From 924923ec41cfbb15a389861cff0dbf4be29c896c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 7 Nov 2020 19:39:51 +0100 Subject: [PATCH] Fix warning --- htdocs/product/fournisseurs.php | 8 +- htdocs/user/class/user.class.php | 137 +++++++++++++++----------- htdocs/user/class/usergroup.class.php | 38 ++++--- 3 files changed, 104 insertions(+), 79 deletions(-) diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index ef3da905990..2826d2fe4e3 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -300,9 +300,9 @@ if (empty($reshook)) $multicurrency_price = price2num(GETPOST("multicurrency_price", 'alpha')); $multicurrency_code = GETPOST("multicurrency_code", 'alpha'); - $ret = $object->update_buyprice($quantity, $newprice, $user, $_POST["price_base_type"], $supplier, $_POST["oselDispo"], $ref_fourn, $tva_tx, $_POST["charges"], $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', $multicurrency_price, $_POST["multicurrency_price_base_type"], $multicurrency_tx, $multicurrency_code, $supplier_description, $barcode, $fk_barcode_type); + $ret = $object->update_buyprice($quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOST("oselDispo"), $ref_fourn, $tva_tx, GETPOST("charges"), $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', $multicurrency_price, GETPOST("multicurrency_price_base_type"), $multicurrency_tx, $multicurrency_code, $supplier_description, $barcode, $fk_barcode_type); } else { - $ret = $object->update_buyprice($quantity, $newprice, $user, $_POST["price_base_type"], $supplier, $_POST["oselDispo"], $ref_fourn, $tva_tx, $_POST["charges"], $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', 0, 'HT', 1, '', $supplier_description, $barcode, $fk_barcode_type); + $ret = $object->update_buyprice($quantity, $newprice, $user, GETPOST("price_base_type"), $supplier, GETPOST("oselDispo"), $ref_fourn, $tva_tx, GETPOST("charges"), $remise_percent, 0, $npr, $delivery_time_days, $supplier_reputation, array(), '', 0, 'HT', 1, '', $supplier_description, $barcode, $fk_barcode_type); } if ($ret < 0) { @@ -655,7 +655,7 @@ if ($id > 0 || $ref) } $currencies = json_encode($currencies); - print << -SCRIPT; +END; } else { // Price qty min print ''.$langs->trans("PriceQtyMin").''; diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index e0f2369ded3..e375e05ffc1 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -642,31 +642,36 @@ class User extends CommonObject $this->db->begin(); if (!empty($rid)) { + $module = $perms = $subperms = ''; + // Si on a demande ajout d'un droit en particulier, on recupere // les caracteristiques (module, perms et subperms) de ce droit. $sql = "SELECT module, perms, subperms"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def"; - $sql .= " WHERE id = '".$this->db->escape($rid)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " WHERE id = ".((int) $rid); + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); - $module = $obj->module; - $perms = $obj->perms; - $subperms = $obj->subperms; + + if ($obj) { + $module = $obj->module; + $perms = $obj->perms; + $subperms = $obj->subperms; + } } else { $error++; dol_print_error($this->db); } // Where pour la liste des droits a ajouter - $whereforadd = "id=".$this->db->escape($rid); + $whereforadd = "id=".((int) $rid); // Ajout des droits induits if (!empty($subperms)) { - $whereforadd .= " OR (module='$module' AND perms='$perms' AND (subperms='lire' OR subperms='read'))"; + $whereforadd .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND (subperms='lire' OR subperms='read'))"; } elseif (!empty($perms)) { - $whereforadd .= " OR (module='$module' AND (perms='lire' OR perms='read') AND subperms IS NULL)"; + $whereforadd .= " OR (module='".$this->db->escape($module)."' AND (perms='lire' OR perms='read') AND subperms IS NULL)"; } } else { // On a pas demande un droit en particulier mais une liste de droits @@ -763,6 +768,8 @@ class User extends CommonObject $this->db->begin(); if (!empty($rid)) { + $module = $perms = $subperms = ''; + // Si on a demande supression d'un droit en particulier, on recupere // les caracteristiques module, perms et subperms de ce droit. $sql = "SELECT module, perms, subperms"; @@ -773,22 +780,25 @@ class User extends CommonObject $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); - $module = $obj->module; - $perms = $obj->perms; - $subperms = $obj->subperms; + + if ($obj) { + $module = $obj->module; + $perms = $obj->perms; + $subperms = $obj->subperms; + } } else { $error++; dol_print_error($this->db); } // Where pour la liste des droits a supprimer - $wherefordel = "id=".$this->db->escape($rid); + $wherefordel = "id=".((int) $rid); // Suppression des droits induits if ($subperms == 'lire' || $subperms == 'read') { - $wherefordel .= " OR (module='$module' AND perms='$perms' AND subperms IS NOT NULL)"; + $wherefordel .= " OR (module='".$this->db->escape($module)."' AND perms='".$this->db->escape($perms)."' AND subperms IS NOT NULL)"; } if ($perms == 'lire' || $perms == 'read') { - $wherefordel .= " OR (module='$module')"; + $wherefordel .= " OR (module='".$this->db->escape($module)."')"; } } else { // On a demande suppression d'un droit sur la base d'un nom de module ou perms @@ -877,7 +887,7 @@ class User extends CommonObject public function clearrights() { dol_syslog(get_class($this)."::clearrights reset user->rights"); - $this->rights = ''; + $this->rights = null; $this->nb_rights = 0; $this->all_permissions_are_loaded = 0; $this->_tab_loaded = array(); @@ -930,34 +940,37 @@ class User extends CommonObject if ($resql) { $num = $this->db->num_rows($resql); $i = 0; + while ($i < $num) { $obj = $this->db->fetch_object($resql); - $module = $obj->module; - $perms = $obj->perms; - $subperms = $obj->subperms; + if ($obj) { + $module = $obj->module; + $perms = $obj->perms; + $subperms = $obj->subperms; - if ($perms) { - if (!isset($this->rights) || !is_object($this->rights)) { - $this->rights = new stdClass(); // For avoid error - } - if ($module) { - if (!isset($this->rights->$module) || !is_object($this->rights->$module)) { - $this->rights->$module = new stdClass(); + if (! empty($perms)) { + if (!isset($this->rights) || !is_object($this->rights)) { + $this->rights = new stdClass(); // For avoid error } - if ($subperms) { - if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { - $this->rights->$module->$perms = new stdClass(); + if (! empty($module)) { + if (!isset($this->rights->$module) || !is_object($this->rights->$module)) { + $this->rights->$module = new stdClass(); } - if (empty($this->rights->$module->$perms->$subperms)) { - $this->nb_rights++; + if (! empty($subperms)) { + if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { + $this->rights->$module->$perms = new stdClass(); + } + if (empty($this->rights->$module->$perms->$subperms)) { + $this->nb_rights++; + } + $this->rights->$module->$perms->$subperms = 1; + } else { + if (empty($this->rights->$module->$perms)) { + $this->nb_rights++; + } + $this->rights->$module->$perms = 1; } - $this->rights->$module->$perms->$subperms = 1; - } else { - if (empty($this->rights->$module->$perms)) { - $this->nb_rights++; - } - $this->rights->$module->$perms = 1; } } } @@ -997,32 +1010,36 @@ class User extends CommonObject while ($i < $num) { $obj = $this->db->fetch_object($resql); - $module = $obj->module; - $perms = $obj->perms; - $subperms = $obj->subperms; + if ($obj) { + $module = $obj->module; + $perms = $obj->perms; + $subperms = $obj->subperms; - if ($perms) { - if (!isset($this->rights) || !is_object($this->rights)) { - $this->rights = new stdClass(); // For avoid error - } - if (!isset($this->rights->$module) || !is_object($this->rights->$module)) { - $this->rights->$module = new stdClass(); - } - if ($subperms) { - if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { - $this->rights->$module->$perms = new stdClass(); + if (! empty($perms)) { + if (!isset($this->rights) || !is_object($this->rights)) { + $this->rights = new stdClass(); // For avoid error } - if (empty($this->rights->$module->$perms->$subperms)) { - $this->nb_rights++; - } - $this->rights->$module->$perms->$subperms = 1; - } else { - if (empty($this->rights->$module->$perms)) { - $this->nb_rights++; - } - // if we have already define a subperm like this $this->rights->$module->level1->level2 with llx_user_rights, we don't want override level1 because the level2 can be not define on user group - if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { - $this->rights->$module->$perms = 1; + if (! empty($module)) { + if (!isset($this->rights->$module) || !is_object($this->rights->$module)) { + $this->rights->$module = new stdClass(); + } + if (! empty($subperms)) { + if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { + $this->rights->$module->$perms = new stdClass(); + } + if (empty($this->rights->$module->$perms->$subperms)) { + $this->nb_rights++; + } + $this->rights->$module->$perms->$subperms = 1; + } else { + if (empty($this->rights->$module->$perms)) { + $this->nb_rights++; + } + // if we have already define a subperm like this $this->rights->$module->level1->level2 with llx_user_rights, we don't want override level1 because the level2 can be not define on user group + if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) { + $this->rights->$module->$perms = 1; + } + } } } } diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index b2faedb6554..882d33bd562 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -425,6 +425,8 @@ class UserGroup extends CommonObject if (!empty($rid)) { + $module = $perms = $subperms = ''; + // Si on a demande supression d'un droit en particulier, on recupere // les caracteristiques module, perms et subperms de ce droit. $sql = "SELECT module, perms, subperms"; @@ -486,8 +488,12 @@ class UserGroup extends CommonObject $i = 0; while ($i < $num) { + $nid = 0; + $obj = $this->db->fetch_object($result); - $nid = $obj->id; + if ($obj) { + $nid = $obj->id; + } $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights"; $sql .= " WHERE fk_usergroup = $this->id AND fk_id=".$nid; @@ -567,22 +573,24 @@ class UserGroup extends CommonObject { $obj = $this->db->fetch_object($resql); - $module = $obj->module; - $perms = $obj->perms; - $subperms = $obj->subperms; + if ($obj) { + $module = $obj->module; + $perms = $obj->perms; + $subperms = $obj->subperms; - if ($perms) - { - if (!isset($this->rights)) $this->rights = new stdClass(); // For avoid error - if (!isset($this->rights->$module) || !is_object($this->rights->$module)) $this->rights->$module = new stdClass(); - if ($subperms) + if ($perms) { - if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) $this->rights->$module->$perms = new stdClass(); - if (empty($this->rights->$module->$perms->$subperms)) $this->nb_rights++; - $this->rights->$module->$perms->$subperms = 1; - } else { - if (empty($this->rights->$module->$perms)) $this->nb_rights++; - $this->rights->$module->$perms = 1; + if (!isset($this->rights)) $this->rights = new stdClass(); // For avoid error + if (!isset($this->rights->$module) || !is_object($this->rights->$module)) $this->rights->$module = new stdClass(); + if ($subperms) + { + if (!isset($this->rights->$module->$perms) || !is_object($this->rights->$module->$perms)) $this->rights->$module->$perms = new stdClass(); + if (empty($this->rights->$module->$perms->$subperms)) $this->nb_rights++; + $this->rights->$module->$perms->$subperms = 1; + } else { + if (empty($this->rights->$module->$perms)) $this->nb_rights++; + $this->rights->$module->$perms = 1; + } } }