';
print '| ';
- print $form->editfieldkey("Warehouse", 'warehouse', '', $object, $user->hasRight('societe', 'creer'));
+ print $form->editfieldkey("Warehouse", 'warehouse', '', $object, $permissiontoadd);
print ' | ';
if ($action == 'editwarehouse') {
$formproduct->formSelectWarehouses($_SERVER['PHP_SELF'].'?id='.$object->id, $object->fk_warehouse, 'fk_warehouse', 1);
@@ -628,7 +639,7 @@ if ($object->id > 0) {
print '| ';
print $langs->trans('SendingMethod');
print ' | ';
- if (($action != 'editshipping') && $user->hasRight('societe', 'creer')) {
+ if (($action != 'editshipping') && $permissiontoadd) {
print ' | id.'">'.img_edit($langs->trans('SetMode'), 1).' | ';
}
print '
';
@@ -648,7 +659,7 @@ if ($object->id > 0) {
print '| ';
print $langs->trans('IntracommReportTransportMode');
print ' | ';
- if (($action != 'edittransportmode') && $user->hasRight('societe', 'creer')) {
+ if (($action != 'edittransportmode') && $permissiontoadd) {
print ' | id.'">'.img_edit($langs->trans('SetMode'), 1).' | ';
}
print '
';
@@ -711,7 +722,7 @@ if ($object->id > 0) {
print '| ';
print $langs->trans('ProspectLevel');
print ' | ';
- if ($action != 'editlevel' && $user->hasRight('societe', 'creer')) {
+ if ($action != 'editlevel' && $permissiontoadd) {
print ' | id.'">'.img_edit($langs->trans('Modify'), 1).' | ';
}
print '
';
diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php
index baa14c87e4f..4bcdd467dc0 100644
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@@ -147,9 +147,15 @@ if (getDolGlobalBool('PROPAL_DISALLOW_REOPEN')) {
$usercanreopen = false;
}
+$permissiontoadd = $usercancreate;
$permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$price_base_type = null;
@@ -1786,9 +1792,10 @@ if (empty($reshook)) {
} elseif ($action == 'setwarehouse' && $usercancreate) {
// warehouse
$result = $object->setWarehouse(GETPOSTINT('warehouse_id'));
- } elseif ($action == 'update_extras' && $usercancreate) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index aa998aaa29c..cf5f35b2572 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -165,7 +165,11 @@ $usercancreatepurchaseorder = ($user->hasRight('fournisseur', 'commande', 'creer
$permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoadd = $usercancreate; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
-
+$permissiontoeditextra = $usercancreate;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$error = 0;
@@ -1621,9 +1625,10 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $usercancreate) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
diff --git a/htdocs/compta/facture/card-rec.php b/htdocs/compta/facture/card-rec.php
index 073a3fba482..09357db4c0f 100644
--- a/htdocs/compta/facture/card-rec.php
+++ b/htdocs/compta/facture/card-rec.php
@@ -122,9 +122,15 @@ $extrafields->fetch_name_optionals_label($object->table_element);
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
+$permissiontoadd = $user->hasRight('facture', 'creer');
$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php
$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$usercanread = $user->hasRight('facture', 'lire');
$usercancreate = $user->hasRight('facture', 'creer');
@@ -133,8 +139,8 @@ $usercandelete = $user->hasRight('facture', 'supprimer');
// Advanced permissions
$usercanvalidate = ((!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $usercancreate) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('facture', 'invoice_advance', 'validate')));
-$usercansend = (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') || $user->rights->facture->invoice_advance->send);
-$usercanreopen = (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') || $user->rights->facture->invoice_advance->reopen);
+$usercansend = (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') || $user->hasRight('facture', 'invoice_advance', 'send'));
+$usercanreopen = (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') || $user->hasRight('facture', 'invoice_advance', 'reopen'));
$usercanunvalidate = ((!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && !empty($usercancreate)) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('facture', 'invoice_advance', 'unvalidate')));
// Other permissions
@@ -154,6 +160,7 @@ $result = restrictedArea($user, 'facture', $object->id, $objecttype);
/*
* Actions
*/
+
if (GETPOST('cancel', 'alpha')) {
if ($action != 'updateline') {
$action = 'list';
@@ -477,22 +484,28 @@ if (empty($reshook)) {
$db->rollback();
setEventMessages($line->error, $line->errors, 'errors');
}
- } elseif ($action == 'update_extras' && $usercancreate) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields('BILLREC_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'BILLREC_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
}
}
+
+ if ($error) {
+ $action = 'edit_extras';
+ }
}
// Add a new line
diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index ac2a68d990a..978e4151180 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -182,6 +182,11 @@ $permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdonw.inc.php
$permissiontoadd = $usercancreate; // Used by the include of actions_addupdatedelete.inc.php
+$permissiontoeditextra = $usercancreate;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
// retained warranty invoice available type
$retainedWarrantyInvoiceAvailableType = array();
@@ -3151,9 +3156,10 @@ if (empty($reshook)) {
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
- if ($action == 'update_extras' && $usercancreate) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php
index f4ef1c53a1b..636ac291d07 100644
--- a/htdocs/contact/card.php
+++ b/htdocs/contact/card.php
@@ -108,6 +108,11 @@ if (!($object->id > 0) && $action == 'view') {
$triggermodname = 'CONTACT_MODIFY';
$permissiontoadd = $user->hasRight('societe', 'contact', 'creer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
// Security check
if ($user->socid) {
@@ -511,42 +516,19 @@ if (empty($reshook)) {
}
// Update extrafields
- if ($action == "update_extras" && $permissiontoadd) {
- $object->fetch(GETPOSTINT('id'));
-
- $attributekey = GETPOST('attribute', 'alpha');
- $attributekeylong = 'options_'.$attributekey;
-
- if (GETPOSTISSET($attributekeylong.'day') && GETPOSTISSET($attributekeylong.'month') && GETPOSTISSET($attributekeylong.'year')) {
- // This is properties of a date
- $object->array_options['options_'.$attributekey] = dol_mktime(GETPOSTINT($attributekeylong.'hour'), GETPOSTINT($attributekeylong.'min'), GETPOSTINT($attributekeylong.'sec'), GETPOSTINT($attributekeylong.'month'), GETPOSTINT($attributekeylong.'day'), GETPOSTINT($attributekeylong.'year'));
- //var_dump(dol_print_date($object->array_options['options_'.$attributekey]));exit;
- } else {
- $object->array_options['options_'.$attributekey] = GETPOST($attributekeylong, 'alpha');
- }
-
- $result = $object->insertExtraFields(empty($triggermodname) ? '' : $triggermodname, $user);
- if ($result > 0) {
- setEventMessages($langs->trans('RecordSaved'), null, 'mesgs');
- $action = 'view';
- } else {
- setEventMessages($object->error, $object->errors, 'errors');
- $action = 'edit_extras';
- }
- }
-
- // Update extrafields
- if ($action == 'update_extras' && $user->hasRight('societe', 'contact', 'creer')) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields('CONTACT_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'CONTACT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php
index 5167e953e60..358b1bfe4bb 100644
--- a/htdocs/contrat/card.php
+++ b/htdocs/contrat/card.php
@@ -78,6 +78,7 @@ $ref = GETPOST('ref', 'alpha');
$origin = GETPOST('origin', 'alpha');
$originid = GETPOSTINT('originid');
$idline = GETPOSTINT('elrowid') ? GETPOSTINT('elrowid') : GETPOSTINT('rowid');
+$attribute = GETPOST('attribute', 'aZ09');
// PDF
$hidedetails = (GETPOSTINT('hidedetails') ? GETPOSTINT('hidedetails') : (getDolGlobalString('MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS') ? 1 : 0));
@@ -89,7 +90,7 @@ $datecontrat = '';
$moreparam = '';
$note_public = '';
$note_private = '';
-$usehm = (getDolGlobalString('MAIN_USE_HOURMIN_IN_DATE_RANGE') ? $conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE : 0);
+$usehm = getDolGlobalInt('MAIN_USE_HOURMIN_IN_DATE_RANGE');
// Security check
if ($user->socid) {
@@ -128,6 +129,12 @@ $permissiontodelete = ($user->hasRight('contrat', 'creer') && $object->status ==
$permissiontoadd = $user->hasRight('contrat', 'creer'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$permissiontoedit = $permissiontoadd;
$permissiontoactivate = $user->hasRight('contrat', 'activer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
+
$error = 0;
// Security check
@@ -946,10 +953,10 @@ if (empty($reshook)) {
} else {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("RefNewContract")), null, 'errors');
}
- } elseif ($action == 'update_extras' && $permissiontoadd) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2);
- $attribute = GETPOST('attribute', 'alphanohtml');
+ $attribute = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute);
diff --git a/htdocs/core/actions_addupdatedelete.inc.php b/htdocs/core/actions_addupdatedelete.inc.php
index 52faf0f0f1c..b6184a532a3 100644
--- a/htdocs/core/actions_addupdatedelete.inc.php
+++ b/htdocs/core/actions_addupdatedelete.inc.php
@@ -421,12 +421,18 @@ if (preg_match('/^set(\w+)$/', $action, $reg) && GETPOSTINT('id') > 0 && !empty(
}
// Action to update one extrafield
-if ($action == "update_extras" && GETPOSTINT('id') > 0 && !empty($permissiontoadd)) {
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
+
+if ($action == "update_extras" && GETPOSTINT('id') > 0 && !empty($permissiontoeditextra)) {
$object->fetch(GETPOSTINT('id'));
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute = GETPOST('attribute', 'alphanohtml');
+ $attribute = GETPOST('attribute', 'aZ09');
$error = 0;
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index cc3709745a4..6ba62d57397 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -4829,6 +4829,8 @@ abstract class CommonObject
$this->status = $status;
} elseif ($fieldstatus == 'tobuy') {
$this->status_buy = $status; // @phpstan-ignore-line
+ } elseif ($fieldstatus == 'tobatch') {
+ $this->status_batch = $status; // @phpstan-ignore-line
} else {
$this->status = $status;
}
diff --git a/htdocs/delivery/card.php b/htdocs/delivery/card.php
index 707f4e8eba1..0ef2a997735 100644
--- a/htdocs/delivery/card.php
+++ b/htdocs/delivery/card.php
@@ -101,6 +101,16 @@ $permissiontodelete = $user->hasRight('expedition', 'delivery', 'supprimer') ||
$permissiontovalidate = ((!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('expedition', 'delivery', 'creer')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('expedition', 'delivery_advance', 'validate')));
$permissionnote = $user->hasRight('expedition', 'delivery', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('expedition', 'delivery', 'creer'); // Used by the include of actions_dellink.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
+$permissiontoeditextraline = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element_line]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextraline = dol_eval($extrafields->attributes[$object->table_element_line]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -210,18 +220,19 @@ if ($action == 'setdate_delivery' && $permissiontoadd) {
}
// Update extrafields
-if ($action == 'update_extras' && $permissiontoadd) {
+if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('DELIVERY_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'DELIVERY_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
@@ -234,7 +245,7 @@ if ($action == 'update_extras' && $permissiontoadd) {
}
// Extrafields line
-if ($action == 'update_extras_line' && $permissiontoadd) {
+if ($action == 'update_extras_line' && $permissiontoeditextraline) {
$array_options = array();
$num = count($object->lines);
diff --git a/htdocs/don/card.php b/htdocs/don/card.php
index 24aca9686b0..6433c9cb759 100644
--- a/htdocs/don/card.php
+++ b/htdocs/don/card.php
@@ -101,6 +101,11 @@ $result = restrictedArea($user, 'don', $object->id);
$permissiontoread = $user->hasRight('don', 'lire');
$permissiontoadd = $user->hasRight('don', 'creer');
$permissiontodelete = $user->hasRight('don', 'supprimer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -342,18 +347,19 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- // Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $attribute_name = GETPOST('attribute', 'aZ09');
+ // Fill array 'array_options' with data from update form
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields('DON_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'DON_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index bac5c0e32f2..a26a34844bd 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -137,6 +137,11 @@ $result = restrictedArea($user, 'expedition', $object->id, '');
$permissiondellink = $user->hasRight('expedition', 'delivery', 'creer'); // Used by the include of actions_dellink.inc.php
$permissiontoadd = $user->hasRight('expedition', 'creer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$upload_dir = $conf->expedition->dir_output.'/sending';
@@ -218,9 +223,10 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2);
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php
index bfaecd73820..fd65e232701 100644
--- a/htdocs/expedition/shipment.php
+++ b/htdocs/expedition/shipment.php
@@ -97,6 +97,11 @@ $permissiontoadd = $user->hasRight('expedition', 'creer'); // Used by the includ
$permissiontodelete = $user->hasRight('expedition', 'supprimer') || ($permissiontoadd && ((int) $object->status == $object::STATUS_DRAFT));
$permissionnote = $user->hasRight('expedition', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('expedition', 'creer'); // Used by the include of actions_dellink.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -192,18 +197,19 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('SHIPMENT_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'SHIPMENT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php
index 11d4a5ddfdc..a17dc67bd10 100644
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@@ -129,6 +129,11 @@ $hookmanager->initHooks(array('expensereportcard', 'globalcard'));
$permissionnote = $user->hasRight('expensereport', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('expensereport', 'creer'); // Used by the include of actions_dellink.inc.php
$permissiontoadd = $user->hasRight('expensereport', 'creer'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$upload_dir = $conf->expensereport->dir_output.'/'.dol_sanitizeFileName($object->ref);
@@ -364,18 +369,19 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('EXPENSEREPORT_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'EXPENSEREPORT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php
index a2fe87ae00f..5ed98e5f45e 100644
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -120,8 +120,11 @@ $permissionnote = $user->hasRight('ficheinter', 'creer'); // Used by the include
$permissiondellink = $user->hasRight('ficheinter', 'creer'); // Used by the include of actions_dellink.inc.php
$permissiontodelete = (($object->statut == Fichinter::STATUS_DRAFT && $user->hasRight('ficheinter', 'creer')) || $user->hasRight('ficheinter', 'supprimer'));
$permissiontoadd = $user->hasRight('ficheinter', 'creer');
-
-$usercancreate = $user->hasRight('ficheinter', 'creer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -818,9 +821,10 @@ if (empty($reshook)) {
$permissiontoadd = $user->hasRight('ficheinter', 'creer');
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
@@ -1335,7 +1339,7 @@ if ($action == 'create') {
if (isModEnabled('project')) {
$langs->load("projects");
$morehtmlref .= '
';
- if ($usercancreate) {
+ if ($permissiontoadd) {
$morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"');
if ($action != 'classify') {
$morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' ';
diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php
index 9b8dd605566..c8550048418 100644
--- a/htdocs/fourn/card.php
+++ b/htdocs/fourn/card.php
@@ -89,7 +89,12 @@ $extrafields = new ExtraFields($db);
// fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
-
+$permissiontoadd = $user->hasRight('societe', 'creer');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
// Security check
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
@@ -182,20 +187,21 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $user->hasRight('societe', 'creer')) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->fetch($id);
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- // Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $attribute_name = GETPOST('attribute', 'aZ09');
+ // Fill array 'array_options' with data from update form
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields('COMPANY_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'COMPANY_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index 7e714a36a8e..7ea1aaa37fa 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -176,6 +176,11 @@ $permissionnote = $usercancreate; // Used by the include of actions_setnotes.in
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
$permissiontoadd = $usercancreate; // Used by the include of actions_addupdatedelete.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
// Project permission
$caneditproject = false;
@@ -1252,23 +1257,22 @@ if (empty($reshook)) {
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- // Fill array 'array_options' with data from add form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
+ // Fill array 'array_options' with data from update form
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- if (!$error) {
- $result = $object->insertExtraFields('ORDER_SUPPLIER_MODIFY');
- if ($result < 0) {
- $error++;
- setEventMessages($object->error, $object->errors, 'errors');
- }
+ $result = $object->updateExtraField($attribute_name, 'ORDER_SUPPLIER_MODIFY');
+ if ($result < 0) {
+ setEventMessages($object->error, $object->errors, 'errors');
+ $error++;
}
}
diff --git a/htdocs/fourn/facture/card-rec.php b/htdocs/fourn/facture/card-rec.php
index 3c58f2a4023..0c863416eba 100644
--- a/htdocs/fourn/facture/card-rec.php
+++ b/htdocs/fourn/facture/card-rec.php
@@ -125,6 +125,11 @@ $permissiondellink = $user->hasRight("fournisseur", "facture", "creer") || $user
$permissiontoedit = $user->hasRight("fournisseur", "facture", "creer") || $user->hasRight("supplier_invoice", "creer"); // Used by the include of actions_lineupdonw.inc.php
$permissiontoadd = $user->hasRight("fournisseur", "facture", "creer") || $user->hasRight("supplier_invoice", "creer");
$permissiontodelete = ($user->hasRight("fournisseur", "facture", "supprimer") || $user->hasRight("supplier_invoice", "supprimer"));
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$usercanread = $user->hasRight("fournisseur", "facture", "lire") || $user->hasRight("supplier_invoice", "lire");
$usercancreate = $user->hasRight("fournisseur", "facture", "creer") || $user->hasRight("supplier_invoice", "creer");
@@ -416,22 +421,28 @@ if (empty($reshook)) {
$db->rollback();
setEventMessages($line->error, $line->errors, 'errors');
}
- } elseif ($action == 'update_extras' && $permissiontoadd) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
- if (! $error) {
- $result = $object->insertExtraFields('BILLREC_MODIFY');
+ if (!$error) {
+ $result = $object->updateExtraField($attribute_name, 'BILLREC_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
}
}
+
+ if ($error) {
+ $action = 'edit_extras';
+ }
}
// Add a new line
diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php
index affb457decf..34fddb23622 100644
--- a/htdocs/fourn/facture/card.php
+++ b/htdocs/fourn/facture/card.php
@@ -146,6 +146,11 @@ $permissiondellink = $usercancreate; // Used by the include of actions_dellink.i
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
$permissiontoadd = $usercancreate; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$permissiontodelete = $usercandelete;
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$error = 0;
@@ -2044,21 +2049,22 @@ if (empty($reshook)) {
exit;
}
}
- if ($action == 'update_extras' && $usercancreate) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- // Fill array 'array_options' with data from add form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
+ // Fill array 'array_options' with data from update form
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
- // Actions on extra fields
if (!$error) {
- $result = $object->insertExtraFields('BILL_SUPPLIER_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'BILL_SUPPLIER_MODIFY');
if ($result < 0) {
- $error++;
setEventMessages($object->error, $object->errors, 'errors');
+ $error++;
}
}
diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php
index 4214ac71517..4778ab5dbdf 100644
--- a/htdocs/holiday/card.php
+++ b/htdocs/holiday/card.php
@@ -117,6 +117,11 @@ if ($user->hasRight('holiday', 'writeall')) {
$permissiontoadd = 1;
$permissiontoaddall = 1;
}
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$candelete = 0;
if ($user->hasRight('holiday', 'delete')) {
@@ -583,18 +588,19 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras') {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('HOLIDAY_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'HOLIDAY_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/product/card.php b/htdocs/product/card.php
index 038c9662af8..6f820bf8615 100644
--- a/htdocs/product/card.php
+++ b/htdocs/product/card.php
@@ -214,6 +214,11 @@ if ($object->id > 0) {
$usercanread = (($object->type == Product::TYPE_PRODUCT && $user->hasRight('produit', 'lire')) || ($object->type == Product::TYPE_SERVICE && $user->hasRight('service', 'lire')));
$usercancreate = (($object->type == Product::TYPE_PRODUCT && $user->hasRight('produit', 'creer')) || ($object->type == Product::TYPE_SERVICE && $user->hasRight('service', 'creer')));
$usercandelete = (($object->type == Product::TYPE_PRODUCT && $user->hasRight('produit', 'supprimer')) || ($object->type == Product::TYPE_SERVICE && $user->hasRight('service', 'supprimer')));
+$permissiontoeditextra = $usercancreate;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -489,18 +494,19 @@ if (empty($reshook)) {
}
// Quick edit for extrafields
- if ($action == 'update_extras' && $usercancreate) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('PRODUCT_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'PRODUCT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php
index a028fc3bd6d..3e4e211a2f7 100644
--- a/htdocs/product/stock/card.php
+++ b/htdocs/product/stock/card.php
@@ -106,6 +106,11 @@ if ($id > 0 || !empty($ref)) {
$usercanread = $user->hasRight('stock', 'lire');
$usercancreate = $user->hasRight('stock', 'creer');
$usercandelete = $user->hasRight('stock', 'supprimer');
+$permissiontoeditextra = $usercancreate;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -248,21 +253,25 @@ if (empty($reshook)) {
$action = 'edit';
setEventMessages($object->error, $object->errors, 'errors');
}
- } elseif ($action == 'update_extras' && $user->hasRight('stock', 'creer')) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
+
if (!$error) {
- $result = $object->insertExtraFields();
+ $result = $object->updateExtraField($attribute_name, 'PRODUCT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
}
}
+
if ($error) {
$action = 'edit_extras';
}
diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php
index c1cf068ba68..d04651a18f1 100644
--- a/htdocs/product/stock/movement_list.php
+++ b/htdocs/product/stock/movement_list.php
@@ -187,6 +187,11 @@ $uploaddir = $conf->stock->dir_output.'/movements';
$permissiontoread = $user->hasRight('stock', 'mouvement', 'lire');
$permissiontoadd = $user->hasRight('stock', 'mouvement', 'creer');
$permissiontodelete = $user->hasRight('stock', 'mouvement', 'creer'); // There is no deletion permission for stock movement as we should never delete
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$usercanread = $user->hasRight('stock', 'mouvement', 'lire');
$usercancreate = $user->hasRight('stock', 'mouvement', 'creer');
@@ -332,21 +337,25 @@ if (empty($reshook)) {
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
}
-if ($action == 'update_extras' && $permissiontoadd) {
+if ($action == 'update_extras' && $permissiontoeditextra) {
$tmpwarehouse->oldcopy = dol_clone($tmpwarehouse, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $tmpwarehouse, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $tmpwarehouse, $attribute_name);
if ($ret < 0) {
$error++;
}
+
if (!$error) {
- $result = $tmpwarehouse->insertExtraFields();
+ $result = $tmpwarehouse->updateExtraField($attribute_name, 'CONTRACT_MODIFY');
if ($result < 0) {
setEventMessages($tmpwarehouse->error, $tmpwarehouse->errors, 'errors');
$error++;
}
}
+
if ($error) {
$action = 'edit_extras';
}
diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php
index 7ef691049c2..d2918ad6fee 100644
--- a/htdocs/product/stock/productlot_card.php
+++ b/htdocs/product/stock/productlot_card.php
@@ -266,119 +266,7 @@ if (empty($reshook)) {
// Actions cancel, add, update, update_extras, confirm_validate, confirm_delete, confirm_deleteline, confirm_clone, confirm_close, confirm_setdraft, confirm_reopen
include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php';
- /*
- if ($action == 'update_extras' && $permissiontoadd) {
- $object->oldcopy = dol_clone($object, 2);
- // Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
- if ($ret < 0) $error++;
-
- if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('PRODUCT_LOT_MODIFY');
- if ($result < 0) {
- setEventMessages($object->error, $object->errors, 'errors');
- $error++;
- }
- }
-
- if ($error) {
- $action = 'edit_extras';
- }
- }
-
- // Action to add record
- if ($action == 'add' && $permissiontoadd) {
- if (GETPOST('cancel', 'alpha')) {
- $urltogo = $backtopage ? $backtopage : dol_buildpath('/stock/list.php', 1);
- header("Location: ".$urltogo);
- exit;
- }
-
- $error = 0;
-
- $object->entity = GETPOST('entity', 'int');
- $object->fk_product = GETPOST('fk_product', 'int');
- $object->batch = GETPOST('batch', 'alpha');
- $object->fk_user_creat = GETPOST('fk_user_creat', 'int');
- $object->fk_user_modif = GETPOST('fk_user_modif', 'int');
- $object->import_key = GETPOST('import_key', 'int');
-
- if (empty($object->ref)) {
- $error++;
- setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors');
- }
-
- if (!$error) {
- $result = $object->create($user);
- if ($result > 0) {
- // Creation OK
- $urltogo = $backtopage ? $backtopage : dol_buildpath('/stock/list.php', 1);
- header("Location: ".$urltogo);
- exit;
- }
- {
- // Creation KO
- if (!empty($object->errors)) setEventMessages(null, $object->errors, 'errors');
- else setEventMessages($object->error, null, 'errors');
- $action = 'create';
- }
- } else {
- $action = 'create';
- }
- }
-
- // Cancel
- if ($action == 'update' && GETPOST('cancel', 'alpha') && $permissiontoadd) {
- $action = 'view';
- }
-
- // Action to update record
- if ($action == 'update' && !GETPOST('cancel', 'alpha') && $permissiontoadd) {
- $error = 0;
-
- $object->entity = GETPOST('entity', 'int');
- $object->fk_product = GETPOST('fk_product', 'int');
- $object->batch = GETPOST('batch', 'alpha');
- $object->fk_user_creat = GETPOST('fk_user_creat', 'int');
- $object->fk_user_modif = GETPOST('fk_user_modif', 'int');
- $object->import_key = GETPOST('import_key', 'int');
-
- if (empty($object->ref)) {
- $error++;
- setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors');
- }
-
- if (!$error) {
- $result = $object->update($user);
- if ($result > 0) {
- $action = 'view';
- } else {
- // Creation KO
- if (!empty($object->errors)) setEventMessages(null, $object->errors, 'errors');
- else setEventMessages($object->error, null, 'errors');
- $action = 'edit';
- }
- } else {
- $action = 'edit';
- }
- }
-
- // Action to delete
- if ($action == 'confirm_delete' && $permissiontodelete) {
- $result = $object->delete($user);
- if ($result > 0) {
- // Delete OK
- setEventMessages("RecordDeleted", null, 'mesgs');
- header("Location: ".dol_buildpath('/stock/list.php', 1));
- exit;
- } else {
- if (!empty($object->errors)) setEventMessages(null, $object->errors, 'errors');
- else setEventMessages($object->error, null, 'errors');
- }
- }
- */
// Action to build doc
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php
index d6e865545a0..747621c1156 100644
--- a/htdocs/projet/card.php
+++ b/htdocs/projet/card.php
@@ -81,7 +81,6 @@ $date_end = dol_mktime(0, 0, 0, GETPOSTINT('projectendmonth'), GETPOSTINT('proje
$date_start_event = dol_mktime(GETPOSTINT('date_start_eventhour'), GETPOSTINT('date_start_eventmin'), GETPOSTINT('date_start_eventsec'), GETPOSTINT('date_start_eventmonth'), GETPOSTINT('date_start_eventday'), GETPOSTINT('date_start_eventyear'), 'tzuserrel');
$date_end_event = dol_mktime(GETPOSTINT('date_end_eventhour'), GETPOSTINT('date_end_eventmin'), GETPOSTINT('date_end_eventsec'), GETPOSTINT('date_end_eventmonth'), GETPOSTINT('date_end_eventday'), GETPOSTINT('date_end_eventyear'), 'tzuserrel');
$location = GETPOST('location', 'alphanohtml');
-$fk_project = GETPOSTINT('fk_project');
$mine = GETPOST('mode') == 'mine' ? 1 : 0;
@@ -121,6 +120,11 @@ if ($id == '' && $ref == '' && ($action != "create" && $action != "add" && $acti
$permissiontoadd = $user->hasRight('projet', 'creer');
$permissiontodelete = $user->hasRight('projet', 'supprimer');
$permissiondellink = $user->hasRight('projet', 'creer'); // Used by the include of actions_dellink.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
/*
@@ -560,18 +564,19 @@ if (empty($reshook)) {
}
// Quick edit for extrafields
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('PROJECT_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'PROJECT_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/reception/card.php b/htdocs/reception/card.php
index 96ac44b07b3..94acdfa7364 100644
--- a/htdocs/reception/card.php
+++ b/htdocs/reception/card.php
@@ -177,6 +177,11 @@ if (isModEnabled("reception")) {
$permissiontovalidate = ((!getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('fournisseur', 'commande', 'receptionner')) || (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && $user->hasRight('fournisseur', 'commande_advance', 'check')));
$permissiontodelete = $user->hasRight('fournisseur', 'commande', 'receptionner');
}
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$error = 0;
@@ -272,18 +277,19 @@ if (empty($reshook)) {
}
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
// Fill array 'array_options' with data from update form
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- // Actions on extra fields
- $result = $object->insertExtraFields('RECEPTION_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'RECEPTION_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php
index 0a0505fa8ec..bdf6c09673e 100644
--- a/htdocs/salaries/card.php
+++ b/htdocs/salaries/card.php
@@ -121,6 +121,11 @@ restrictedArea($user, 'salaries', $object->id, 'salary', '');
$permissiontoread = $user->hasRight('salaries', 'read');
$permissiontoadd = $user->hasRight('salaries', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$permissiontodelete = $user->hasRight('salaries', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_UNPAID);
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$upload_dir = $conf->salaries->multidir_output[$conf->entity];
@@ -453,29 +458,29 @@ if ($action == 'confirm_clone' && $confirm == 'yes' && $permissiontoadd) {
}
}
+
// Action to update one extrafield
-if ($action == "update_extras" && $permissiontoadd) {
- $object->fetch(GETPOSTINT('id'));
+if ($action == 'update_extras' && $permissiontoeditextra) {
+ $object->oldcopy = dol_clone($object, 2);
- $attributekey = GETPOST('attribute', 'alpha');
- $attributekeylong = 'options_'.$attributekey;
+ $attribute = GETPOST('attribute', 'aZ09');
- if (GETPOSTISSET($attributekeylong.'day') && GETPOSTISSET($attributekeylong.'month') && GETPOSTISSET($attributekeylong.'year')) {
- // This is properties of a date
- $object->array_options['options_'.$attributekey] = dol_mktime(GETPOSTINT($attributekeylong.'hour'), GETPOSTINT($attributekeylong.'min'), GETPOSTINT($attributekeylong.'sec'), GETPOSTINT($attributekeylong.'month'), GETPOSTINT($attributekeylong.'day'), GETPOSTINT($attributekeylong.'year'));
- //var_dump(dol_print_date($object->array_options['options_'.$attributekey]));exit;
- } else {
- $object->array_options['options_'.$attributekey] = GETPOST($attributekeylong, 'alpha');
+ // Fill array 'array_options' with data from update form
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute);
+ if ($ret < 0) {
+ setEventMessages($extrafields->error, $object->errors, 'errors');
+ $error++;
}
- $triggermodname = 'SALARY_MODIFY';
+ if (!$error) {
+ $result = $object->updateExtraField($attribute, 'SALARY_MODIFY');
+ if ($result < 0) {
+ setEventMessages($object->error, $object->errors, 'errors');
+ $error++;
+ }
+ }
- $result = $object->insertExtraFields($triggermodname, $user);
- if ($result > 0) {
- setEventMessages($langs->trans('RecordSaved'), null, 'mesgs');
- $action = 'view';
- } else {
- setEventMessages($object->error, $object->errors, 'errors');
+ if ($error) {
$action = 'edit_extras';
}
}
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index d217fd20885..0fdc3e189b6 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -170,6 +170,12 @@ $permissiontoadd = $user->hasRight('societe', 'creer'); // Used by the include
$permissiontodelete = $user->hasRight('societe', 'supprimer') || ($permissiontoadd && isset($object->status) && $object->status == 0);
$permissionnote = $user->hasRight('societe', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('societe', 'creer'); // Used by the include of actions_dellink.inc.php
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
+
$upload_dir = $conf->societe->multidir_output[isset($object->entity) ? $object->entity : 1];
// Security check
@@ -262,21 +268,20 @@ if (empty($reshook)) {
$res = $object->setValueFrom('localtax2_value', $value, '', null, 'text', '', $user, 'COMPANY_MODIFY');
}
- if ($action == 'update_extras' && $permissiontoadd) {
+ if ($action == 'update_extras' && $permissiontoeditextra) {
$object->fetch($socid);
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- // Fill array 'array_options' with data from update form
- $extrafields->fetch_name_optionals_label($object->table_element);
+ $attribute_name = GETPOST('attribute', 'aZ09');
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields('COMPANY_MODIFY');
+ $result = $object->updateExtraField($attribute_name, 'COMPANY_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php
index d5b1625a809..dd935b533bf 100644
--- a/htdocs/supplier_proposal/card.php
+++ b/htdocs/supplier_proposal/card.php
@@ -134,6 +134,11 @@ $permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
$permissiontoadd = $usercancreate;
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
// Security check
if (!empty($user->socid)) {
@@ -1152,9 +1157,10 @@ if (empty($reshook)) {
} elseif ($action == 'setmulticurrencyrate' && $usercancreate) {
// Multicurrency rate
$result = $object->setMulticurrencyRate(GETPOSTFLOAT('multicurrency_tx'), GETPOSTINT('calculation_mode'));
- } elseif ($action == 'update_extras' && $usercancreate) {
+ } elseif ($action == 'update_extras' && $permissiontoeditextra) {
$object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty
- $attribute_name = GETPOST('attribute', 'restricthtml');
+
+ $attribute_name = GETPOST('attribute', 'aZ09');
// Fill array 'array_options' with data from update form
$ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 1acba7b3f90..95a7f1d7f3d 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -151,6 +151,11 @@ $triggermodname = 'TICKET_MODIFY';
$permissiontoread = $user->hasRight('ticket', 'read');
$permissiontoadd = $user->hasRight('ticket', 'write');
$permissiontodelete = $user->hasRight('ticket', 'delete');
+$permissiontoeditextra = $permissiontoadd;
+if (GETPOST('attribute', 'aZ09') && isset($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')])) {
+ // For action 'update_extras', is there a specific permission set for the attribute to update
+ $permissiontoeditextra = dol_eval($extrafields->attributes[$object->table_element]['perms'][GETPOST('attribute', 'aZ09')]);
+}
$upload_dir = $conf->ticket->dir_output;
@@ -557,9 +562,9 @@ if (empty($reshook)) {
// prevent browser refresh from reopening ticket several times
if ($object->status == Ticket::STATUS_CLOSED || $object->status == Ticket::STATUS_CANCELED) {
if ($object->fk_user_assign != null) {
- $res = $object->setStatut(Ticket::STATUS_ASSIGNED, null, '', 'TICKET_MODIFY');
+ $res = $object->setStatut(Ticket::STATUS_ASSIGNED, null, '', $triggermodname);
} else {
- $res = $object->setStatut(Ticket::STATUS_NOT_READ, null, '', 'TICKET_MODIFY');
+ $res = $object->setStatut(Ticket::STATUS_NOT_READ, null, '', $triggermodname);
}
if ($res) {
$url = 'card.php?track_id=' . $object->track_id;
@@ -626,27 +631,26 @@ if (empty($reshook)) {
}
// Action to update an extrafield
- if ($action == "update_extras" && $permissiontoadd) {
+ if ($action == "update_extras" && $permissiontoeditextra) {
$object->fetch(GETPOSTINT('id'), '', GETPOST('track_id', 'alpha'));
- $ret = $extrafields->setOptionalsFromPost(null, $object, GETPOST('attribute', 'restricthtml'));
+ $attribute_name = GETPOST('attribute', 'aZ09');
+
+ $ret = $extrafields->setOptionalsFromPost(null, $object, $attribute_name);
if ($ret < 0) {
$error++;
}
if (!$error) {
- $result = $object->insertExtraFields(empty($triggermodname) ? '' : $triggermodname, $user);
+ $result = $object->updateExtraField($attribute_name, $triggermodname);
if ($result < 0) {
+ setEventMessages($object->error, $object->errors, 'errors');
$error++;
}
}
if ($error) {
- setEventMessages($object->error, $object->errors, 'errors');
$action = 'edit_extras';
- } else {
- setEventMessages($langs->trans('RecordSaved'), null, 'mesgs');
- $action = 'view';
}
}
|