mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-06 09:38:23 +01:00
Sec: Removed security holes
This commit is contained in:
Laurent Destailleur
@@ -32,18 +32,18 @@ require_once(DOL_DOCUMENT_ROOT."/compta/bank/class/account.class.php");
|
||||
|
||||
$langs->load("members");
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$page=$_GET["page"];
|
||||
$filter=$_GET["filter"];
|
||||
$statut=isset($_GET["statut"])?$_GET["statut"]:1;
|
||||
|
||||
if (! $sortorder) { $sortorder="DESC"; }
|
||||
if (! $sortfield) { $sortfield="c.dateadh"; }
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) { $sortorder="DESC"; }
|
||||
if (! $sortfield) { $sortfield="c.dateadh"; }
|
||||
|
||||
$msg='';
|
||||
$date_select=isset($_GET["date_select"])?$_GET["date_select"]:$_POST["date_select"];
|
||||
|
||||
@@ -47,22 +47,17 @@ if ($user->societe_id > 0)
|
||||
//$result = restrictedArea($user, 'societe', $id);
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$upload_dir = $conf->adherent->dir_output . "/" . get_exdir($id,2,0,1) . '/' . $id;
|
||||
|
||||
|
||||
|
||||
@@ -35,18 +35,19 @@ $langs->load("companies");
|
||||
|
||||
$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$page=$_GET["page"];
|
||||
$filter=$_GET["filter"];
|
||||
$statut=isset($_GET["statut"])?$_GET["statut"]:'';
|
||||
|
||||
if (! $sortorder) { $sortorder="ASC"; }
|
||||
if (! $sortfield) { $sortfield="d.nom"; }
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) { $sortorder="ASC"; }
|
||||
if (! $sortfield) { $sortfield="d.nom"; }
|
||||
|
||||
$filter=$_GET["filter"];
|
||||
$statut=isset($_GET["statut"])?$_GET["statut"]:'';
|
||||
|
||||
|
||||
if ($_REQUEST["button_removefilter"])
|
||||
{
|
||||
|
||||
@@ -244,9 +244,14 @@ $tabcond[19]= $conf->societe->enabled;
|
||||
|
||||
$msg='';
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
|
||||
/*
|
||||
* Actions ajout ou modification d'une entree dans un dictionnaire de donnee
|
||||
|
||||
@@ -41,16 +41,15 @@ $langs->load("companies");
|
||||
$langs->load("users");
|
||||
$langs->load("other");
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="dateevent";
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="dateevent";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -41,16 +41,15 @@ $langs->load("companies");
|
||||
$langs->load("users");
|
||||
$langs->load("other");
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="dateevent";
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="dateevent";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -27,17 +27,16 @@ require("../main.inc.php");
|
||||
require_once(DOL_DOCUMENT_ROOT."/bookmarks/class/bookmark.class.php");
|
||||
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="position";
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$limit = 26;
|
||||
$offset = $limit * $page ;
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="position";
|
||||
$limit=$conf->liste_limit;
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -38,6 +38,8 @@ if ( $_SESSION['uid'] > 0 )
|
||||
exit;
|
||||
}
|
||||
|
||||
$usertxt=GETPOST('user','',1);
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
@@ -71,7 +73,7 @@ top_htmlhead('','',0,0,'',$arrayofcss);
|
||||
|
||||
<tr>
|
||||
<td class="label1"><?php echo $langs->trans("Login"); ?></td>
|
||||
<td><input name="txtUsername" class="texte_login" type="text" value="<?php echo $_GET['user']; ?>" /></td>
|
||||
<td><input name="txtUsername" class="texte_login" type="text" value="<?php echo $usertxt; ?>" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="label1"><?php echo $langs->trans("Password"); ?></td>
|
||||
|
||||
@@ -52,16 +52,15 @@ if ($user->societe_id > 0)
|
||||
}
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -64,7 +64,8 @@ if (! $user->rights->agenda->allactions->read || $filter =='mine') // If no perm
|
||||
$filterd=$user->id;
|
||||
}
|
||||
|
||||
$action=GETPOST('action');
|
||||
$action=GETPOST('action','alpha');
|
||||
//$year=GETPOST("year");
|
||||
$year=GETPOST("year","int")?GETPOST("year","int"):date("Y");
|
||||
$month=GETPOST("month","int")?GETPOST("month","int"):date("m");
|
||||
$day=GETPOST("day","int")?GETPOST("day","int"):0;
|
||||
|
||||
@@ -36,22 +36,20 @@ if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/lib/project.lib.php
|
||||
$langs->load("companies");
|
||||
$langs->load("agenda");
|
||||
|
||||
$action=isset($_REQUEST['action'])?$_REQUEST['action']:'';
|
||||
$year=isset($_REQUEST["year"])?$_REQUEST["year"]:'';
|
||||
$month=isset($_REQUEST["month"])?$_REQUEST["month"]:'';
|
||||
$day=isset($_REQUEST["day"])?$_REQUEST["day"]:0;
|
||||
$pid=isset($_REQUEST["projectid"])?$_REQUEST["projectid"]:0;
|
||||
$status=isset($_GET["status"])?$_GET["status"]:$_POST["status"];
|
||||
$action=GETPOST('action','alpha');
|
||||
$year=GETPOST("year",'int');
|
||||
$month=GETPOST("month",'int');
|
||||
$day=GETPOST("day",'int');
|
||||
$pid=GETPOST("projectid",'int');
|
||||
$status=GETPOST("status",'alpha');
|
||||
|
||||
$filtera = isset($_REQUEST["userasked"])?$_REQUEST["userasked"]:(isset($_REQUEST["filtera"])?$_REQUEST["filtera"]:'');
|
||||
$filtert = isset($_REQUEST["usertodo"])?$_REQUEST["usertodo"]:(isset($_REQUEST["filtert"])?$_REQUEST["filtert"]:'');
|
||||
$filterd = isset($_REQUEST["userdone"])?$_REQUEST["userdone"]:(isset($_REQUEST["filterd"])?$_REQUEST["filterd"]:'');
|
||||
$filtera = GETPOST("userasked","int")?GETPOST("userasked","int"):GETPOST("filtera","int");
|
||||
$filtert = GETPOST("usertodo","int")?GETPOST("usertodo","int"):GETPOST("filtert","int");
|
||||
$filterd = GETPOST("userdone","int")?GETPOST("userdone","int"):GETPOST("filterd","int");
|
||||
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:$_POST["socid"];
|
||||
|
||||
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page = isset($_GET["page"])?$_GET["page"]:$_POST["page"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
@@ -69,7 +67,7 @@ if (! $sortfield)
|
||||
}
|
||||
|
||||
// Security check
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
$socid = GETPOST("socid",'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
|
||||
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
/**
|
||||
* \file htdocs/comm/action/rapport/index.php
|
||||
* \ingroup commercial
|
||||
* \brief Page accueil des rapports des actions
|
||||
* \brief Page with reports of actions
|
||||
* \version $Id$
|
||||
*/
|
||||
|
||||
@@ -32,9 +32,9 @@ require_once(DOL_DOCUMENT_ROOT."/contact/class/contact.class.php");
|
||||
require_once(DOL_DOCUMENT_ROOT."/comm/action/class/actioncomm.class.php");
|
||||
require_once(DOL_DOCUMENT_ROOT."/includes/modules/action/rapport.pdf.php");
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
@@ -42,7 +42,7 @@ if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="a.datep";
|
||||
|
||||
// Security check
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
$socid = GETPOST("socid");
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'agenda', $socid, '', 'myactions');
|
||||
|
||||
|
||||
@@ -26,20 +26,20 @@
|
||||
require("../main.inc.php");
|
||||
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="bid";
|
||||
$limit = $conf->liste_limit;
|
||||
|
||||
|
||||
llxHeader();
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="bid";
|
||||
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$limit = 26;
|
||||
$offset = $limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
/*
|
||||
* Actions
|
||||
@@ -94,7 +94,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."bookmark as b, ".MAIN_DB_PREFIX."societe as s, "
|
||||
$sql.= " WHERE b.fk_soc = s.rowid AND b.fk_user=u.rowid";
|
||||
if (! $user->admin) $sql.= " AND b.fk_user = ".$user->id;
|
||||
$sql.= $db->order($sortfield,$sortorder);
|
||||
$sql.= $db->plimit( $limit, $offset);
|
||||
$sql.= $db->plimit($limit, $offset);
|
||||
|
||||
$resql=$db->query($sql);
|
||||
if ($resql)
|
||||
|
||||
@@ -52,8 +52,13 @@ $socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
if ($user->societe_id > 0) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user,'societe',$socid,'');
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="nom";
|
||||
|
||||
|
||||
@@ -44,13 +44,13 @@ $dirmod=DOL_DOCUMENT_ROOT."/includes/modules/mailings";
|
||||
$mesg = '';
|
||||
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="email";
|
||||
|
||||
|
||||
@@ -36,14 +36,13 @@ if ($user->societe_id > 0)
|
||||
$socid = $user->societe_id;
|
||||
}
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="m.date_creat";
|
||||
|
||||
|
||||
@@ -1631,9 +1631,14 @@ else
|
||||
|
||||
$now=dol_now();
|
||||
|
||||
$sortorder=$_GET['sortorder'];
|
||||
$sortfield=$_GET['sortfield'];
|
||||
$page=$_GET['page'];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$viewstatut=addslashes($_GET['viewstatut']);
|
||||
$object_statut = addslashes($_GET['propal_statut']);
|
||||
if($object_statut != '')
|
||||
@@ -1642,9 +1647,6 @@ else
|
||||
if (! $sortfield) $sortfield='p.datep';
|
||||
if (! $sortorder) $sortorder='DESC';
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sql = 'SELECT s.nom, s.rowid, s.client, ';
|
||||
$sql.= 'p.rowid as propalid, p.total_ht, p.ref, p.fk_statut, p.fk_user_author, p.datep as dp, p.fin_validite as dfv,';
|
||||
|
||||
@@ -49,16 +49,15 @@ if ($user->societe_id)
|
||||
$result = restrictedArea($user, 'propale', $id, 'propal');
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -33,16 +33,16 @@ $langs->load("propal");
|
||||
$langs->load("companies");
|
||||
|
||||
// Security check
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
$socid = GETPOST("socid",'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'societe',$socid,'');
|
||||
|
||||
$socname=isset($_GET["socname"])?$_GET["socname"]:$_POST["socname"];
|
||||
$stcomm=isset($_GET["stcomm"])?$_GET["stcomm"]:$_POST["stcomm"];
|
||||
$socname=GETPOST("socname",'alpha');
|
||||
$stcomm=GETPOST("stcomm",'int');
|
||||
|
||||
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page=isset($_GET["page"])?$_GET["page"]:$_POST["page"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
@@ -50,10 +50,8 @@ $pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="s.nom";
|
||||
|
||||
// Added by Matelli (see http://matelli.fr/showcases/patchs-dolibarr/enhance-prospect-searching.html)
|
||||
// Load potentiels filters
|
||||
$search_level_from = isset($_GET["search_level_from"])?$_GET["search_level_from"]:(isSet($_POST["search_level_from"])?$_POST["search_level_from"]:'');
|
||||
$search_level_to = isset($_GET["search_level_to"])?$_GET["search_level_to"]:(isSet($_POST["search_level_to"])?$_POST["search_level_to"]:'');
|
||||
$search_level_from = GETPOST("search_level_from","alpha");
|
||||
$search_level_to = GETPOST("search_level_to","alpha");
|
||||
|
||||
// If both parameters are set, search for everything BETWEEN them
|
||||
if ($search_level_from != '' && $search_level_to != '')
|
||||
|
||||
@@ -48,19 +48,18 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result=restrictedArea($user,'commande',$comid,'');
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$id = $_GET['id'];
|
||||
$id = GETPOST('id','int');
|
||||
$ref= $_GET['ref'];
|
||||
$commande = new Commande($db);
|
||||
if (! $commande->fetch($_GET['id'],$_GET['ref']) > 0)
|
||||
|
||||
@@ -50,12 +50,23 @@ $orderid = isset($_GET["orderid"])?$_GET["orderid"]:'';
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'commande', $orderid,'');
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortfield) $sortfield='c.rowid';
|
||||
if (! $sortorder) $sortorder='DESC';
|
||||
$limit = $conf->liste_limit;
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
*/
|
||||
|
||||
$now=gmmktime();
|
||||
$now=dol_now();
|
||||
|
||||
$html = new Form($db);
|
||||
$formfile = new FormFile($db);
|
||||
@@ -63,16 +74,8 @@ $companystatic = new Societe($db);
|
||||
|
||||
llxHeader();
|
||||
|
||||
$begin=$_GET['begin'];
|
||||
$sortorder=$_GET['sortorder'];
|
||||
$sortfield=$_GET['sortfield'];
|
||||
$viewstatut=$_GET['viewstatut'];
|
||||
|
||||
if (! $sortfield) $sortfield='c.rowid';
|
||||
if (! $sortorder) $sortorder='DESC';
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $_GET['page'] ;
|
||||
|
||||
$sql = 'SELECT s.nom, s.rowid as socid, s.client, c.rowid, c.ref, c.total_ht, c.ref_client,';
|
||||
$sql.= ' c.date_commande, c.date_livraison, c.fk_statut, c.facture as facturee';
|
||||
|
||||
@@ -49,11 +49,14 @@ if (! empty($_REQUEST["credit"])) $param.='&credit='.$_REQUEST["credit"];
|
||||
if (! empty($_REQUEST["account"])) $param.='&account='.$_REQUEST["account"];
|
||||
if (! empty($_REQUEST["bid"])) $param.='&bid='.$_REQUEST["bid"];
|
||||
|
||||
$page =$_GET['page'];
|
||||
$sortorder=$_GET['sortorder'];
|
||||
$sortfield=$_GET['sortfield'];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
if (! $sortorder) $sortorder='DESC';
|
||||
if (! $sortfield) $sortfield='b.dateo';
|
||||
|
||||
|
||||
@@ -42,16 +42,15 @@ accessforbidden();
|
||||
|
||||
$langs->load("companies");
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="nom";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="nom";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -34,26 +34,29 @@ require_once(DOL_DOCUMENT_ROOT."/commande/class/commande.class.php");
|
||||
$langs->load('companies');
|
||||
|
||||
// Security check
|
||||
$orderid = isset($_GET["orderid"])?$_GET["orderid"]:'';
|
||||
$orderid = GETPOST("orderid",'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'commande',$orderid,'');
|
||||
|
||||
// Assign and check variable
|
||||
$year=GETPOST('year','int',1);
|
||||
$month=GETPOST('month','int',1);
|
||||
$status=GETPOST('status','int',1);
|
||||
$onbill=GETPOST('afacturer','int',1);
|
||||
$page=GETPOST('page','int',1);
|
||||
$year=GETPOST('year','int');
|
||||
$month=GETPOST('month','int');
|
||||
$status=GETPOST('status','int');
|
||||
$onbill=GETPOST('afacturer','int');
|
||||
$page=GETPOST('page','int');
|
||||
$sf_ref=GETPOST('sf_ref','',2);
|
||||
|
||||
$begin=GETPOST('begin','',1); // TODO used ?
|
||||
$sortorder=GETPOST('sortorder','',1);
|
||||
$sortfield=GETPOST('sortfield','',1);
|
||||
$sortorder=GETPOST('sortorder','alpha');
|
||||
$sortfield=GETPOST('sortfield','alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortfield) $sortfield="c.rowid";
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$html = new Form($db);
|
||||
$formfile = new FormFile($db);
|
||||
|
||||
@@ -40,20 +40,16 @@ $result = restrictedArea($user, 'deplacement','','');
|
||||
|
||||
llxHeader();
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$page=$_GET["page"];
|
||||
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="d.dated";
|
||||
|
||||
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="d.dated";
|
||||
$limit = $conf->liste_limit;
|
||||
|
||||
|
||||
$sql = "SELECT s.nom, s.rowid as socid,"; // Ou
|
||||
|
||||
@@ -31,18 +31,18 @@ if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/projet/class/projec
|
||||
$langs->load("companies");
|
||||
$langs->load("donations");
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$statut=isset($_GET["statut"])?$_GET["statut"]:"-1";
|
||||
$page=$_GET["page"];
|
||||
|
||||
if (! $sortorder) { $sortorder="DESC"; }
|
||||
if (! $sortfield) { $sortfield="d.datedon"; }
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -3031,14 +3031,18 @@ else
|
||||
***************************************************************************/
|
||||
$now=dol_now();
|
||||
|
||||
$page =$_GET['page'];
|
||||
$sortorder=$_GET['sortorder'];
|
||||
$sortfield=$_GET['sortfield'];
|
||||
$month =$_GET['month'];
|
||||
$year =$_GET['year'];
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$month =GETPOST('month','int');
|
||||
$year =GETPOST('year','int');
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
if (! $sortorder) $sortorder='DESC';
|
||||
if (! $sortfield) $sortfield='f.datef';
|
||||
|
||||
|
||||
@@ -53,16 +53,15 @@ if ($user->societe_id > 0)
|
||||
}
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -159,14 +159,17 @@ jQuery(document).ready(function() {
|
||||
|
||||
$now=dol_now();
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortfield) $sortfield="f.date_lim_reglement";
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$sql = "SELECT s.nom, s.rowid as socid";
|
||||
$sql.= ", f.facnumber,f.increment,f.total as total_ht,f.total_ttc";
|
||||
|
||||
@@ -46,14 +46,16 @@ if ($user->societe_id > 0)
|
||||
|
||||
llxHeader();
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="p.rowid";
|
||||
if ($page == -1) $page = 0 ;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$sql = "SELECT p.rowid, p.datep as dp, p.amount, p.statut";
|
||||
$sql .=", c.libelle as paiement_type, p.num_paiement";
|
||||
|
||||
@@ -35,12 +35,14 @@ $langs->load("bills");
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'banque', '','');
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="bc.number";
|
||||
|
||||
|
||||
@@ -40,12 +40,14 @@ $paymentstatic=new Paiement($db);
|
||||
$accountstatic=new Account($db);
|
||||
$companystatic=new Societe($db);
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="p.rowid";
|
||||
|
||||
|
||||
@@ -40,9 +40,14 @@ $langs->load('compta');
|
||||
$langs->load('orders');
|
||||
$langs->load('bills');
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$viewstatut=$_GET['viewstatut'];
|
||||
$propal_statut = $_GET['propal_statut'];
|
||||
if($propal_statut != '')
|
||||
@@ -50,7 +55,6 @@ $viewstatut=$propal_statut;
|
||||
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="p.datep";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
|
||||
$module='propale';
|
||||
if (! empty($_GET["socid"]))
|
||||
|
||||
@@ -34,22 +34,19 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'tax', '', '', 'charges');
|
||||
|
||||
|
||||
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page = $_GET["page"];
|
||||
if ($page < 0) $page = 0;
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
if (! $sortfield) $sortfield="s.date_ech";
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
|
||||
$year=$_GET["year"];
|
||||
$filtre=$_GET["filtre"];
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
//if (! $year) { $year=date("Y", time()); }
|
||||
|
||||
if (empty($_REQUEST['typeid']))
|
||||
{
|
||||
|
||||
@@ -46,12 +46,16 @@ llxHeader('','Ventilation');
|
||||
|
||||
/*
|
||||
* Lignes de factures
|
||||
*
|
||||
*/
|
||||
$page = $_GET["page"];
|
||||
if ($page < 0) $page = 0;
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$sql = "SELECT f.facnumber, f.rowid as facid, l.fk_product, l.description, l.price, l.rowid, l.fk_code_ventilation,";
|
||||
$sql.= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type";
|
||||
|
||||
@@ -48,16 +48,15 @@ if ($user->societe_id > 0)
|
||||
}
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$contrat = new Contrat($db);
|
||||
|
||||
@@ -53,12 +53,13 @@ $section=$_GET["section"];
|
||||
if (! $section) $section='misc';
|
||||
$upload_dir = $conf->ecm->dir_output.'/'.$section;
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="label";
|
||||
|
||||
|
||||
@@ -50,12 +50,13 @@ if (!$user->rights->ecm->setup) accessforbidden();
|
||||
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="label";
|
||||
|
||||
|
||||
@@ -45,16 +45,15 @@ $user->getrights('ecm');
|
||||
if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
$section=GETPOST("section");
|
||||
if (! $section)
|
||||
|
||||
@@ -59,12 +59,13 @@ if (! $section) $section=0;
|
||||
|
||||
$upload_dir = $conf->ecm->dir_output.'/'.$section;
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="label";
|
||||
|
||||
|
||||
@@ -57,12 +57,13 @@ if (! $section) $section=0;
|
||||
|
||||
$upload_dir = $conf->ecm->dir_output.'/'.$section;
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="label";
|
||||
|
||||
|
||||
@@ -37,13 +37,17 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'expedition',$expeditionid,'');
|
||||
|
||||
|
||||
$sortfield=isset($_GET["sortfield"])?$_GET["sortfield"]:"";
|
||||
$sortorder=isset($_GET["sortorder"])?$_GET["sortorder"]:"";
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
if (! $sortfield) $sortfield="e.ref";
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $_GET["page"] ;
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -45,16 +45,15 @@ $result = restrictedArea($user, 'ficheinter', $fichinterid, 'fichinter');
|
||||
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$object = new Fichinter($db);
|
||||
|
||||
@@ -33,8 +33,14 @@ require_once(DOL_DOCUMENT_ROOT."/lib/date.lib.php");
|
||||
$langs->load("companies");
|
||||
$langs->load("interventions");
|
||||
|
||||
$sortorder=$_GET["sortorder"]?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$sortfield=$_GET["sortfield"]?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$socid=$_GET["socid"]?$_GET["socid"]:$_POST["socid"];
|
||||
$page=$_GET["page"]?$_GET["page"]:$_POST["page"];
|
||||
|
||||
|
||||
@@ -49,16 +49,15 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'commande_fournisseur', $id,'');
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$commande = new CommandeFournisseur($db);
|
||||
|
||||
@@ -45,15 +45,16 @@ if ($user->societe_id > 0)
|
||||
$socid = $user->societe_id;
|
||||
}
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="p.name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -45,16 +45,15 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'fournisseur', $facid, 'facture_fourn', 'facture');
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -65,17 +65,19 @@ $companystatic=new Societe($db);
|
||||
* Mode Liste *
|
||||
* *
|
||||
***************************************************************************/
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortfield) $sortfield="f.date_lim_reglement";
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
if ($user->rights->fournisseur->facture->lire)
|
||||
{
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
$sql = "SELECT s.nom, s.rowid as socid,";
|
||||
$sql.= " f.rowid as ref, f.facnumber, f.total_ht, f.total_ttc,";
|
||||
$sql.= " f.datef as df, f.date_lim_reglement as datelimite, ";
|
||||
@@ -136,8 +138,6 @@ if ($user->rights->fournisseur->facture->lire)
|
||||
foreach ($listfield as $key => $value) $sql.=$listfield[$key]." ".$sortorder.",";
|
||||
$sql.= " f.facnumber DESC";
|
||||
|
||||
//$sql .= $db->plimit($limit+1,$offset);
|
||||
|
||||
$result = $db->query($sql);
|
||||
|
||||
if ($result)
|
||||
|
||||
@@ -39,12 +39,14 @@ $langs->load('banks');
|
||||
$facid=isset($_GET['facid'])?$_GET['facid']:$_POST['facid'];
|
||||
$action=isset($_GET['action'])?$_GET['action']:$_POST['action'];
|
||||
|
||||
$sortfield = isset($_GET['sortfield'])?$_GET['sortfield']:$_POST['sortfield'];
|
||||
$sortorder = isset($_GET['sortorder'])?$_GET['sortorder']:$_POST['sortorder'];
|
||||
$page=isset($_GET['page'])?$_GET['page']:$_POST['page'];
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="p.rowid";
|
||||
|
||||
|
||||
@@ -53,12 +53,13 @@ $file=isset($_GET["file"])?$_GET["file"]:$_POST['file'];
|
||||
$upload_dir = $conf->ftp->dir_temp;
|
||||
$download_dir = $conf->ftp->dir_temp;
|
||||
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="label";
|
||||
|
||||
|
||||
@@ -38,11 +38,11 @@ if (! defined('ADODB_DATE_VERSION')) include_once(DOL_DOCUMENT_ROOT."/includes/a
|
||||
|
||||
|
||||
/**
|
||||
* Return value of a param into get or post variable
|
||||
* Return value of a param into GET or POST supervariable
|
||||
* @param paramname Name of parameter to found
|
||||
* @param check Type of check ('' or 'int')
|
||||
* @param check Type of check (''=no check, 'int'=check it's numeric, 'alpha'=check it's alpha only)
|
||||
* @param method Type of method (0 = get or post, 1 = only get, 2 = only post)
|
||||
* @return string Value found
|
||||
* @return string Value found or '' if check fails
|
||||
*/
|
||||
function GETPOST($paramname,$check='',$method=0)
|
||||
{
|
||||
@@ -50,13 +50,12 @@ function GETPOST($paramname,$check='',$method=0)
|
||||
else if ($method==2) isset($_POST[$paramname])?$_POST[$paramname]:'';
|
||||
else $out = isset($_GET[$paramname])?$_GET[$paramname]:(isset($_POST[$paramname])?$_POST[$paramname]:'');
|
||||
|
||||
// Clean value
|
||||
$out = trim($out);
|
||||
|
||||
if (!empty($check))
|
||||
{
|
||||
// Check if integer
|
||||
if ($check == 'int' && ! is_numeric($out)) $out='';
|
||||
if ($check == 'int' && ! is_numeric(trim($out))) $out='';
|
||||
// Check if alpha
|
||||
if ($check == 'alpha' && ! preg_match('/^[#\(\)\-\._a-z0-9]+$/i',trim($out))) $out='';
|
||||
}
|
||||
|
||||
return $out;
|
||||
|
||||
@@ -59,39 +59,43 @@ if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* removed in PHP6
|
||||
$_POST = array_map('stripslashes_deep', $_POST);
|
||||
// $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
|
||||
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
|
||||
}
|
||||
@set_magic_quotes_runtime(0);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Security: SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST)
|
||||
function test_sql_and_script_inject($val)
|
||||
function test_sql_and_script_inject($val,$get)
|
||||
{
|
||||
$sql_inj = 0;
|
||||
// For SQL Injection
|
||||
$sql_inj += preg_match('/delete[\s]+from/i', $val);
|
||||
$sql_inj += preg_match('/create[\s]+table/i', $val);
|
||||
$sql_inj += preg_match('/update.+set.+=/i', $val);
|
||||
$sql_inj += preg_match('/insert[\s]+into/i', $val);
|
||||
$sql_inj += preg_match('/select.+from/i', $val);
|
||||
$sql_inj += preg_match('/union.+select/i', $val);
|
||||
// For XSS Injection done by adding javascript with script
|
||||
$sql_inj += preg_match('/<script/i', $val);
|
||||
// For XSS Injection done by adding javascript with onmousemove, etc... (closing a src or href tag with not cleaned param)
|
||||
if ($get) $sql_inj += preg_match('/"/i', $val); // We refused " in GET parameters value
|
||||
return $sql_inj;
|
||||
}
|
||||
function analyse_sql_and_script(&$var)
|
||||
function analyse_sql_and_script(&$var,$get)
|
||||
{
|
||||
if (is_array($var))
|
||||
{
|
||||
$result = array();
|
||||
foreach ($var as $key => $value)
|
||||
{
|
||||
if (test_sql_and_script_inject($key) > 0)
|
||||
if (test_sql_and_script_inject($key,$get) > 0)
|
||||
{
|
||||
print 'Access refused by SQL/Script injection protection in main.inc.php';
|
||||
exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (analyse_sql_and_script($value))
|
||||
if (analyse_sql_and_script($value,$get))
|
||||
{
|
||||
$var[$key] = $value;
|
||||
}
|
||||
@@ -106,11 +110,11 @@ function analyse_sql_and_script(&$var)
|
||||
}
|
||||
else
|
||||
{
|
||||
return (test_sql_and_script_inject($var) <= 0);
|
||||
return (test_sql_and_script_inject($var,$get) <= 0);
|
||||
}
|
||||
}
|
||||
analyse_sql_and_script($_GET);
|
||||
analyse_sql_and_script($_POST);
|
||||
analyse_sql_and_script($_GET,1);
|
||||
analyse_sql_and_script($_POST,0);
|
||||
|
||||
// This is to make Dolibarr working with Plesk
|
||||
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
|
||||
|
||||
@@ -124,7 +124,6 @@ if($action == 'search' )
|
||||
$sql.= " AND cp.fk_categorie ='".addslashes($catMere)."'";
|
||||
}
|
||||
$sql.= " ORDER BY p.ref ASC";
|
||||
// $sql.= $db->plimit($limit + 1 ,$offset);
|
||||
|
||||
$resql = $db->query($sql) ;
|
||||
}
|
||||
|
||||
@@ -48,16 +48,15 @@ if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$product = new Product($db);
|
||||
|
||||
@@ -33,7 +33,7 @@ if ($conf->categorie->enabled) require_once(DOL_DOCUMENT_ROOT."/categories/class
|
||||
$langs->load("products");
|
||||
$langs->load("stocks");
|
||||
|
||||
$canvas=GETPOST('canvas','',1);
|
||||
$canvas=GETPOST('canvas','alpha');
|
||||
|
||||
$sref=GETPOST("sref");
|
||||
$sbarcode=GETPOST("sbarcode");
|
||||
@@ -41,13 +41,17 @@ $snom=GETPOST("snom");
|
||||
$sall=GETPOST("sall");
|
||||
$type=GETPOST("type","int");
|
||||
|
||||
$sortfield = GETPOST("sortfield");
|
||||
$sortorder = GETPOST("sortorder");
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortfield) $sortfield="p.ref";
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
$page = $_GET["page"];
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
// Security check
|
||||
if ($type=='0') $result=restrictedArea($user,'produit',$id,'product','','',$fieldid);
|
||||
|
||||
@@ -45,13 +45,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="c.date_commande";
|
||||
|
||||
|
||||
@@ -45,13 +45,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="c.date_commande";
|
||||
|
||||
|
||||
@@ -45,13 +45,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="c.date_contrat";
|
||||
|
||||
|
||||
@@ -45,13 +45,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="f.datef";
|
||||
|
||||
|
||||
@@ -46,13 +46,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="f.datef";
|
||||
|
||||
|
||||
@@ -45,13 +45,13 @@ $result=restrictedArea($user,'produit|service',$id,'product','','',$fieldid);
|
||||
|
||||
$mesg = '';
|
||||
|
||||
$page = $_GET["page"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $_GET["page"] ;
|
||||
$pageprev = $_GET["page"] - 1;
|
||||
$pagenext = $_GET["page"] + 1;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="DESC";
|
||||
if (! $sortfield) $sortfield="p.datep";
|
||||
|
||||
|
||||
@@ -364,7 +364,6 @@ else
|
||||
if (!$user->rights->service->hidden) $sql.=' AND (p.hidden=0 OR p.fk_product_type != 1)';
|
||||
}
|
||||
$sql.= $db->order($sortfield,$sortorder);
|
||||
//$sql .= $db->plimit($limit + 1 ,$offset);
|
||||
|
||||
dol_syslog('List products sql='.$sql);
|
||||
$resql = $db->query($sql) ;
|
||||
|
||||
@@ -143,9 +143,6 @@ if ($_GET["id"])
|
||||
$sql .= " WHERE ue.fk_user = u.rowid ";
|
||||
$sql .= " AND ue.fk_entrepot = ".$entrepot->id;
|
||||
|
||||
//$sql .= $db->order($sortfield,$sortorder);
|
||||
//$sql .= $db->plimit($limit + 1 ,$offset);
|
||||
|
||||
$resql = $db->query($sql) ;
|
||||
if ($resql)
|
||||
{
|
||||
|
||||
@@ -43,16 +43,15 @@ if ($user->societe_id > 0) $socid=$user->societe_id;
|
||||
$result=restrictedArea($user,'projet',$id,'');
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$id = $_GET['id'];
|
||||
|
||||
@@ -48,16 +48,15 @@ if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
if (!$user->rights->projet->lire) accessforbidden();
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
$id = $_GET['id'];
|
||||
|
||||
@@ -59,19 +59,19 @@ function llxFooterVierge()
|
||||
}
|
||||
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$page=$_GET["page"];
|
||||
$filter=$_GET["filter"];
|
||||
$statut=isset($_GET["statut"])?$_GET["statut"]:'';
|
||||
|
||||
if (! $sortorder) { $sortorder="ASC"; }
|
||||
if (! $sortfield) { $sortfield="nom"; }
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -47,19 +47,13 @@ if ($user->societe_id > 0)
|
||||
$result = restrictedArea($user, 'societe', $socid);
|
||||
|
||||
// Get parameters
|
||||
$page=$_GET["page"];
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
if ($page == -1) { $page = 0 ; }
|
||||
$offset = $conf->liste_limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="name";
|
||||
|
||||
|
||||
@@ -38,8 +38,13 @@ $socid = isset($_GET["socid"])?$_GET["socid"]:'';
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'societe','','');
|
||||
|
||||
$sortorder=$_GET["sortorder"];
|
||||
$sortfield=$_GET["sortfield"];
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
if (! $sortfield) $sortfield="c.name";
|
||||
|
||||
|
||||
@@ -36,13 +36,13 @@ $langs->load("users");
|
||||
|
||||
$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
|
||||
|
||||
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page=isset($_GET["page"])?$_GET["page"]:$_POST["page"];
|
||||
if ($page < 0) $page = 0;
|
||||
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
|
||||
if (! $sortfield) $sortfield="g.nom";
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
@@ -38,14 +38,14 @@ if ($user->societe_id > 0) $socid = $user->societe_id;
|
||||
|
||||
$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
|
||||
|
||||
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
|
||||
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
|
||||
$page=isset($_GET["page"])?$_GET["page"]:$_POST["page"];
|
||||
if ($page < 0) $page = 0;
|
||||
|
||||
$sortfield = GETPOST("sortfield",'alpha');
|
||||
$sortorder = GETPOST("sortorder",'alpha');
|
||||
$page = GETPOST("page",'int');
|
||||
if ($page == -1) { $page = 0; }
|
||||
$offset = $conf->liste_limit * $page;
|
||||
$pageprev = $page - 1;
|
||||
$pagenext = $page + 1;
|
||||
$limit = $conf->liste_limit;
|
||||
$offset = $limit * $page ;
|
||||
|
||||
if (! $sortfield) $sortfield="u.login";
|
||||
if (! $sortorder) $sortorder="ASC";
|
||||
|
||||
|
||||
Reference in New Issue
Block a user