Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: List "All xxx" not enough restricted

Browse Source
This commit is contained in:
Laurent Destailleur 2008-03-12 21:26:53 +00:00
parent ae3f962bb5
commit 0c675e0c16
6 changed files with 31 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
htdocs/comm/propal.php
View File

@ -49,6 +49,7 @@ $sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
if (isset($_GET["msg"])) { $mesg=urldecode($_GET["mesg"]); }
$year=isset($_GET["year"])?$_GET["year"]:"";
$month=isset($_GET["month"])?$_GET["month"]:"";
$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid'];
// Security check
$module='propale';

1
htdocs/commande/liste.php
View File

@ -39,6 +39,7 @@ $sref=isset($_GET['sref'])?$_GET['sref']:$_POST['sref'];
$sref_client=isset($_GET['sref_client'])?$_GET['sref_client']:(isset($_POST['sref_client'])?$_POST['sref_client']:'');
$snom=isset($_GET['snom'])?$_GET['snom']:$_POST['snom'];
$sall=isset($_GET['sall'])?$_GET['sall']:$_POST['sall'];
$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid'];
// Security check
$orderid = isset($_GET["orderid"])?$_GET["orderid"]:'';

18
htdocs/compta/facture.php
View File

@ -52,20 +52,12 @@ $langs->load('main');
$sall=isset($_GET['sall'])?trim($_GET['sall']):trim($_POST['sall']);
$mesg=isset($_GET['mesg'])?urldecode($_GET['mesg']):'';
$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid'];
$projetid=isset($_GET['projetid'])?$_GET['projetid']:0;
// Sécurité accès client
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
// Récupération de l'id de projet
$projetid = 0;
if ($_GET["projetid"])
{
$projetid = $_GET["projetid"];
}
// Security check
$facid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'facture', $facid,'');
// Nombre de ligne pour choix de produit/service prédéfinis
$NBLINES=4;

2
htdocs/contrat/liste.php
View File

@ -42,7 +42,7 @@ $search_nom=isset($_GET["search_nom"])?$_GET["search_nom"]:$_POST["search_nom"];
$search_contract=isset($_GET["search_contract"])?$_GET["search_contract"]:$_POST["search_contract"];
$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
$statut=isset($_GET["statut"])?$_GET["statut"]:1;
$socid=$_GET["socid"];
$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid'];
if (! $sortfield) $sortfield="c.rowid";
if (! $sortorder) $sortorder="DESC";

20
htdocs/main.inc.php
View File

@ -29,7 +29,7 @@
*/
// Pour le tuning optionnel. Activer si la variable d'environnement DOL_TUNING est positionnee.
// A appeler avant tout. Fait l'equivalent de la fonction dol_microtime_float
// A appeler avant tout. Fait l'equivalent de la fonction dol_microtime_float pas encore chargee.
$micro_start_time=0;
if (! empty($_SERVER['DOL_TUNING']))
{
@ -87,8 +87,26 @@ foreach ($_POST as $key => $val)
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// Test if install ok
if (! @include_once("conf/conf.php"))
{
Header("Location: install/index.php");
exit;
}
else
{
if (! isset($dolibarr_main_db_host))
{
Header("Location: install/index.php");
exit;
}
}
require_once("master.inc.php");
// Chargement des includes complementaire de presentation
if (! defined('NOREQUIREMENU')) require_once(DOL_DOCUMENT_ROOT ."/menu.class.php"); // Need 11ko memory
if (! defined('NOREQUIREHTML')) require_once(DOL_DOCUMENT_ROOT ."/html.form.class.php"); // Need 800ko memory

16
htdocs/master.inc.php
View File

@ -1,7 +1,7 @@
<?PHP
/* Copyright (C) 2002-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2003 Xavier Dutoit <doli@sydesy.com>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2007 Regis Houssin <regis@dolibarr.fr>
@ -60,18 +60,10 @@ else
error_reporting(E_ALL ^ E_NOTICE);
// Test si install ok
if (! @include_once("conf/conf.php"))
if (! isset($dolibarr_main_db_host))
{
Header("Location: install/index.php");
exit;
}
else
{
if (! isset($dolibarr_main_db_host))
{
Header("Location: install/index.php");
exit;
}
print "Error: Dolibarr setup is not complete.\n";
exit;
}
if (empty($dolibarr_main_db_type)) $dolibarr_main_db_type='mysql'; // Pour compatibilite avec anciennes configs, si non defini, on prend 'mysql'