diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index a17f6f27259..3465b3478a0 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -628,7 +628,7 @@ class Contact extends CommonObject if ($this->birthday_alert) { //check existing - $sql_check = "SELECT * FROM ".MAIN_DB_PREFIX."user_alert WHERE type=1 AND fk_contact=".$this->db->escape($id)." AND fk_user=".$user->id; + $sql_check = "SELECT rowid FROM ".MAIN_DB_PREFIX."user_alert WHERE type=1 AND fk_contact=".$this->db->escape($id)." AND fk_user=".$user->id; $result_check = $this->db->query($sql_check); if (! $result_check || ($this->db->num_rows($result_check)<1)) { diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php index cb4e7ef9e5a..3b381bc5796 100644 --- a/htdocs/core/class/utils.class.php +++ b/htdocs/core/class/utils.class.php @@ -1004,7 +1004,7 @@ class Utils if (GETPOST("nobin_disable_fk")) fwrite($handle, "ALTER TABLE `".$table."` DISABLE KEYS;\n"); else fwrite($handle, "/*!40000 ALTER TABLE `".$table."` DISABLE KEYS */;\n"); - $sql='SELECT * FROM '.$table; + $sql='SELECT * FROM '.$table; // Here SELECT * is allowed because we don't have definition of columns to take $result = $db->query($sql); while($row = $db->fetch_row($result)) { diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index ecdebb1c27a..24f01827e15 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -7928,7 +7928,7 @@ function getDictvalue($tablename, $field, $id, $checkentity = false, $rowidfield if (!isset($dictvalues[$tablename])) { $dictvalues[$tablename] = array(); - $sql = 'SELECT * FROM '.$tablename.' WHERE 1'; + $sql = 'SELECT * FROM '.$tablename.' WHERE 1'; // Here select * is allowed as it is generic code and we don't have list of fields if ($checkentity) $sql.= ' AND entity IN (0,'.getEntity($tablename).')'; $resql = $db->query($sql); diff --git a/htdocs/expensereport/export_csv.php b/htdocs/expensereport/export_csv.php deleted file mode 100644 index d3f2518a53c..00000000000 --- a/htdocs/expensereport/export_csv.php +++ /dev/null @@ -1,195 +0,0 @@ - - * Copyright (C) 2018 Frédéric France - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -/** - * \file htdocs/expensereport/index.php - * \ingroup expensereport - * \brief Page list of expenses - */ - -require '../main.inc.php'; -require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; -require_once DOL_DOCUMENT_ROOT . '/expensereport/class/expensereport.class.php'; - -// Load translation files required by the page -$langs->loadlangs(array('users', 'trips')); - -if(!$user->rights->expensereport->export_csv) { - accessforbidden(); - exit(); -} - -// Security check -$socid = $_GET["socid"]?$_GET["socid"]:''; -if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'expensereport', '', ''); - -$req = "SELECT * FROM ".MAIN_DB_PREFIX."rights_def WHERE id = '178'"; -$result = $db->query($req); -$num = $db->num_rows($result); - -if($num < 1) { - $insert = "INSERT INTO ".MAIN_DB_PREFIX."rights_def ("; - $insert.= "`id` ,"; - $insert.= "`libelle` ,"; - $insert.= "`module` ,"; - $insert.= "`entity` ,"; - $insert.= "`perms` ,"; - $insert.= "`subperms` ,"; - $insert.= "`type` ,"; - $insert.= "`bydefault`"; - $insert.= ")"; - $insert.= "VALUES ("; - $insert.= "'178', 'Exporter les notes de frais au format CSV', 'expensereport', '1', 'export_csv', NULL , 'r', '0'"; - $insert.= ")"; - - $req = $db->query($insert); -} - - -/* - * View - */ - -llxHeader(); - -print load_fiche_titre($langs->trans("ExportTripCSV")); - -print '
'; - -print '
'; -print ''; -print '

Choisir le mois à exporter : '; - -$year = date('Y', time()); -$month = date('m', time()); - -print ' '; - -print ' '; - -print ''; -print '

'; -print '
'."\n"; - -// Si c'est une action -if (isset($_POST['action'])) -{ - if($_POST['action'] == 'export') - { - $dateselected = $_POST['annee'].'-'.$_POST['mois']; - - //var_dump($conf->expensereport->dir_output.'/export/'); - if (!file_exists($conf->expensereport->dir_output.'/export/')) - { - dol_mkdir($conf->expensereport->dir_output.'/export/'); - } - - $dir = $conf->expensereport->dir_output.'/export/expensereport-'.$dateselected.'.csv'; - $outputlangs = $langs; - $outputlangs->charset_output = 'UTF-8'; - - $sql = "SELECT d.rowid, d.ref, d.total_ht, d.total_tva, d.total_ttc"; - $sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d"; - $sql.= ' AND d.entity IN ('.getEntity('expensereport').')'; - $sql.= " ORDER BY d.rowid"; - - $result = $db->query($sql); - $num = $db->num_rows($result); - if ($num) - { - $open = fopen($dir, "w+"); - - $ligne = "ID, Référence, ----, Date paiement, Montant HT, TVA, Montant TTC\n"; - for ($i = 0; $i < $num; $i++) - { - $ligne.= "----, ----, ----, ----, ----, ----, ----\n"; - $objet = $db->fetch_object($result); - $objet->total_ht = number_format($objet->total_ht, 2); - $objet->total_tva = number_format($objet->total_tva, 2); - $objet->total_ttc = number_format($objet->total_ttc, 2); - $objet->ref = trim($objet->ref); - $ligne.= "{$objet->rowid}, {$objet->ref}, ----, {$objet->total_ht}, {$objet->total_tva}, {$objet->total_ttc}\n"; - - $ligne.= "--->, Ligne, Type, Description, ----, ----, ----\n"; - - - $sql2 = "SELECT de.rowid, t.label as libelle, de.comments, de.total_ht, de.total_tva, de.total_ttc"; - $sql2.= " FROM ".MAIN_DB_PREFIX."expensereport_det as de,"; - $sql2.= " ".MAIN_DB_PREFIX."c_type_fees as t"; - $sql2.= " WHERE de.fk_c_type_fees = t.id"; - $sql2.= " AND de.fk_expensereport = '".$objet->rowid."'"; - $sql2.= " ORDER BY de.date"; - - $result2 = $db->query($sql2); - $num2 = $db->num_rows($result2); - - if($num2) { - for ($a = 0; $a < $num2; $a++) - { - $objet2 = $db->fetch_object($result2); - $objet2->total_ht = number_format($objet2->total_ht, 2); - $objet2->total_tva = number_format($objet2->total_tva, 2); - $objet2->total_ttc = number_format($objet2->total_ttc, 2); - $objet2->comments = str_replace(',', ';', $objet2->comments); - $objet2->comments = str_replace("\r\n", ' ', $objet2->comments); - $objet2->comments = str_replace("\n", ' ', $objet2->comments); - - $ligne.= "--->, {$objet2->rowid}, {$objet2->libelle}, {$objet2->comments}, {$objet2->total_ht}, {$objet2->total_tva}, {$objet2->total_ttc}\n"; - } - } - } - - $ligne = $outputlangs->convToOutputCharset($ligne); - - fwrite($open, $ligne); - fclose($open); - - print 'Télécharger le fichier expensereport-'.$dateselected.'.csv'; - } else { - print ''.$langs->trans('NoTripsToExportCSV').''; - } - } -} - -print '
'; - -// End of page -llxFooter(); -$db->close(); diff --git a/htdocs/install/lib/repair.lib.php b/htdocs/install/lib/repair.lib.php index 98eac2437fa..dc6544fc2be 100644 --- a/htdocs/install/lib/repair.lib.php +++ b/htdocs/install/lib/repair.lib.php @@ -72,7 +72,7 @@ function checkLinkedElements($sourcetype, $targettype) $out = $langs->trans('SourceType').': '.$sourcetype.' => '.$langs->trans('TargetType').': '.$targettype.' '; - $sql = 'SELECT * FROM '.MAIN_DB_PREFIX .'element_element'; + $sql = 'SELECT rowid, fk_source, fk_target FROM '.MAIN_DB_PREFIX .'element_element'; $sql.= ' WHERE sourcetype="'.$sourcetype.'" AND targettype="'.$targettype.'"'; $resql=$db->query($sql); if ($resql) diff --git a/htdocs/mrp/index.php b/htdocs/mrp/index.php index b6c20cde620..098aef21144 100644 --- a/htdocs/mrp/index.php +++ b/htdocs/mrp/index.php @@ -60,17 +60,9 @@ print '
'; if ($conf->use_javascript_ajax) { -/* $sql = "SELECT p.fk_opp_status as opp_status, cls.code, COUNT(p.rowid) as nb, SUM(p.opp_amount) as opp_amount, SUM(p.opp_amount * p.opp_percent) as ponderated_opp_amount"; - $sql.= " FROM ".MAIN_DB_PREFIX."mrp_xxx as p"; - $sql.= " WHERE p.entity IN (".getEntity('project').")"; - $sql.= " AND p.fk_opp_status = cls.rowid"; - $sql.= " AND p.fk_statut = 1"; // Opend projects only - if ($mine || empty($user->rights->projet->all->lire)) $sql.= " AND p.rowid IN (".$projectsListId.")"; - if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; - $sql.= " GROUP BY p.fk_opp_status, cls.code"; - */ - $sql= "SELECT * FROM ".MAIN_DB_PREFIX."bom_bom WHERE 1 = 2"; - + $sql= "SELECT COUNT(t.rowid) as nb, status"; + $sql.=" FROM ".MAIN_DB_PREFIX."mrp_mo as t"; + $sql.=" GROUP BY t.status"; $resql = $db->query($sql); if ($resql) @@ -79,11 +71,6 @@ if ($conf->use_javascript_ajax) $i = 0; $totalnb=0; - $totaloppnb=0; - $totalamount=0; - $ponderated_opp_amount=0; - $valsnb=array(); - $valsamount=array(); $dataseries=array(); // -1=Canceled, 0=Draft, 1=Validated, (2=Accepted/On process not managed for customer orders), 3=Closed (Sent/Received, billed or not) while ($i < $num) @@ -93,50 +80,18 @@ if ($conf->use_javascript_ajax) { //if ($row[1]!=-1 && ($row[1]!=3 || $row[2]!=1)) { - $valsnb[$obj->opp_status]=$obj->nb; - $valsamount[$obj->opp_status]=$obj->opp_amount; + $dataseries[$obj->status]=$obj->nb; $totalnb+=$obj->nb; - if ($obj->opp_status) $totaloppnb+=$obj->nb; - if (! in_array($obj->code, array('WON', 'LOST'))) - { - $totalamount+=$obj->opp_amount; - $ponderated_opp_amount+=$obj->ponderated_opp_amount; - } } - $total+=$row[0]; } $i++; } $db->free($resql); - $ponderated_opp_amount = $ponderated_opp_amount / 100; - print '
'; print ''; print ''."\n"; - /*$listofstatus=array_keys($listofoppstatus); - foreach ($listofstatus as $status) - { - $labelstatus = ''; - - $code = dol_getIdFromCode($db, $status, 'c_lead_status', 'rowid', 'code'); - if ($code) $labelstatus = $langs->trans("OppStatus".$code); - if (empty($labelstatus)) $labelstatus=$listofopplabel[$status]; - - //$labelstatus .= ' ('.$langs->trans("Coeff").': '.price2num($listofoppstatus[$status]).')'; - //$labelstatus .= ' - '.price2num($listofoppstatus[$status]).'%'; - - $dataseries[]=array($labelstatus, (isset($valsamount[$status])?(float) $valsamount[$status]:0)); - if (! $conf->use_javascript_ajax) - { - - print ''; - print ''; - print ''; - print "\n"; - } - }*/ - if ($conf->use_javascript_ajax) + if ($conf->use_javascript_ajax) { print ''; } - //if ($totalinprocess != $total) print "
'.$langs->trans("Statistics").'
'.$labelstatus.''.price((isset($valsamount[$status])?(float) $valsamount[$status]:0), 0, '', 1, -1, -1, $conf->currency).'
'; @@ -149,11 +104,10 @@ if ($conf->use_javascript_ajax) $dolgraph->setWidth('100%'); $dolgraph->SetHeight(180); $dolgraph->draw('idgraphstatus'); - print $dolgraph->show($totaloppnb?0:1); + print $dolgraph->show($totalnb?0:1); print '
"; print "
"; diff --git a/htdocs/product/admin/price_rules.php b/htdocs/product/admin/price_rules.php index 885af18d63d..ea3f8b5e663 100644 --- a/htdocs/product/admin/price_rules.php +++ b/htdocs/product/admin/price_rules.php @@ -97,7 +97,8 @@ if ($_POST) { * View */ -$sql = "SELECT * FROM ".MAIN_DB_PREFIX."product_pricerules"; +$sql = "SELECT rowid, level, fk_level, var_percent, var_min_percent"; +$sql.= " FROM ".MAIN_DB_PREFIX."product_pricerules"; $query = $db->query($sql); $rules = array(); diff --git a/htdocs/takepos/ajax/ajax.php b/htdocs/takepos/ajax/ajax.php index 3574b4d29a2..69228b5efb5 100644 --- a/htdocs/takepos/ajax/ajax.php +++ b/htdocs/takepos/ajax/ajax.php @@ -45,18 +45,31 @@ $term = GETPOST('term', 'alpha'); if ($action=="getProducts") { $object = new Categorie($db); $result=$object->fetch($category); - $prods = $object->getObjectsInCateg("product"); - echo json_encode($prods); + if ($result) + { + $prods = $object->getObjectsInCateg("product"); + echo json_encode($prods); + } + else + { + echo 'Failed to load category with id='.$category; + } } elseif ($action=="search" && $term != '') { - $sql = 'SELECT * FROM '.MAIN_DB_PREFIX.'product'; + $sql = 'SELECT rowid, ref, label, tosell, tobuy FROM '.MAIN_DB_PREFIX.'product'; $sql.= ' WHERE entity IN ('.getEntity('product').')'; $sql.= ' AND tosell = 1'; $sql.= natural_search(array('ref','label','barcode'), $term); $resql = $db->query($sql); - $rows = array(); - while ($row = $db->fetch_array($resql)) { - $rows[] = $row; - } - echo json_encode($rows); + if ($resql) + { + $rows = array(); + while ($row = $db->fetch_object($resql)) { + $rows[] = $row; + } + echo json_encode($rows); + } + else { + echo 'Failed to search product : '.$db->lasterror(); + } } diff --git a/htdocs/takepos/takepos.php b/htdocs/takepos/takepos.php index 37258da056c..eec367b1af0 100644 --- a/htdocs/takepos/takepos.php +++ b/htdocs/takepos/takepos.php @@ -254,7 +254,7 @@ function LoadProducts(position, issubcat) { idata=0; //product data counter $.getJSON('/takepos/ajax/ajax.php?action=getProducts&category='+currentcat, function(data) { console.log("Call ajax.php (in LoadProducts) to get Products of category "+currentcat+" then loop on result to fill image thumbs"); - + console.log(data); while (ishow < maxproduct) { //console.log("ishow"+ishow+" idata="+idata); console.log(data[idata]);