}
$original_file=$conf->projet->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project', 1).")";
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")";
}
// Wrapping pour les commandes fournisseurs
@@ -2210,7 +2210,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
$accessallowed=1;
}
$original_file=$conf->contrat->dir_output.'/'.$original_file;
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."contrat WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('contract', 1).")";
$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."contrat WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('contract').")";
}
// Wrapping pour les dons