Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Security does not need special case

Browse Source
This commit is contained in:
Laurent Destailleur
2013-03-24 21:06:45 +01:00
parent 2b03420445
commit 4e029bf2ca
9 changed files with 33 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/fourn/commande/dispatch.php
View File

@@ -44,7 +44,7 @@ $langs->load('stocks');
// Security check
$id = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'commande_fournisseur', $id,'');
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
if (empty($conf->stock->enabled))
{
@@ -84,7 +84,7 @@ if ($_POST["action"] == 'dispatch' && $user->rights->fournisseur->commande->rece
}
}
}
if (! $notrigger)
{
global $conf, $langs, $user;
@@ -94,7 +94,7 @@ if ($_POST["action"] == 'dispatch' && $user->rights->fournisseur->commande->rece
$result_trigger=$interface->run_triggers('ORDER_SUPPLIER_DISPATCH',$this,$user,$langs,$conf);
if ($result_trigger < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
$this->db->commit();
}
@@ -282,7 +282,7 @@ if ($id > 0 || ! empty($ref))
print '<a href="'.DOL_URL_ROOT.'/product/fournisseurs.php?id='.$objp->fk_product.'">'.img_object($langs->trans("ShowProduct"),'product').' '.$objp->ref.'</a>';
print ' - '.$objp->label;
// To show detail cref and description value, we must make calculation by cref
//print ($objp->cref?' ('.$objp->cref.')':'');
//print ($objp->cref?' ('.$objp->cref.')':'');
//if ($objp->description) print '<br>'.nl2br($objp->description);
print '<input name="product_'.$i.'" type="hidden" value="'.$objp->fk_product.'">';
print '<input name="pu_'.$i.'" type="hidden" value="'.$objp->subprice.'">';