Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-08 18:48:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix warnings in ticket list

Browse Source
This commit is contained in:
Frédéric FRANCE
2021-10-24 10:02:12 +02:00
parent d240a9f774
commit cc374e9eb1
26 changed files with 36 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/boxes/box_project.php
View File

@@ -94,7 +94,7 @@ class box_project extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma) // Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = ''; $projectsListId = '';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
} }
@@ -102,7 +102,7 @@ class box_project extends ModeleBoxes
$sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql .= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok $sql .= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok
$sql .= " AND p.fk_statut = 1"; // Only open projects $sql .= " AND p.fk_statut = 1"; // Only open projects
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
} }

4
htdocs/core/boxes/box_task.php
View File

@@ -145,7 +145,7 @@ class box_task extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma) // Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = ''; $projectsListId = '';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
} }
@@ -168,7 +168,7 @@ class box_task extends ModeleBoxes
$sql .= " AND p.fk_statut = ".Project::STATUS_VALIDATED; $sql .= " AND p.fk_statut = ".Project::STATUS_VALIDATED;
$sql .= " AND (pt.progress < 100 OR pt.progress IS NULL ) "; // 100% is done and not displayed $sql .= " AND (pt.progress < 100 OR pt.progress IS NULL ) "; // 100% is done and not displayed
$sql .= " AND p.usage_task = 1 "; $sql .= " AND p.usage_task = 1 ";
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
} }

2
htdocs/core/boxes/box_validated_projects.php
View File

@@ -101,7 +101,7 @@ class box_validated_projects extends ModeleBoxes
// Get list of project id allowed to user (in a string list separated by coma) // Get list of project id allowed to user (in a string list separated by coma)
$projectsListId = ''; $projectsListId = '';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
} }

2
htdocs/core/lib/security.lib.php
View File

@@ -304,7 +304,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
$nbko++; $nbko++;
} }
} elseif ($feature == 'projet') { } elseif ($feature == 'projet') {
if (!$user->rights->projet->lire && !$user->rights->projet->all->lire) { if (!$user->rights->projet->lire && empty($user->rights->projet->all->lire)) {
$readok = 0; $readok = 0;
$nbko++; $nbko++;
} }

2
htdocs/eventorganization/conferenceorbooth_card.php
View File

@@ -200,7 +200,7 @@ if (!empty($withproject)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/eventorganization/conferenceorbooth_contact.php
View File

@@ -181,7 +181,7 @@ if (!empty($withproject)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/eventorganization/conferenceorbooth_document.php
View File

@@ -138,7 +138,7 @@ if (!empty($withproject)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/eventorganization/conferenceorboothattendee_card.php
View File

@@ -235,7 +235,7 @@ if (!empty($withproject)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/eventorganization/conferenceorboothattendee_list.php
View File

@@ -412,7 +412,7 @@ if ($projectstatic->id > 0 || $confOrBooth > 0) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

4
htdocs/projet/class/project.class.php
View File

@@ -2015,7 +2015,7 @@ class Project extends CommonObject
//$socid=$user->socid; //$socid=$user->socid;
$projectsListId = null; $projectsListId = null;
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1); $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1);
} }
@@ -2107,7 +2107,7 @@ class Project extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql .= " WHERE"; $sql .= " WHERE";
$sql .= " p.entity IN (".getEntity('project').")"; $sql .= " p.entity IN (".getEntity('project').")";
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1); $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1);
$sql .= "AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; $sql .= "AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
} }

4
htdocs/projet/class/projectstats.class.php
View File

@@ -158,7 +158,7 @@ class ProjectStats extends Stats
// Get list of project id allowed to user (in a string list separated by coma) // Get list of project id allowed to user (in a string list separated by coma)
$object = new Project($this->db); $object = new Project($this->db);
$projectsListId = ''; $projectsListId = '';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $user->socid); $projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $user->socid);
} }
@@ -183,7 +183,7 @@ class ProjectStats extends Stats
$sqlwhere[] = " t.fk_opp_status IN (".$this->db->sanitize($this->status).")"; $sqlwhere[] = " t.fk_opp_status IN (".$this->db->sanitize($this->status).")";
} }
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sqlwhere[] = " t.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users $sqlwhere[] = " t.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
} }

4
htdocs/projet/class/task.class.php
View File

@@ -2077,7 +2077,7 @@ class Task extends CommonObject
$sql .= " AND p.fk_statut = 1"; $sql .= " AND p.fk_statut = 1";
$sql .= " AND t.fk_projet = p.rowid"; $sql .= " AND t.fk_projet = p.rowid";
$sql .= " AND (t.progress IS NULL OR t.progress < 100)"; // tasks to do $sql .= " AND (t.progress IS NULL OR t.progress < 100)"; // tasks to do
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
} }
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
@@ -2148,7 +2148,7 @@ class Task extends CommonObject
$sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; $sql .= ", ".MAIN_DB_PREFIX."projet_task as t";
$sql .= " WHERE p.entity IN (".getEntity('project', 0).')'; $sql .= " WHERE p.entity IN (".getEntity('project', 0).')';
$sql .= " AND t.fk_projet = p.rowid"; // tasks to do $sql .= " AND t.fk_projet = p.rowid"; // tasks to do
if ($mine || !$user->rights->projet->all->lire) { if ($mine || empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")";
} }
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser

4
htdocs/projet/comment.php
View File

@@ -103,13 +103,13 @@ $morehtmlref = '<div class="refidno">';
// Title // Title
$morehtmlref .= $object->title; $morehtmlref .= $object->title;
// Thirdparty // Thirdparty
if ($object->thirdparty->id > 0) { if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); $morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
} }
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/projet/document.php
View File

@@ -140,7 +140,7 @@ if ($object->id > 0) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

4
htdocs/projet/ganttview.php
View File

@@ -116,13 +116,13 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) {
// Title // Title
$morehtmlref .= $object->title; $morehtmlref .= $object->title;
// Thirdparty // Thirdparty
if ($object->thirdparty->id > 0) { if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); $morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
} }
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

4
htdocs/projet/info.php
View File

@@ -128,13 +128,13 @@ $morehtmlref = '<div class="refidno">';
// Title // Title
$morehtmlref .= $object->title; $morehtmlref .= $object->title;
// Thirdparty // Thirdparty
if ($object->thirdparty->id > 0) { if (!empty($object->thirdparty->id) && $object->thirdparty->id > 0) {
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project'); $morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'project');
} }
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

4
htdocs/projet/list.php
View File

@@ -357,7 +357,7 @@ $title = $langs->trans("Projects");
// Get list of project id allowed to user (in a string list separated by comma) // Get list of project id allowed to user (in a string list separated by comma)
$projectsListId = ''; $projectsListId = '';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $socid); $projectsListId = $object->getProjectsAuthorizedForUser($user, 0, 1, $socid);
} }
@@ -421,7 +421,7 @@ $sql .= " WHERE p.entity IN (".getEntity('project').')';
if (!empty($conf->categorie->enabled)) { if (!empty($conf->categorie->enabled)) {
$sql .= Categorie::getFilterSelectQuery(Categorie::TYPE_PROJECT, "p.rowid", $search_category_array); $sql .= Categorie::getFilterSelectQuery(Categorie::TYPE_PROJECT, "p.rowid", $search_category_array);
} }
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
} }
// No need to check if company is external user, as filtering of projects must be done by getProjectsAuthorizedForUser // No need to check if company is external user, as filtering of projects must be done by getProjectsAuthorizedForUser

2
htdocs/projet/note.php
View File

@@ -106,7 +106,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/projet/tasks/comment.php
View File

@@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/projet/tasks/contact.php
View File

@@ -196,7 +196,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/projet/tasks/document.php
View File

@@ -151,7 +151,7 @@ if ($object->id > 0) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

4
htdocs/projet/tasks/list.php
View File

@@ -273,7 +273,7 @@ if ($id) {
} }
// Get list of project id allowed to user (in a string list separated by coma) // Get list of project id allowed to user (in a string list separated by coma)
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid);
} }
//var_dump($projectsListId); //var_dump($projectsListId);
@@ -357,7 +357,7 @@ if ($search_task_user > 0) {
} }
$sql .= " WHERE t.fk_projet = p.rowid"; $sql .= " WHERE t.fk_projet = p.rowid";
$sql .= " AND p.entity IN (".getEntity('project').')'; $sql .= " AND p.entity IN (".getEntity('project').')';
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$sql .= " AND p.rowid IN (".$db->sanitize($projectsListId ? $projectsListId : '0').")"; // public and assigned to projects, or restricted to company for external users $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId ? $projectsListId : '0').")"; // public and assigned to projects, or restricted to company for external users
} }
if (is_object($projectstatic) && $projectstatic->id > 0) { if (is_object($projectstatic) && $projectstatic->id > 0) {

2
htdocs/projet/tasks/note.php
View File

@@ -142,7 +142,7 @@ if ($object->id > 0) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/projet/tasks/task.php
View File

@@ -235,7 +235,7 @@ if ($id > 0 || !empty($ref)) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 0);
$projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")"; $projectstatic->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ?join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/ticket/card.php
View File

@@ -859,7 +859,7 @@ if ($action == 'create' || $action == 'presend') {
// Ref // Ref
print '<tr><td width="30%">'.$langs->trans('Ref').'</td><td colspan="3">'; print '<tr><td width="30%">'.$langs->trans('Ref').'</td><td colspan="3">';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $projectstat->getProjectsAuthorizedForUser($user, $mine, 0); $objectsListId = $projectstat->getProjectsAuthorizedForUser($user, $mine, 0);
$projectstat->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; $projectstat->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
} }

2
htdocs/ticket/list.php
View File

@@ -566,7 +566,7 @@ if ($projectid > 0 || $project_ref) {
$morehtmlref .= '</div>'; $morehtmlref .= '</div>';
// Define a complementary filter for search of next/prev ref. // Define a complementary filter for search of next/prev ref.
if (!$user->rights->projet->all->lire) { if (empty($user->rights->projet->all->lire)) {
$objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0); $objectsListId = $object->getProjectsAuthorizedForUser($user, 0, 0);
$object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")"; $object->next_prev_filter = " rowid IN (".$db->sanitize(count($objectsListId) ? join(',', array_keys($objectsListId)) : '0').")";
} }