Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #yogosha21569

Browse Source
This commit is contained in:
Laurent Destailleur 2024-04-09 18:49:48 +02:00
parent ebe8f25193
commit 082195b249
2 changed files with 76 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
htdocs/accountancy/bookkeeping/card.php
View File

@ -90,6 +90,8 @@ if (!$user->hasRight('accounting', 'mouvements', 'lire')) {
accessforbidden();
}
$permissiontoadd = $user->hasRight('accounting', 'mouvements', 'creer');
/*
* Actions
@ -106,7 +108,7 @@ if (empty($reshook)) {
exit;
}
if ($action == "confirm_update") {
if ($action == "confirm_update" && $permissiontoadd) {
$error = 0;
if (((float) $debit != 0.0) && ((float) $credit != 0.0)) {
@ -162,7 +164,7 @@ if (empty($reshook)) {
}
}
}
} elseif ($action == "add") {
} elseif ($action == "add" && $permissiontoadd) {
$error = 0;
if (((float) $debit != 0.0) && ((float) $credit != 0.0)) {
@ -221,7 +223,7 @@ if (empty($reshook)) {
$action = '';
}
}
} elseif ($action == "confirm_delete") {
} elseif ($action == "confirm_delete" && $permissiontoadd) {
$object = new BookKeeping($db);
$result = $object->fetch($id, null, $mode);
@ -238,7 +240,7 @@ if (empty($reshook)) {
}
}
$action = '';
} elseif ($action == "confirm_create") {
} elseif ($action == "confirm_create" && $permissiontoadd) {
$error = 0;
$object = new BookKeeping($db);
@ -287,7 +289,7 @@ if (empty($reshook)) {
}
}
if ($action == 'setdate') {
if ($action == 'setdate' && $permissiontoadd) {
$datedoc = dol_mktime(0, 0, 0, GETPOSTINT('doc_datemonth'), GETPOSTINT('doc_dateday'), GETPOSTINT('doc_dateyear'));
$result = $object->updateByMvt($piece_num, 'doc_date', $db->idate($datedoc), $mode);
if ($result < 0) {
@ -300,7 +302,7 @@ if (empty($reshook)) {
}
}
if ($action == 'setjournal') {
if ($action == 'setjournal' && $permissiontoadd) {
$result = $object->updateByMvt($piece_num, 'code_journal', $journal_code, $mode);
$result = $object->updateByMvt($piece_num, 'journal_label', $journal_label, $mode);
if ($result < 0) {
@ -313,7 +315,7 @@ if (empty($reshook)) {
}
}
if ($action == 'setdocref') {
if ($action == 'setdocref' && $permissiontoadd) {
$refdoc = GETPOST('doc_ref', 'alpha');
$result = $object->updateByMvt($piece_num, 'doc_ref', $refdoc, $mode);
if ($result < 0) {
@ -327,7 +329,7 @@ if (empty($reshook)) {
}
// Validate transaction
if ($action == 'valid') {
if ($action == 'valid' && $permissiontoadd) {
$result = $object->transformTransaction(0, $piece_num);
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
@ -338,9 +340,12 @@ if (empty($reshook)) {
}
}
/*
* View
*/
$form = new Form($db);
$formaccounting = new FormAccounting($db);
@ -460,12 +465,16 @@ if ($action == 'create') {
print $langs->trans('Docdate');
print '</td>';
if ($action != 'editdate') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdate&token='.newToken().'&piece_num='.urlencode((string) ($object->piece_num)).'&mode='.urlencode((string) ($mode)).'">'.img_edit($langs->transnoentitiesnoconv('SetDate'), 1).'</a></td>';
print '<td class="right">';
if ($permissiontoadd) {
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdate&token='.newToken().'&piece_num='.urlencode((string) $object->piece_num).'&mode='.urlencode((string) $mode).'">'.img_edit($langs->transnoentitiesnoconv('SetDate'), 1).'</a>';
}
print '</td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
if ($action == 'editdate') {
print '<form name="setdate" action="'.$_SERVER["PHP_SELF"].'?piece_num='.$object->piece_num.'" method="post">';
print '<form name="setdate" action="'.$_SERVER["PHP_SELF"].'?piece_num='.urlencode($object->piece_num).'" method="POST">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
@ -487,12 +496,16 @@ if ($action == 'create') {
print $langs->trans('Codejournal');
print '</td>';
if ($action != 'editjournal') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editjournal&token='.newToken().'&piece_num='.urlencode((string) ($object->piece_num)).'&mode='.urlencode((string) ($mode)).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
print '<td class="right">';
if ($permissiontoadd) {
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editjournal&token='.newToken().'&piece_num='.urlencode((string) $object->piece_num).'&mode='.urlencode((string) $mode).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a>';
}
print '</td>';
}
print '</tr></table>';
print '</td><td>';
if ($action == 'editjournal') {
print '<form name="setjournal" action="'.$_SERVER["PHP_SELF"].'?piece_num='.$object->piece_num.'" method="post">';
print '<form name="setjournal" action="'.$_SERVER["PHP_SELF"].'?piece_num='.urlencode($object->piece_num).'" method="POST">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
@ -514,12 +527,16 @@ if ($action == 'create') {
print $langs->trans('Piece');
print '</td>';
if ($action != 'editdocref') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdocref&token='.newToken().'&piece_num='.urlencode((string) ($object->piece_num)).'&mode='.urlencode((string) ($mode)).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
print '<td class="right">';
if ($permissiontoadd) {
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdocref&token='.newToken().'&piece_num='.urlencode((string) $object->piece_num).'&mode='.urlencode((string) $mode).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a>';
}
print '</td>';
}
print '</tr></table>';
print '</td><td>';
if ($action == 'editdocref') {
print '<form name="setdocref" action="'.$_SERVER["PHP_SELF"].'?piece_num='.$object->piece_num.'" method="post">';
print '<form name="setdocref" action="'.$_SERVER["PHP_SELF"].'?piece_num='.urlencode($object->piece_num).'" method="POST">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
@ -692,20 +709,20 @@ if ($action == 'create') {
}
foreach ($object->linesmvt as $line) {
print '<tr class="oddeven" data-lineid="'.((int) $line->id).'">';
$total_debit += $line->debit;
$total_credit += $line->credit;
if ($action == 'update' && $line->id == $id) {
print '<tr class="oddeven" data-lineid="'.((int) $line->id).'">';
print '<!-- td columns in edit mode -->';
print '<td>';
print $formaccounting->select_account((GETPOSTISSET("accountingaccount_number") ? GETPOST("accountingaccount_number", "alpha") : $line->numero_compte), 'accountingaccount_number', 1, array(), 1, 1, 'minwidth200 maxwidth500');
print '</td>';
print '<td>';
// TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because:
// It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases.
// Also, it is not possible to use a value that is not in the list.
// Also, the label is not automatically filled when a value is selected.
// - It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases.
// - Also, it is not possible to use a value that is not in the list.
// - Also, the label is not automatically filled when a value is selected.
if (getDolGlobalString('ACCOUNTANCY_COMBO_FOR_AUX')) {
print $formaccounting->select_auxaccount((GETPOSTISSET("subledger_account") ? GETPOST("subledger_account", "alpha") : $line->subledger_account), 'subledger_account', 1, 'maxwidth250', '', 'subledger_label');
} else {
@ -715,14 +732,16 @@ if ($action == 'create') {
print '<br><input type="text" class="maxwidth150" name="subledger_label" value="'.(GETPOSTISSET("subledger_label") ? GETPOST("subledger_label", "alpha") : $line->subledger_label).'" placeholder="'.dol_escape_htmltag($langs->trans("SubledgerAccountLabel")).'">';
print '</td>';
print '<td><input type="text" class="minwidth200" name="label_operation" value="'.(GETPOSTISSET("label_operation") ? GETPOST("label_operation", "alpha") : $line->label_operation).'"></td>';
print '<td class="right"><input type="text" size="6" class="right" name="debit" value="'.(GETPOSTISSET("debit") ? GETPOST("debit", "alpha") : price($line->debit)).'"></td>';
print '<td class="right"><input type="text" size="6" class="right" name="credit" value="'.(GETPOSTISSET("credit") ? GETPOST("credit", "alpha") : price($line->credit)).'"></td>';
print '<td class="right"><input type="text" class="right width50" name="debit" value="'.(GETPOSTISSET("debit") ? GETPOST("debit", "alpha") : price($line->debit)).'"></td>';
print '<td class="right"><input type="text" class="right width50" name="credit" value="'.(GETPOSTISSET("credit") ? GETPOST("credit", "alpha") : price($line->credit)).'"></td>';
print '<td>';
print '<input type="hidden" name="id" value="'.$line->id.'">'."\n";
print '<input type="submit" class="button" name="update" value="'.$langs->trans("Update").'">';
print '</td>';
print "</tr>\n";
} elseif (empty($line->numero_compte) || (empty($line->debit) && empty($line->credit))) {
if ($action == "" || $action == 'add') {
if (($action == "" || $action == 'add') && $permissiontoadd) {
print '<tr class="oddeven" data-lineid="'.((int) $line->id).'">';
print '<!-- td columns in add mode -->';
print '<td>';
print $formaccounting->select_account('', 'accountingaccount_number', 1, array(), 1, 1, 'minwidth200 maxwidth500');
@ -739,24 +758,26 @@ if ($action == 'create') {
}
print '<br><input type="text" class="maxwidth150" name="subledger_label" value="" placeholder="' . dol_escape_htmltag($langs->trans("SubledgerAccountLabel")) . '">';
print '</td>';
print '<td><input type="text" class="minwidth200" name="label_operation" value="' . $label_operation . '"/></td>';
print '<td class="right"><input type="text" size="6" class="right" name="debit" value=""/></td>';
print '<td class="right"><input type="text" size="6" class="right" name="credit" value=""/></td>';
print '<td><input type="text" class="minwidth200" name="label_operation" value="' . dol_escape_htmltag($label_operation) . '"/></td>';
print '<td class="right"><input type="text" class="right width50" name="debit" value=""/></td>';
print '<td class="right"><input type="text" class="right width50" name="credit" value=""/></td>';
print '<td class="center"><input type="submit" class="button small" name="save" value="' . $langs->trans("Add") . '"></td>';
print "</tr>\n";
}
} else {
print '<tr class="oddeven" data-lineid="'.((int) $line->id).'">';
print '<!-- td columns in display mode -->';
$resultfetch = $accountingaccount->fetch(null, $line->numero_compte, true);
print '<td>';
if ($resultfetch > 0) {
print $accountingaccount->getNomUrl(0, 1, 1, '', 0);
} else {
print $line->numero_compte.' <span class="warning">('.$langs->trans("AccountRemovedFromCurrentChartOfAccount").')</span>';
print dol_escape_htmltag($line->numero_compte).' <span class="warning">('.$langs->trans("AccountRemovedFromCurrentChartOfAccount").')</span>';
}
print '</td>';
print '<td>'.length_accounta($line->subledger_account);
if ($line->subledger_label) {
print ' - <span class="opacitymedium">'.$line->subledger_label.'</span>';
print ' - <span class="opacitymedium">'.dol_escape_htmltag($line->subledger_label).'</span>';
}
print '</td>';
print '<td>'.$line->label_operation.'</td>';
@ -764,34 +785,35 @@ if ($action == 'create') {
print '<td class="right nowraponall amount">'.($line->credit != 0 ? price($line->credit) : '').'</td>';
print '<td class="center nowraponall">';
if (empty($line->date_export) && empty($line->date_validation)) {
print '<a class="editfielda reposition" href="' . $_SERVER["PHP_SELF"] . '?action=update&id=' . $line->id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode($mode) . '&token=' . urlencode(newToken()) . '">';
print img_edit('', 0, 'class="marginrightonly"');
print '</a> &nbsp;';
} else {
print '<a class="editfielda nohover cursornotallowed reposition disabled" href="#" title="'.dol_escape_htmltag($langs->trans("ForbiddenTransactionAlreadyExported")).'">';
print img_edit($langs->trans("ForbiddenTransactionAlreadyExported"), 0, 'class="marginrightonly"');
print '</a> &nbsp;';
}
if (empty($line->date_validation)) {
$actiontodelete = 'delete';
if ($mode == '_tmp' || $action != 'delmouv') {
$actiontodelete = 'confirm_delete';
if ($permissiontoadd) {
if (empty($line->date_export) && empty($line->date_validation)) {
print '<a class="editfielda reposition" href="' . $_SERVER["PHP_SELF"] . '?action=update&id=' . $line->id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode((string) $mode) . '&token=' . urlencode(newToken()) . '">';
print img_edit('', 0, 'class="marginrightonly"');
print '</a> &nbsp;';
} else {
print '<a class="editfielda nohover cursornotallowed reposition disabled" href="#" title="'.dol_escape_htmltag($langs->trans("ForbiddenTransactionAlreadyExported")).'">';
print img_edit($langs->trans("ForbiddenTransactionAlreadyExported"), 0, 'class="marginrightonly"');
print '</a> &nbsp;';
}
print '<a href="' . $_SERVER["PHP_SELF"] . '?action=' . $actiontodelete . '&id=' . $line->id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode($mode) . '&token=' . urlencode(newToken()) . '">';
print img_delete();
print '</a>';
} else {
print '<a class="editfielda nohover cursornotallowed disabled" href="#" title="'.dol_escape_htmltag($langs->trans("ForbiddenTransactionAlreadyExported")).'">';
print img_delete($langs->trans("ForbiddenTransactionAlreadyValidated"));
print '</a>';
}
if (empty($line->date_validation)) {
$actiontodelete = 'delete';
if ($mode == '_tmp' || $action != 'delmouv') {
$actiontodelete = 'confirm_delete';
}
print '<a href="' . $_SERVER["PHP_SELF"] . '?action=' . $actiontodelete . '&id=' . $line->id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode((string) $mode) . '&token=' . urlencode(newToken()) . '">';
print img_delete();
print '</a>';
} else {
print '<a class="editfielda nohover cursornotallowed disabled" href="#" title="'.dol_escape_htmltag($langs->trans("ForbiddenTransactionAlreadyExported")).'">';
print img_delete($langs->trans("ForbiddenTransactionAlreadyValidated"));
print '</a>';
}
}
print '</td>';
print "</tr>\n";
}
print "</tr>\n";
}
$total_debit = price2num($total_debit, 'MT');
@ -804,7 +826,7 @@ if ($action == 'create') {
print '</table>';
print '</div>';
if ($mode == '_tmp' && $action == '') {
if ($mode == '_tmp' && $action == '' && $permissiontoadd) {
print '<br>';
print '<div class="center">';
if ($total_debit == $total_credit) {

8
htdocs/accountancy/class/bookkeeping.class.php
View File

@ -1422,7 +1422,7 @@ class BookKeeping extends CommonObject
$this->piece_num = (int) $this->piece_num;
}
$result = $this->canModifyBookkeeping($this->id);
$result = $this->canModifyBookkeeping($this->id, $mode);
if ($result < 0) {
return -1;
} elseif ($result == 0) {
@ -2397,13 +2397,13 @@ class BookKeeping extends CommonObject
$bookkeeping = new BookKeeping($this->db);
$result = $bookkeeping->fetch($id, null, $mode);
if ($result <= 0) {
return $result;
}
if (!empty($conf->cache['active_fiscal_period_cached']) && is_array($conf->cache['active_fiscal_period_cached'])) {
foreach ($conf->cache['active_fiscal_period_cached'] as $fiscal_period) {
if ($fiscal_period['date_start'] <= $bookkeeping->doc_date && $bookkeeping->doc_date <= $fiscal_period['date_end']) {
if (!empty($fiscal_period['date_start']) && $fiscal_period['date_start'] <= $bookkeeping->doc_date && (empty($fiscal_period['date_end']) || $bookkeeping->doc_date <= $fiscal_period['date_end'])) {
return 1;
}
}
@ -2447,7 +2447,7 @@ class BookKeeping extends CommonObject
if (!empty($conf->cache['active_fiscal_period_cached']) && is_array($conf->cache['active_fiscal_period_cached'])) {
foreach ($conf->cache['active_fiscal_period_cached'] as $fiscal_period) {
if ($fiscal_period['date_start'] <= $date && $date <= $fiscal_period['date_end']) {
if (!empty($fiscal_period['date_start']) && $fiscal_period['date_start'] <= $date && (empty($fiscal_period['date_end']) || $date <= $fiscal_period['date_end'])) {
return 1;
}
}