diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php
index f14ab699690..63a4e90cdd0 100644
--- a/htdocs/core/boxes/box_project.php
+++ b/htdocs/core/boxes/box_project.php
@@ -94,7 +94,7 @@ class box_project extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = '';
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
}
@@ -102,7 +102,7 @@ class box_project extends ModeleBoxes
$sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql .= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok
$sql .= " AND p.fk_statut = 1"; // Only open projects
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
}
diff --git a/htdocs/core/boxes/box_task.php b/htdocs/core/boxes/box_task.php
index 0c349ad3e4c..e86a1206902 100644
--- a/htdocs/core/boxes/box_task.php
+++ b/htdocs/core/boxes/box_task.php
@@ -145,7 +145,7 @@ class box_task extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = '';
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
}
@@ -168,7 +168,7 @@ class box_task extends ModeleBoxes
$sql .= " AND p.fk_statut = ".Project::STATUS_VALIDATED;
$sql .= " AND (pt.progress < 100 OR pt.progress IS NULL ) "; // 100% is done and not displayed
$sql .= " AND p.usage_task = 1 ";
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
}
diff --git a/htdocs/core/boxes/box_validated_projects.php b/htdocs/core/boxes/box_validated_projects.php
index 3f2b2cdc221..574ee7b7d80 100644
--- a/htdocs/core/boxes/box_validated_projects.php
+++ b/htdocs/core/boxes/box_validated_projects.php
@@ -101,7 +101,7 @@ class box_validated_projects extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = '';
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
}
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index fbd2651d4b3..e6d2d2aa74f 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -304,7 +304,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
$nbko++;
}
} elseif ($feature == 'projet') {
- if (!$user->rights->projet->lire && !$user->rights->projet->all->lire) {
+ if (!$user->rights->projet->lire && empty($user->rights->projet->all->lire)) {
$readok = 0;
$nbko++;
}
diff --git a/htdocs/eventorganization/conferenceorbooth_card.php b/htdocs/eventorganization/conferenceorbooth_card.php
index 1c544f4f7c4..8fa1f1ec288 100644
--- a/htdocs/eventorganization/conferenceorbooth_card.php
+++ b/htdocs/eventorganization/conferenceorbooth_card.php
@@ -200,7 +200,7 @@ if (!empty($withproject)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/eventorganization/conferenceorbooth_contact.php b/htdocs/eventorganization/conferenceorbooth_contact.php
index 0c05f0c1946..6f921848881 100644
--- a/htdocs/eventorganization/conferenceorbooth_contact.php
+++ b/htdocs/eventorganization/conferenceorbooth_contact.php
@@ -181,7 +181,7 @@ if (!empty($withproject)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/eventorganization/conferenceorbooth_document.php b/htdocs/eventorganization/conferenceorbooth_document.php
index 8b064c12b72..4c403332feb 100644
--- a/htdocs/eventorganization/conferenceorbooth_document.php
+++ b/htdocs/eventorganization/conferenceorbooth_document.php
@@ -138,7 +138,7 @@ if (!empty($withproject)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/eventorganization/conferenceorboothattendee_card.php b/htdocs/eventorganization/conferenceorboothattendee_card.php
index 101bc10a0aa..e38bdd954f3 100644
--- a/htdocs/eventorganization/conferenceorboothattendee_card.php
+++ b/htdocs/eventorganization/conferenceorboothattendee_card.php
@@ -235,7 +235,7 @@ if (!empty($withproject)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/eventorganization/conferenceorboothattendee_list.php b/htdocs/eventorganization/conferenceorboothattendee_list.php
index 12d62e0ab76..a5c9c308c6f 100644
--- a/htdocs/eventorganization/conferenceorboothattendee_list.php
+++ b/htdocs/eventorganization/conferenceorboothattendee_list.php
@@ -412,7 +412,7 @@ if ($projectstatic->id > 0 || $confOrBooth > 0) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php
index 8da82f45201..aa823dc44d6 100644
--- a/htdocs/projet/class/project.class.php
+++ b/htdocs/projet/class/project.class.php
@@ -2015,7 +2015,7 @@ class Project extends CommonObject
//$socid=$user->socid;
$projectsListId = null;
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1);
}
@@ -2107,7 +2107,7 @@ class Project extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql .= " WHERE";
$sql .= " p.entity IN (".getEntity('project').")";
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1);
$sql .= "AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
}
diff --git a/htdocs/projet/class/projectstats.class.php b/htdocs/projet/class/projectstats.class.php
index 1439ecd5f20..efd8ecc3424 100644
--- a/htdocs/projet/class/projectstats.class.php
+++ b/htdocs/projet/class/projectstats.class.php
@@ -158,7 +158,7 @@ class ProjectStats extends Stats
// Get list of project id allowed to user (in a string list separated by coma)
$object = new Project($this->db);
$projectsListId = '';
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $user->socid);
}
@@ -183,7 +183,7 @@ class ProjectStats extends Stats
$sqlwhere[] = " t.fk_opp_status IN (".$this->db->sanitize($this->status).")";
}
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$sqlwhere[] = " t.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
}
diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php
index 7e84683d5b3..dac2afa4834 100644
--- a/htdocs/projet/class/task.class.php
+++ b/htdocs/projet/class/task.class.php
@@ -2077,7 +2077,7 @@ class Task extends CommonObject
$sql .= " AND p.fk_statut = 1";
$sql .= " AND t.fk_projet = p.rowid";
$sql .= " AND (t.progress IS NULL OR t.progress < 100)"; // tasks to do
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
}
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
@@ -2148,7 +2148,7 @@ class Task extends CommonObject
$sql .= ", ".MAIN_DB_PREFIX."projet_task as t";
$sql .= " WHERE p.entity IN (".getEntity('project', 0).')';
$sql .= " AND t.fk_projet = p.rowid"; // tasks to do
- if ($mine || !$user->rights->projet->all->lire) {
+ if ($mine || empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
}
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
diff --git a/htdocs/projet/comment.php b/htdocs/projet/comment.php
index 3d57f9657b1..52a1f581df8 100644
--- a/htdocs/projet/comment.php
+++ b/htdocs/projet/comment.php
@@ -103,13 +103,13 @@ $morehtmlref = '';
// Title
$morehtmlref .= $object->title;
// Thirdparty
-if ($object->thirdparty->id > 0) {
+if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
}
$morehtmlref .= '
';
// Define a complementary filter for search of next/prev ref.
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php
index 9ac87b46084..db1f63fe8de 100644
--- a/htdocs/projet/document.php
+++ b/htdocs/projet/document.php
@@ -140,7 +140,7 @@ if ($object->id > 0) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php
index 0aea36fe635..9c20aa562d7 100644
--- a/htdocs/projet/ganttview.php
+++ b/htdocs/projet/ganttview.php
@@ -116,13 +116,13 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) {
// Title
$morehtmlref .= $object->title;
// Thirdparty
- if ($object->thirdparty->id > 0) {
+ if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
}
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/info.php b/htdocs/projet/info.php
index b8c6ae046cf..c0afe5d1370 100644
--- a/htdocs/projet/info.php
+++ b/htdocs/projet/info.php
@@ -128,13 +128,13 @@ $morehtmlref = '';
// Title
$morehtmlref .= $object->title;
// Thirdparty
-if ($object->thirdparty->id > 0) {
+if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
}
$morehtmlref .= '
';
// Define a complementary filter for search of next/prev ref.
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php
index a5f14431eda..444dc6d525f 100644
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@@ -357,7 +357,7 @@ $title = $langs->trans("Projects");
// Get list of project id allowed to user (in a string list separated by comma)
$projectsListId = '';
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $socid);
}
@@ -421,7 +421,7 @@ $sql .= " WHERE p.entity IN (".getEntity('project').')';
if (!empty($conf->categorie->enabled)) {
$sql .= Categorie::getFilterSelectQuery(Categorie::TYPE_PROJECT, "p.rowid", $search_category_array);
}
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
}
// No need to check if company is external user, as filtering of projects must be done by getProjectsAuthorizedForUser
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index 3c32bd528a4..2ee52d3a247 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -106,7 +106,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/tasks/comment.php b/htdocs/projet/tasks/comment.php
index 415e735fae6..a2bbba52305 100644
--- a/htdocs/projet/tasks/comment.php
+++ b/htdocs/projet/tasks/comment.php
@@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php
index 2727f7f0d02..753ccc9b419 100644
--- a/htdocs/projet/tasks/contact.php
+++ b/htdocs/projet/tasks/contact.php
@@ -196,7 +196,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php
index 3787f5b5f6a..a1e708b6a46 100644
--- a/htdocs/projet/tasks/document.php
+++ b/htdocs/projet/tasks/document.php
@@ -151,7 +151,7 @@ if ($object->id > 0) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php
index e1ed162f9c2..53b1a85e889 100644
--- a/htdocs/projet/tasks/list.php
+++ b/htdocs/projet/tasks/list.php
@@ -273,7 +273,7 @@ if ($id) {
}
// Get list of project id allowed to user (in a string list separated by coma)
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
}
//var_dump($projectsListId);
@@ -357,7 +357,7 @@ if ($search_task_user > 0) {
}
$sql .= " WHERE t.fk_projet = p.rowid";
$sql .= " AND p.entity IN (".getEntity('project').')';
-if (!$user->rights->projet->all->lire) {
+if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$db->sanitize($projectsListId ? $projectsListId : '0').")"; // public and assigned to projects, or restricted to company for external users
}
if (is_object($projectstatic) && $projectstatic->id > 0) {
diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php
index 4f5ebdbd6bb..3d1ec610b48 100644
--- a/htdocs/projet/tasks/note.php
+++ b/htdocs/projet/tasks/note.php
@@ -142,7 +142,7 @@ if ($object->id > 0) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php
index 312e6b11389..62714c72216 100644
--- a/htdocs/projet/tasks/task.php
+++ b/htdocs/projet/tasks/task.php
@@ -235,7 +235,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 8abba0c8cf1..18e46d9750d 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -859,7 +859,7 @@ if ($action == 'create' || $action == 'presend') {
// Ref
print '| '.$langs->trans('Ref').' | ';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstat->getProjectsAuthorizedForUser($user, $mine, 0);
$projectstat->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
}
diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php
index 1b3e035e37d..76e2208ba0b 100644
--- a/htdocs/ticket/list.php
+++ b/htdocs/ticket/list.php
@@ -566,7 +566,7 @@ if ($projectid > 0 || $project_ref) {
$morehtmlref .= '';
// Define a complementary filter for search of next/prev ref.
- if (!$user->rights->projet->all->lire) {
+ if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
}
|