diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php index 0028367cd3d..165c65d8cc6 100644 --- a/htdocs/holiday/card.php +++ b/htdocs/holiday/card.php @@ -64,6 +64,7 @@ if (! empty($user->rights->holiday->delete)) $candelete=1; $morefilter = 'AND employee = 1'; if (! empty($conf->global->HOLIDAY_FOR_NON_SALARIES_TOO)) $morefilter = ''; +$error = 0; /* * Actions @@ -431,7 +432,7 @@ if ($action == 'confirm_send') } -// Si Validation de la demande +// Approve leave request if ($action == 'confirm_valid') { $object = new Holiday($db); @@ -446,25 +447,36 @@ if ($action == 'confirm_valid') $object->fk_user_valid = $user->id; $object->statut = Holiday::STATUS_APPROVED; + $db->begin(); + $verif = $object->approve($user); + if ($verif <= 0) + { + setEventMessages($object->error, $object->errors, 'errors'); + $error++; + } // Si pas d'erreur SQL on redirige vers la fiche de la demande - if ($verif > 0) + if (! $error) { // Calculcate number of days consummed $nbopenedday=num_open_day($object->date_debut_gmt,$object->date_fin_gmt,0,1,$object->halfday); - $soldeActuel = $object->getCpforUser($object->fk_user, $object->fk_type); - $newSolde = $soldeActuel - ($nbopenedday * $object->getConfCP('nbHolidayDeducted')); + $newSolde = ($soldeActuel - $nbopenedday); // On ajoute la modification dans le LOG $result=$object->addLogCP($user->id, $object->fk_user, $langs->transnoentitiesnoconv("Holidays"), $newSolde, $object->fk_type); - if ($result<0) { + if ($result < 0) + { + $error++; setEventMessages(null, $object->errors,'errors'); } - // Mise à jour du solde + + //Update balance $result=$object->updateSoldeCP($object->fk_user, $newSolde, $object->fk_type); - if ($result<0) { + if ($result < 0) + { + $error++; setEventMessages(null, $object->errors,'errors'); } @@ -476,52 +488,55 @@ if ($action == 'confirm_valid') if (!$emailTo) { dol_syslog("User that request leave has no email, so we redirect directly to finished page without sending email"); - header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); - exit; - } - - // From - $expediteur = new User($db); - $expediteur->fetch($object->fk_validator); - $emailFrom = $expediteur->email; - - // Subject - $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM; - if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE; - - $subject = $societeName." - ".$langs->transnoentitiesnoconv("HolidaysValidated"); - - // Content - $message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n"; - $message.= "\n"; - $message.= $langs->transnoentities("HolidaysValidatedBody", dol_print_date($object->date_debut,'day'),dol_print_date($object->date_fin,'day'))."\n"; - - $message.= "- ".$langs->transnoentitiesnoconv("ValidatedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n"; - - $message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n"; - $message.= "\n"; - - $trackid='leav'.$object->id; - - $mail = new CMailFile($subject, $emailTo, $emailFrom, $message, array(), array(), array(), '', '', 0, 0, '', '', $trackid); - - // Envoi du mail - $result=$mail->sendfile(); - - if (!$result) - { - setEventMessages($mail->error, $mail->errors, 'warnings'); - $action=''; } else { - header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); - exit; + // From + $expediteur = new User($db); + $expediteur->fetch($object->fk_validator); + $emailFrom = $expediteur->email; + + // Subject + $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM; + if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE; + + $subject = $societeName." - ".$langs->transnoentitiesnoconv("HolidaysValidated"); + + // Content + $message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n"; + $message.= "\n"; + $message.= $langs->transnoentities("HolidaysValidatedBody", dol_print_date($object->date_debut,'day'),dol_print_date($object->date_fin,'day'))."\n"; + + $message.= "- ".$langs->transnoentitiesnoconv("ValidatedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n"; + + $message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n"; + $message.= "\n"; + + $trackid='leav'.$object->id; + + $mail = new CMailFile($subject, $emailTo, $emailFrom, $message, array(), array(), array(), '', '', 0, 0, '', '', $trackid); + + // Envoi du mail + $result=$mail->sendfile(); + + if (!$result) + { + setEventMessages($mail->error, $mail->errors, 'warnings'); // Show error, but do no make rollback, so $error is not set to 1 + $action=''; + } } } + + if (! $error) + { + $db->commit(); + + header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); + exit; + } else { - setEventMessages($object->error, $object->errors, 'errors'); + $db->rollback(); $action=''; } } @@ -542,10 +557,17 @@ if ($action == 'confirm_refuse' && GETPOST('confirm','alpha') == 'yes') $object->statut = Holiday::STATUS_REFUSED; $object->detail_refuse = GETPOST('detail_refuse','alphanohtml'); + $db->begin(); + $verif = $object->update($user); + if ($verif <= 0) + { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + } // Si pas d'erreur SQL on redirige vers la fiche de la demande - if ($verif > 0) + if (! $error) { // To $destinataire = new User($db); @@ -554,55 +576,63 @@ if ($action == 'confirm_refuse' && GETPOST('confirm','alpha') == 'yes') if (!$emailTo) { - header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); - exit; - } - - // From - $expediteur = new User($db); - $expediteur->fetch($object->fk_validator); - $emailFrom = $expediteur->email; - - // Subject - $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM; - if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE; - - $subject = $societeName." - ".$langs->transnoentitiesnoconv("HolidaysRefused"); - - // Content - $message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n"; - $message.= "\n"; - $message.= $langs->transnoentities("HolidaysRefusedBody", dol_print_date($object->date_debut,'day'), dol_print_date($object->date_fin,'day'))."\n"; - $message.= GETPOST('detail_refuse','alpha')."\n\n"; - - $message.= "- ".$langs->transnoentitiesnoconv("ModifiedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n"; - - $message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n"; - $message.= "\n"; - - $trackid='leav'.$object->id; - - $mail = new CMailFile($subject, $emailTo, $emailFrom, $message, array(), array(), array(), '', '', 0, 0, '', '', $trackid); - - // Envoi du mail - $result=$mail->sendfile(); - - if (!$result) - { - setEventMessages($mail->error, $mail->errors, 'warnings'); - $action=''; + dol_syslog("User that request leave has no email, so we redirect directly to finished page without sending email"); } else { - header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); - exit; + // From + $expediteur = new User($db); + $expediteur->fetch($object->fk_validator); + $emailFrom = $expediteur->email; + + // Subject + $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM; + if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE; + + $subject = $societeName." - ".$langs->transnoentitiesnoconv("HolidaysRefused"); + + // Content + $message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n"; + $message.= "\n"; + $message.= $langs->transnoentities("HolidaysRefusedBody", dol_print_date($object->date_debut,'day'), dol_print_date($object->date_fin,'day'))."\n"; + $message.= GETPOST('detail_refuse','alpha')."\n\n"; + + $message.= "- ".$langs->transnoentitiesnoconv("ModifiedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n"; + + $message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n"; + $message.= "\n"; + + $trackid='leav'.$object->id; + + $mail = new CMailFile($subject, $emailTo, $emailFrom, $message, array(), array(), array(), '', '', 0, 0, '', '', $trackid); + + // Envoi du mail + $result=$mail->sendfile(); + + if (! $result) + { + setEventMessages($mail->error, $mail->errors, 'warnings'); // Show error, but do no make rollback, so $error is not set to 1 + $action=''; + } } } else { - setEventMessages($object->error, $object->errors, 'errors'); $action=''; } + + if (! $error) + { + $db->commit(); + + header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); + exit; + } + else + { + $db->rollback(); + $action=''; + } } } else { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DetailRefusCP")), null, 'errors'); @@ -642,7 +672,7 @@ if ($action == 'confirm_draft' && GETPOST('confirm') == 'yes') } } -// Si Validation de la demande +// Si confirmation of cancellation if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes') { $error = 0; @@ -662,13 +692,13 @@ if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes') $result = $object->update($user); - if ($result >= 0 && $oldstatus == Holiday::STATUS_APPROVED) // holiday was already validated, status 3, so we must increase back sold + if ($result >= 0 && $oldstatus == Holiday::STATUS_APPROVED) // holiday was already validated, status 3, so we must increase back the balance { // Calculcate number of days consummed $nbopenedday=num_open_day($object->date_debut_gmt,$object->date_fin_gmt,0,1,$object->halfday); $soldeActuel = $object->getCpforUser($object->fk_user, $object->fk_type); - $newSolde = $soldeActuel + ($nbopenedday * $object->getConfCP('nbHolidayDeducted')); + $newSolde = ($soldeActuel + $nbopenedday); // On ajoute la modification dans le LOG $result1=$object->addLogCP($user->id, $object->fk_user, $langs->transnoentitiesnoconv("HolidaysCancelation"), $newSolde, $object->fk_type); diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index f5761876795..84156b75e32 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -697,7 +697,7 @@ class Holiday extends CommonObject } else { $error++; } - $sql.= " ref = '".$num."'"; + $sql.= " ref = '".$this->db->escape($num)."'"; $sql.= " WHERE rowid= ".$this->id; $this->db->begin(); @@ -1493,10 +1493,10 @@ class Holiday extends CommonObject else { // Mise à jour pour un utilisateur - $nbHoliday = price2num($nbHoliday,5); + $nbHoliday = price2num($nbHoliday, 5); $sql = "SELECT nb_holiday FROM ".MAIN_DB_PREFIX."holiday_users"; - $sql.= " WHERE fk_user = '".$userID."' AND fk_type = ".$fk_type; + $sql.= " WHERE fk_user = ".(int) $userID." AND fk_type = ".(int) $fk_type; $resql = $this->db->query($sql); if ($resql) { @@ -1507,7 +1507,7 @@ class Holiday extends CommonObject // Update for user $sql = "UPDATE ".MAIN_DB_PREFIX."holiday_users SET"; $sql.= " nb_holiday = ".$nbHoliday; - $sql.= " WHERE fk_user = '".$userID."' AND fk_type = ".$fk_type; + $sql.= " WHERE fk_user = ".(int) $userID." AND fk_type = ".(int) $fk_type; $result = $this->db->query($sql); if (! $result) { @@ -1520,7 +1520,7 @@ class Holiday extends CommonObject // Insert for user $sql = "INSERT INTO ".MAIN_DB_PREFIX."holiday_users(nb_holiday, fk_user, fk_type) VALUES ("; $sql.= $nbHoliday; - $sql.= ", '".$userID."', ".$fk_type.")"; + $sql.= ", ".(int) $userID.", ".(int) $fk_type.")"; $result = $this->db->query($sql); if (! $result) {