Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: use entity field of object

Browse Source
This commit is contained in:
Regis Houssin 2012-02-01 11:32:55 +01:00
parent a9abc1bad4
commit 4431510ce4
76 changed files with 269 additions and 265 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/asterisk/cidlookup.php
View File

@ -42,7 +42,7 @@ if (empty($phone))
$sql = "SELECT nom FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON sp.fk_soc = s.rowid";
$sql.= " WHERE s.entity=".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity(societe, 1).")";
$sql.= " AND (s.tel='".$db->escape($phone)."'";
$sql.= " OR sp.phone='".$db->escape($phone)."'";
$sql.= " OR sp.phone_perso='".$db->escape($phone)."'";

4
htdocs/comm/action/class/actioncomm.class.php
View File

@ -528,7 +528,7 @@ class ActionComm extends CommonObject
$sql.= " FROM (".MAIN_DB_PREFIX."actioncomm as a";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " WHERE a.percent >= 0 AND a.percent < 100";
$sql.= " AND a.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
@ -800,7 +800,7 @@ class ActionComm extends CommonObject
$sql.= " c.id as type_id, c.code as type_code, c.libelle";
$sql.= " FROM (".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."actioncomm as a)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u on u.rowid = a.fk_user_author";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on s.rowid = a.fk_soc AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on s.rowid = a.fk_soc";
$sql.= " WHERE a.fk_action=c.id";
$sql.= " AND a.entity = ".$conf->entity;
foreach ($filters as $key => $value)

2
htdocs/comm/action/listactions.php
View File

@ -156,7 +156,7 @@ $sql.= " FROM (".MAIN_DB_PREFIX."c_actioncomm as c,";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
$sql.= " ".MAIN_DB_PREFIX.'user as u,';
$sql.= " ".MAIN_DB_PREFIX."actioncomm as a)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ua ON a.fk_user_author = ua.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ut ON a.fk_user_action = ut.rowid";

7
htdocs/comm/index.php
View File

@ -285,7 +285,7 @@ if ($conf->societe->enabled && $user->rights->societe->lire)
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client IN (1, 2, 3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity(societe, 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = $socid";
$sql .= " ORDER BY s.tms DESC";
@ -345,7 +345,7 @@ if ($conf->fournisseur->enabled && $user->rights->societe->lire)
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity(societe, 1).")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY s.datec DESC";
@ -420,8 +420,7 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire && 0) // TODO A REFA
$sql.= ", ".MAIN_DB_PREFIX."product as p";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
//$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.fk_product = p.rowid";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;

2
htdocs/comm/propal.php
View File

@ -1808,7 +1808,7 @@ else
if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'propaldet as pd ON p.rowid=pd.fk_propal';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON p.fk_user_author = u.rowid';
$sql.= ' WHERE p.fk_soc = s.rowid';
$sql.= ' AND s.entity = '.$conf->entity;
$sql.= ' AND p.entity = '.$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) //restriction
{

2
htdocs/comm/propal/class/propalestats.class.php
View File

@ -67,7 +67,7 @@ class PropaleStats extends Stats
$this->field='total_ht';
$this->where.= " fk_statut > 0";
$this->where.= " AND p.fk_soc = s.rowid AND s.entity = ".$conf->entity;
$this->where.= " AND p.fk_soc = s.rowid AND p.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $this->where .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if($this->socid)
{

14
htdocs/comm/propal/index.php
View File

@ -79,16 +79,16 @@ print "</form></table><br>\n";
* Statistics
*/
$sql = "SELECT count(cf.rowid), cf.fk_statut";
$sql = "SELECT count(p.rowid), p.fk_statut";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."propal as cf";
$sql.= ", ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE cf.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND cf.fk_soc = '.$user->societe_id;
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND p.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND p.fk_soc = '.$user->societe_id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " AND cf.fk_statut in (0,1,2,3,4)";
$sql.= " GROUP BY cf.fk_statut";
$sql.= " AND p.fk_statut IN (0,1,2,3,4)";
$sql.= " GROUP BY p.fk_statut";
$resql = $db->query($sql);
if ($resql)
{

4
htdocs/comm/prospect/class/prospect.class.php
View File

@ -69,8 +69,8 @@ class Prospect extends Societe
$sql.= " WHERE sc.fk_user = " .$user->id;
$clause = "AND";
}
$sql.= " ".$clause." s.client in (1,2,3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " ".$clause." s.client IN (1,2,3)";
$sql.= " AND s.entity IN (".getEntity(societe, 1).")";
$sql.= " GROUP BY s.client";
$resql=$this->db->query($sql);

4
htdocs/comm/prospect/index.php
View File

@ -75,7 +75,7 @@ $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st ";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND s.client IN (2, 3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity(societe, 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " GROUP BY st.id";
$sql.= " ORDER BY st.id";
@ -241,7 +241,7 @@ $sql = "SELECT s.nom as name, s.rowid as socid, s.client, s.canvas";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity(societe, 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " ORDER BY s.tms ASC";
$sql.= $db->plimit(15, 0);

2
htdocs/commande/class/commandestats.class.php
View File

@ -76,7 +76,7 @@ class CommandeStats extends Stats
$this->field='total_ht';
$this->where.= " c.fk_statut > 0";
}
$this->where.= " AND c.fk_soc = s.rowid AND s.entity = ".$conf->entity;
$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$this->socid) $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if($this->socid)

12
htdocs/commande/index.php
View File

@ -78,15 +78,15 @@ print "</form></table><br>\n";
* Statistics
*/
$sql = "SELECT count(cf.rowid), cf.fk_statut, cf.facture";
$sql = "SELECT count(cf.rowid), c.fk_statut, c.facture";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."commande as cf";
$sql.= ", ".MAIN_DB_PREFIX."commande as c";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE cf.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND cf.fk_soc = '.$user->societe_id;
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND c.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " GROUP BY cf.fk_statut, cf.facture";
$sql.= " GROUP BY c.fk_statut, c.facture";
$resql = $db->query($sql);
if ($resql)
{

2
htdocs/commande/liste.php
View File

@ -81,7 +81,7 @@ $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql.= ', '.MAIN_DB_PREFIX.'commande as c';
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ' WHERE c.fk_soc = s.rowid';
$sql.= ' AND s.entity = '.$conf->entity;
$sql.= ' AND c.entity = '.$conf->entity;
if ($socid) $sql.= ' AND s.rowid = '.$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($sref)

26
htdocs/compta/charges/index.php
View File

@ -87,30 +87,30 @@ if ($_GET["mode"] == 'sconly')
print '<table class="noborder" width="100%">';
print "<tr class=\"liste_titre\">";
print_liste_field_titre($langs->trans("PeriodEndDate"),$_SERVER["PHP_SELF"],"s.date_ech","",$param,'width="120"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("PeriodEndDate"),$_SERVER["PHP_SELF"],"cs.date_ech","",$param,'width="120"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Label"),$_SERVER["PHP_SELF"],"c.libelle","",$param,'',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Type"),$_SERVER["PHP_SELF"],"s.fk_type","",$param,'',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("ExpectedToPay"),$_SERVER["PHP_SELF"],"s.amount","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("RefPayment"),$_SERVER["PHP_SELF"],"pid","",$param,'',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DatePayment"),$_SERVER["PHP_SELF"],"datep","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Type"),$_SERVER["PHP_SELF"],"cs.fk_type","",$param,'',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("ExpectedToPay"),$_SERVER["PHP_SELF"],"cs.amount","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("RefPayment"),$_SERVER["PHP_SELF"],"pc.rowid","",$param,'',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DatePayment"),$_SERVER["PHP_SELF"],"pc.datep","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("PayedByThisPayment"),$_SERVER["PHP_SELF"],"pc.amount","",$param,'align="right"',$sortfield,$sortorder);
print "</tr>\n";
$sql = "SELECT c.id, c.libelle as lib,";
$sql.= " s.rowid, s.libelle, s.fk_type as type, s.periode, s.date_ech, s.amount as total,";
$sql.= " cs.rowid, cs.libelle, cs.fk_type as type, cs.periode, cs.date_ech, cs.amount as total,";
$sql.= " pc.rowid as pid, pc.datep, pc.amount as totalpaye";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c,";
$sql.= " ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementcharge as pc ON pc.fk_charge = s.rowid";
$sql.= " WHERE s.fk_type = c.id";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementcharge as pc ON pc.fk_charge = cs.rowid";
$sql.= " WHERE cs.fk_type = c.id";
$sql.= " AND cs.entity = ".$conf->entity;
if ($year > 0)
{
$sql .= " AND (";
// Si period renseignee on l'utilise comme critere de date, sinon on prend date echeance,
// ceci afin d'etre compatible avec les cas ou la periode n'etait pas obligatoire
$sql .= " (s.periode is not null and s.periode between '".$db->idate(dol_get_first_day($year))."' AND '".$db->idate(dol_get_last_day($year))."')";
$sql .= "or (s.periode is null and s.date_ech between '".$db->idate(dol_get_first_day($year))."' AND '".$db->idate(dol_get_last_day($year))."')";
$sql .= " (cs.periode IS NOT NULL AND cs.periode between '".$db->idate(dol_get_first_day($year))."' AND '".$db->idate(dol_get_last_day($year))."')";
$sql .= "OR (cs.periode IS NULL AND cs.date_ech between '".$db->idate(dol_get_first_day($year))."' AND '".$db->idate(dol_get_last_day($year))."')";
$sql .= ")";
}
$sql.= $db->order($sortfield,$sortorder);
@ -145,7 +145,7 @@ if ($resql)
print $socialcontrib->getNomUrl(1,'20');
print '</td>';
// Type
print '<td><a href="../sociales/index.php?filtre=s.fk_type:'.$obj->type.'">'.$obj->lib.'</a></td>';
print '<td><a href="../sociales/index.php?filtre=cs.fk_type:'.$obj->type.'">'.$obj->lib.'</a></td>';
// Expected to pay
print '<td align="right">'.price($obj->total).'</td>';
// Ref payment

16
htdocs/compta/clients.php
View File

@ -80,8 +80,8 @@ if ($action == 'note')
if ($mode == 'search') {
if ($modesearch == 'soc') {
$sql = "SELECT s.rowid FROM ".MAIN_DB_PREFIX."societe as s ";
$sql.= " WHERE lower(s.nom) like '%".$db->escape(strtolower($socname))."%'";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " WHERE lower(s.nom) LIKE '%".$db->escape(strtolower($socname))."%'";
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
}
$resql=$db->query($sql);
@ -106,7 +106,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= ", sc.fk_soc, sc.fk
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id AND s.client in (1, 3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (dol_strlen($stcomm))
{
@ -114,25 +114,25 @@ if (dol_strlen($stcomm))
}
if ($socname)
{
$sql.= " AND s.nom like '%".$db->escape(strtolower($socname))."%'";
$sql.= " AND s.nom LIKE '%".$db->escape(strtolower($socname))."%'";
$sortfield = "s.nom";
$sortorder = "ASC";
}
if ($_GET["search_nom"])
{
$sql.= " AND s.nom like '%".$db->escape(strtolower($_GET["search_nom"]))."%'";
$sql.= " AND s.nom LIKE '%".$db->escape(strtolower($_GET["search_nom"]))."%'";
}
if ($_GET["search_compta"])
{
$sql.= " AND s.code_compta like '%".$db->escape($_GET["search_compta"])."%'";
$sql.= " AND s.code_compta LIKE '%".$db->escape($_GET["search_compta"])."%'";
}
if ($_GET["search_code_client"])
{
$sql.= " AND s.code_client like '%".$db->escape($_GET["search_code_client"])."%'";
$sql.= " AND s.code_client LIKE '%".$db->escape($_GET["search_code_client"])."%'";
}
if (dol_strlen($begin))
{
$sql.= " AND s.nom like '".$db->escape($begin)."'";
$sql.= " AND s.nom LIKE '".$db->escape($begin)."'";
}
if ($socid)
{

17
htdocs/compta/facture/fiche-rec.php
View File

@ -474,7 +474,7 @@ else
if ($fac->statut == 0 && $user->rights->facture->supprimer)
{
print '<a class="butActionDelete" href="fiche-rec.php?action=delete&facid='.$fac->id.'">'.$langs->trans('Delete').'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&facid='.$fac->id.'">'.$langs->trans('Delete').'</a>';
}
print '</div>';
@ -496,7 +496,7 @@ else
$sql = "SELECT s.nom, s.rowid as socid, f.titre, f.total, f.rowid as facid";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_rec as f";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
if ($socid) $sql .= " AND s.rowid = ".$socid;
//$sql .= " ORDER BY $sortfield $sortorder, rowid DESC ";
@ -507,13 +507,13 @@ else
if ($result)
{
$num = $db->num_rows($result);
print_barre_liste($langs->trans("RepeatableInvoices"),$page,"fiche-rec.php","&socid=$socid",$sortfield,$sortorder,'',$num);
print_barre_liste($langs->trans("RepeatableInvoices"),$page,$_SERVER['PHP_SELF'],"&socid=$socid",$sortfield,$sortorder,'',$num);
$i = 0;
print "<table class=\"noborder\" width=\"100%\">";
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Ref").'</td>';
print_liste_field_titre($langs->trans("Company"),"fiche-rec.php","s.nom","","&socid=$socid","",$sortfiled,$sortorder);
print_liste_field_titre($langs->trans("Company"),$_SERVER['PHP_SELF'],"s.nom","","&socid=$socid","",$sortfiled,$sortorder);
print '</td><td align="right">'.$langs->trans("Amount").'</td>';
print '<td>&nbsp;</td>';
print "</td>\n";
@ -528,11 +528,11 @@ else
print "<tr $bc[$var]>";
print '<td><a href="fiche-rec.php?facid='.$objp->facid.'">'.img_object($langs->trans("ShowBill"),"bill").' '.$objp->titre;
print '<td><a href="'.$_SERVER['PHP_SELF'].'?facid='.$objp->facid.'">'.img_object($langs->trans("ShowBill"),"bill").' '.$objp->titre;
print "</a></td>\n";
print '<td><a href="../fiche.php?socid='.$objp->socid.'">'.$objp->nom.'</a></td>';
print "<td align=\"right\">".price($objp->total)."</td>\n";
print '<td align="right">'.price($objp->total).'</td>'."\n";
if (! $objp->paye)
{
@ -566,7 +566,8 @@ else
}
llxFooter();
$db->close();
llxFooter();
?>

2
htdocs/compta/facture/impayees.php
View File

@ -192,7 +192,7 @@ if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PRE
$sql.= ",".MAIN_DB_PREFIX."facture as f";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture ";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND f.type IN (0,1,3) AND f.fk_statut = 1";
$sql.= " AND f.paye = 0";
if ($option == 'late') $sql.=" AND f.date_lim_reglement < '".$db->idate(dol_now() - $conf->facture->client->warning_delay)."'";

16
htdocs/compta/index.php
View File

@ -429,7 +429,7 @@ if ($conf->fournisseur->enabled && $user->rights->fournisseur->facture->lire)
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = ff.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND ff.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
if ($socid) $sql.= " AND ff.fk_soc = ".$socid;
$sql.= " GROUP BY ff.rowid, ff.facnumber, ff.fk_statut, ff.libelle, ff.total_ht, ff.total_ttc, ff.tms, ff.paye, s.nom, s.rowid";
@ -503,10 +503,10 @@ if ($conf->don->enabled && $user->rights->societe->lire)
$langs->load("boxes");
$donationstatic=new Don($db);
$sql = "SELECT s.rowid, s.nom, s.prenom, s.societe, s.datedon as date, s.tms as dm, s.amount, s.fk_statut";
$sql.= " FROM ".MAIN_DB_PREFIX."don as s";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= $db->order("s.tms","DESC");
$sql = "SELECT d.rowid, d.nom, d.prenom, d.societe, d.datedon as date, d.tms as dm, d.amount, d.fk_statut";
$sql.= " FROM ".MAIN_DB_PREFIX."don as d";
$sql.= " WHERE d.entity = ".$conf->entity;
$sql.= $db->order("d.tms","DESC");
$sql.= $db->plimit($max, 0);
$result = $db->query($sql);
@ -928,7 +928,7 @@ if ($conf->fournisseur->enabled && $user->rights->fournisseur->facture->lire)
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = ff.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND ff.entity = ".$conf->entity;
$sql.= " AND ff.paye = 0";
$sql.= " AND ff.fk_statut = 1";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
@ -1027,8 +1027,8 @@ print '</td></tr>';
print '</table>';
llxFooter();
$db->close();
llxFooter();
?>

2
htdocs/compta/paiement/fiche.php
View File

@ -269,7 +269,7 @@ $sql = 'SELECT f.rowid as facid, f.facnumber, f.type, f.total_ttc, f.paye, f.fk_
$sql.= ' FROM '.MAIN_DB_PREFIX.'paiement_facture as pf,'.MAIN_DB_PREFIX.'facture as f,'.MAIN_DB_PREFIX.'societe as s';
$sql.= ' WHERE pf.fk_facture = f.rowid';
$sql.= ' AND f.fk_soc = s.rowid';
$sql.= ' AND s.entity = '.$conf->entity;
$sql.= ' AND f.entity = '.$conf->entity;
$sql.= ' AND pf.fk_paiement = '.$paiement->id;
$resql=$db->query($sql);
if ($resql)

5
htdocs/compta/paiement/liste.php
View File

@ -89,13 +89,14 @@ else
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid AND s.entity = ".$conf->entity;
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid";
if (!$user->rights->societe->client->voir && !$socid)
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
}
$sql.= " WHERE p.fk_paiement = c.id";
if (!$user->rights->societe->client->voir && !$socid)
$sql.= " AND p.entity = ".$conf->entity;
if (! $user->rights->societe->client->voir && ! $socid)
{
$sql.= " AND sc.fk_user = " .$user->id;
}

6
htdocs/compta/prelevement/lignes.php
View File

@ -122,10 +122,12 @@ $pagenext = $page + 1;
$sql = "SELECT pl.rowid, pl.statut, pl.amount";
$sql.= ", s.rowid as socid, s.nom";
$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl";
$sql.= ", ".MAIN_DB_PREFIX."prelevement_bons as pb";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE pl.fk_prelevement_bons=".$prev_id;
$sql.= " WHERE pl.fk_prelevement_bons = ".$prev_id;
$sql.= " AND pl.fk_prelevement_bons = pb.rowid";
$sql.= " AND pb.entity = ".$conf->entity;
$sql.= " AND pl.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY $sortfield $sortorder ";
$sql.= $db->plimit($conf->liste_limit+1, $offset);

28
htdocs/compta/prelevement/stats.php
View File

@ -47,9 +47,9 @@ print_fiche_titre($langs->trans("Statistics"));
// Define total and nbtotal
$sql = "SELECT sum(pl.amount), count(pl.amount)";
$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE pl.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= ", ".MAIN_DB_PREFIX."prelevement_bons as pb";
$sql.= " WHERE pl.fk_prelevement_bons = pb.rowid";
$sql.= " AND pb.entity = ".$conf->entity;
$resql=$db->query($sql);
if ($resql)
{
@ -76,9 +76,9 @@ $ligne=new LignePrelevement($db,$user);
$sql = "SELECT sum(pl.amount), count(pl.amount), pl.statut";
$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE pl.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= ", ".MAIN_DB_PREFIX."prelevement_bons as pb";
$sql.= " WHERE pl.fk_prelevement_bons = pb.rowid";
$sql.= " AND pb.entity = ".$conf->entity;
$sql.= " GROUP BY pl.statut";
$resql=$db->query($sql);
@ -146,9 +146,9 @@ print_titre($langs->trans("WithdrawRejectStatistics"));
// Define total and nbtotal
$sql = "SELECT sum(pl.amount), count(pl.amount)";
$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE pl.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= ", ".MAIN_DB_PREFIX."prelevement_bons as pb";
$sql.= " WHERE pl.fk_prelevement_bons = pb.rowid";
$sql.= " AND pb.entity = ".$conf->entity;
$sql.= " AND pl.statut = 3";
$resql=$db->query($sql);
if ($resql)
@ -169,10 +169,10 @@ if ($resql)
*/
$sql = "SELECT sum(pl.amount), count(pl.amount) as cc, pr.motif";
$sql.= " FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl";
$sql.= " , ".MAIN_DB_PREFIX."prelevement_rejet as pr";
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE pl.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= ", ".MAIN_DB_PREFIX."prelevement_bons as pb";
$sql.= ", ".MAIN_DB_PREFIX."prelevement_rejet as pr";
$sql.= " WHERE pl.fk_prelevement_bons = pb.rowid";
$sql.= " AND pb.entity = ".$conf->entity;
$sql.= " AND pl.statut = 3";
$sql.= " AND pr.fk_prelevement_lignes = pl.rowid";
$sql.= " GROUP BY pr.motif";
@ -232,8 +232,8 @@ else
dol_print_error($db);
}
llxFooter();
$db->close();
llxFooter();
?>

34
htdocs/compta/resultat/clientfourn.php
View File

@ -344,25 +344,25 @@ print '<tr><td colspan="4">'.$langs->trans("SocialContributions").'</td></tr>';
if ($modecompta == 'CREANCES-DETTES')
{
$sql = "SELECT c.libelle as nom, sum(s.amount) as amount";
$sql = "SELECT c.libelle as nom, sum(cs.amount) as amount";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " WHERE s.fk_type = c.id";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " WHERE cs.fk_type = c.id";
$sql.= " AND c.deductible = 0";
if ($date_start && $date_end) $sql.= " AND s.date_ech >= '".$db->idate($date_start)."' AND s.date_ech <= '".$db->idate($date_end)."'";
if ($date_start && $date_end) $sql.= " AND cs.date_ech >= '".$db->idate($date_start)."' AND cs.date_ech <= '".$db->idate($date_end)."'";
}
else
{
$sql = "SELECT c.libelle as nom, sum(p.amount) as amount";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql.= " WHERE p.fk_charge = s.rowid";
$sql.= " AND s.fk_type = c.id";
$sql.= " WHERE p.fk_charge = cs.rowid";
$sql.= " AND cs.fk_type = c.id";
$sql.= " AND c.deductible = 0";
if ($date_start && $date_end) $sql.= " AND p.datep >= '".$db->idate($date_start)."' AND p.datep <= '".$db->idate($date_end)."'";
}
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " GROUP BY c.libelle";
dol_syslog("get social contributions deductible=0 sql=".$sql);
@ -414,26 +414,26 @@ print '<tr><td colspan="4">'.$langs->trans("SocialContributions").'</td></tr>';
if ($modecompta == 'CREANCES-DETTES')
{
$sql = "SELECT c.libelle as nom, sum(s.amount) as amount";
$sql = "SELECT c.libelle as nom, sum(cs.amount) as amount";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " WHERE s.fk_type = c.id";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " WHERE cs.fk_type = c.id";
$sql.= " AND c.deductible = 1";
if ($date_start && $date_end) $sql.= " AND s.date_ech >= '".$db->idate($date_start)."' AND s.date_ech <= '".$db->idate($date_end)."'";
$sql.= " AND s.entity = ".$conf->entity;
if ($date_start && $date_end) $sql.= " AND cs.date_ech >= '".$db->idate($date_start)."' AND cs.date_ech <= '".$db->idate($date_end)."'";
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " GROUP BY c.libelle DESC";
}
else
{
$sql = "SELECT c.libelle as nom, sum(p.amount) as amount";
$sql .= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql .= " WHERE p.fk_charge = s.rowid";
$sql.= " AND s.fk_type = c.id";
$sql .= " WHERE p.fk_charge = cs.rowid";
$sql.= " AND cs.fk_type = c.id";
$sql.= " AND c.deductible = 1";
if ($date_start && $date_end) $sql.= " AND p.datep >= '".$db->idate($date_start)."' AND p.datep <= '".$db->idate($date_end)."'";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " GROUP BY c.libelle";
}

22
htdocs/compta/resultat/index.php
View File

@ -346,23 +346,23 @@ $subtotal_ht = 0;
$subtotal_ttc = 0;
if ($modecompta == 'CREANCES-DETTES')
{
$sql = "SELECT c.libelle as nom, date_format(s.date_ech,'%Y-%m') as dm, sum(s.amount) as amount_ht, sum(s.amount) as amount_ttc";
$sql = "SELECT c.libelle as nom, date_format(cs.date_ech,'%Y-%m') as dm, sum(cs.amount) as amount_ht, sum(cs.amount) as amount_ttc";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " WHERE s.fk_type = c.id";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " WHERE cs.fk_type = c.id";
$sql.= " AND c.deductible = 0";
}
else
{
$sql = "SELECT c.libelle as nom, date_format(p.datep,'%Y-%m') as dm, sum(p.amount) as amount_ht, sum(p.amount) as amount_ttc";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql.= " WHERE p.fk_charge = s.rowid";
$sql.= " AND s.fk_type = c.id";
$sql.= " WHERE p.fk_charge = cs.rowid";
$sql.= " AND cs.fk_type = c.id";
$sql.= " AND c.deductible = 0";
}
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " GROUP BY c.libelle, dm";
dol_syslog("get social contributions deductible=0 sql=".$sql);
@ -403,13 +403,13 @@ else
{
$sql = "SELECT c.libelle as nom, date_format(p.datep,'%Y-%m') as dm, sum(p.amount) as amount_ht, sum(p.amount) as amount_ttc";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql.= " WHERE p.fk_charge = s.rowid";
$sql.= " AND s.fk_type = c.id";
$sql.= " WHERE p.fk_charge = cs.rowid";
$sql.= " AND cs.fk_type = c.id";
$sql.= " AND c.deductible = 1";
}
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " GROUP BY c.libelle, dm";
dol_syslog("get social contributions paid deductible=1 sql=".$sql);

6
htdocs/compta/sociales/charges.php
View File

@ -320,10 +320,10 @@ if ($chid > 0)
$sql.= "c.libelle as paiement_type";
$sql.= " FROM ".MAIN_DB_PREFIX."paiementcharge as p";
$sql.= ", ".MAIN_DB_PREFIX."c_paiement as c ";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " WHERE p.fk_charge = ".$chid;
$sql.= " AND p.fk_charge = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.fk_charge = cs.rowid";
$sql.= " AND cs.entity = ".$conf->entity;
$sql.= " AND p.fk_typepaiement = c.id";
$sql.= " ORDER BY dp DESC";

30
htdocs/compta/sociales/index.php
View File

@ -40,7 +40,7 @@ $offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
$limit = $conf->liste_limit;
if (! $sortfield) $sortfield="s.date_ech";
if (! $sortfield) $sortfield="cs.date_ech";
if (! $sortorder) $sortorder="DESC";
$year=$_GET["year"];
@ -53,7 +53,7 @@ if (empty($_REQUEST['typeid']))
foreach($filterarray as $val)
{
$part=explode(':',$val);
if ($part[0] == 's.fk_type') $typeid=$part[1];
if ($part[0] == 'cs.fk_type') $typeid=$part[1];
}
}
else
@ -71,21 +71,21 @@ llxHeader();
$form = new Form($db);
$sql = "SELECT s.rowid as id, s.fk_type as type, ";
$sql.= " s.amount, s.date_ech, s.libelle, s.paye, s.periode,";
$sql = "SELECT cs.rowid as id, cs.fk_type as type, ";
$sql.= " cs.amount, cs.date_ech, cs.libelle, cs.paye, cs.periode,";
$sql.= " c.libelle as type_lib";
$sql.= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as s";
$sql.= " WHERE s.fk_type = c.id";
$sql.= " AND s.entity = ".$conf->entity;
if (GETPOST("search_label")) $sql.=" AND s.libelle like '%".GETPOST("search_label")."%'";
$sql.= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql.= " WHERE cs.fk_type = c.id";
$sql.= " AND cs.entity = ".$conf->entity;
if (GETPOST("search_label")) $sql.=" AND cs.libelle LIKE '%".GETPOST("search_label")."%'";
if ($year > 0)
{
$sql .= " AND (";
// Si period renseignee on l'utilise comme critere de date, sinon on prend date echeance,
// ceci afin d'etre compatible avec les cas ou la periode n'etait pas obligatoire
$sql .= " (s.periode is not null and date_format(s.periode, '%Y') = '".$year."') ";
$sql .= "or (s.periode is null and date_format(s.date_ech, '%Y') = '".$year."')";
$sql .= " (cs.periode IS NOT NULL AND date_format(cs.periode, '%Y') = '".$year."') ";
$sql .= "OR (cs.periode IS NULL AND date_format(cs.date_ech, '%Y') = '".$year."')";
$sql .= ")";
}
if ($filtre) {
@ -93,7 +93,7 @@ if ($filtre) {
$sql .= " AND ".$filtre;
}
if ($typeid) {
$sql .= " AND s.fk_type=".$typeid;
$sql .= " AND cs.fk_type=".$typeid;
}
$sql.= $db->order($sortfield,$sortorder);
$sql.= $db->plimit($limit+1,$offset);
@ -142,12 +142,12 @@ if ($resql)
print "<tr class=\"liste_titre\">";
print_liste_field_titre($langs->trans("Ref"),"index.php","id","",$param,"",$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Label"),"index.php","s.libelle","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Label"),"index.php","cs.libelle","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Type"),"index.php","type","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("PeriodEndDate"),"index.php","periode","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Amount"),"index.php","s.amount","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DateDue"),"index.php","s.date_ech","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Status"),"index.php","s.paye","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Amount"),"index.php","cs.amount","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DateDue"),"index.php","cs.date_ech","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Status"),"index.php","cs.paye","",$param,'align="right"',$sortfield,$sortorder);
print "</tr>\n";
print '<tr class="liste_titre">';

4
htdocs/compta/tva/quadri.php
View File

@ -67,7 +67,7 @@ function tva_coll($db,$y,$q)
$sql.= ", ".MAIN_DB_PREFIX."facturedet as d" ;
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND f.fk_statut in (1,2)";
$sql.= " AND f.rowid = d.fk_facture ";
$sql.= " AND date_format(f.datef,'%Y') = '".$y."'";
@ -134,7 +134,7 @@ function tva_paye($db, $y,$q)
$sql.= ", ".MAIN_DB_PREFIX."facture_fourn_det as d" ;
$sql.= ", ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND f.fk_statut = 1 ";
$sql.= " AND f.rowid = d.fk_facture_fourn ";
$sql.= " AND date_format(f.datef,'%Y') = '".$y."'";

4
htdocs/contrat/class/contrat.class.php
View File

@ -1358,7 +1358,7 @@ class Contrat extends CommonObject
$sql.= " AND cd.date_fin_validite < '".$this->db->idate(time())."'";
}
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if ($user->societe_id) $sql.=" AND c.fk_soc = ".$user->societe_id;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
$resql=$this->db->query($sql);
@ -1403,7 +1403,7 @@ class Contrat extends CommonObject
$sql.= " WHERE sc.fk_user = " .$user->id;
$clause = "AND";
}
$sql.= " ".$clause." s.entity = ".$conf->entity;
$sql.= " ".$clause." c.entity = ".$conf->entity;
$resql=$this->db->query($sql);
if ($resql)

14
htdocs/contrat/index.php
View File

@ -103,7 +103,7 @@ $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid";
$sql.= " AND (cd.statut != 4 OR (cd.statut = 4 AND (cd.date_fin_validite is null or cd.date_fin_validite >= '".$db->idate(dol_now('tzref'))."')))";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " GROUP BY cd.statut";
@ -140,7 +140,7 @@ $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid";
$sql.= " AND (cd.statut = 4 AND cd.date_fin_validite < '".$db->idate(dol_now('tzref'))."')";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " GROUP BY cd.statut";
@ -229,7 +229,7 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire)
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.rowid = c.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.statut = 0";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.fk_soc = ".$socid;
@ -300,7 +300,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= " ".MAIN_DB_PREFIX.
$sql.= " ".MAIN_DB_PREFIX."contrat as c";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.statut > 0";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
@ -374,7 +374,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX
$sql.= " ) LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
$sql.= " WHERE cd.fk_contrat = c.rowid";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY cd.tms DESC";
@ -454,7 +454,7 @@ $sql.= " WHERE c.statut=1";
$sql.= " AND cd.statut = 0";
$sql.= " AND cd.fk_contrat = c.rowid";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY cd.tms DESC";
@ -534,7 +534,7 @@ $sql.= " AND cd.statut = 4";
$sql.= " AND cd.date_fin_validite < '".$db->idate($now)."'";
$sql.= " AND cd.fk_contrat = c.rowid";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " ORDER BY cd.tms DESC";

2
htdocs/contrat/liste.php
View File

@ -76,7 +76,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX
$sql.= ", ".MAIN_DB_PREFIX."contrat as c";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat";
$sql.= " WHERE c.fk_soc = s.rowid ";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($search_nom) $sql.= " AND s.nom like '%".$db->escape($search_nom)."%'";

2
htdocs/contrat/services.php
View File

@ -87,7 +87,7 @@ $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
$sql.= " WHERE";
$sql.= " c.rowid = cd.fk_contrat";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($mode == "0") $sql.= " AND cd.statut = 0";
if ($mode == "4") $sql.= " AND cd.statut = 4";

2
htdocs/core/boxes/box_actions.php
View File

@ -79,7 +79,7 @@ class box_actions extends ModeleBoxes
$sql.= " FROM (".MAIN_DB_PREFIX."c_actioncomm AS ta, ";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " ".MAIN_DB_PREFIX."societe_commerciaux AS sc, ";
$sql.= MAIN_DB_PREFIX."actioncomm AS a)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " WHERE a.fk_action = ta.id";
$sql.= " AND a.entity = ".$conf->entity;
$sql.= " AND a.percent >= 0 AND a.percent < 100";

2
htdocs/core/boxes/box_clients.php
View File

@ -78,7 +78,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client IN (1, 3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id) $sql.= " AND s.rowid = $user->societe_id";
$sql.= " ORDER BY s.tms DESC";

12
htdocs/core/boxes/box_commandes.php
View File

@ -75,16 +75,16 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
{
$sql = "SELECT s.nom, s.rowid as socid,";
$sql.= " p.ref, p.tms, p.rowid,";
$sql.= " p.fk_statut, p.facture";
$sql.= " c.ref, c.tms, c.rowid,";
$sql.= " c.fk_statut, c.facture";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."commande as p";
$sql.= ", ".MAIN_DB_PREFIX."commande as c";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY p.date_commande DESC, p.ref DESC ";
$sql.= " ORDER BY c.date_commande DESC, c.ref DESC ";
$sql.= $db->plimit($max, 0);
$result = $db->query($sql);

2
htdocs/core/boxes/box_contacts.php
View File

@ -75,7 +75,7 @@ include_once(DOL_DOCUMENT_ROOT."/contact/class/contact.class.php");
$sql = "SELECT s.rowid, s.name, s.firstname, s.civilite, s.datec, s.tms";
$sql.= " FROM ".MAIN_DB_PREFIX."socpeople as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id) $sql.= " AND s.rowid = $user->societe_id";
$sql.= " ORDER BY s.tms DESC";

2
htdocs/core/boxes/box_factures.php
View File

@ -84,7 +84,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ")";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY f.tms DESC";

2
htdocs/core/boxes/box_factures_fourn.php
View File

@ -84,7 +84,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
$sql.= ", ".MAIN_DB_PREFIX."facture_fourn as f";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY f.tms DESC";

2
htdocs/core/boxes/box_factures_fourn_imp.php
View File

@ -80,7 +80,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
$sql.= ",".MAIN_DB_PREFIX."facture_fourn as f";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND f.paye=0";
$sql.= " AND fk_statut = 1";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/core/boxes/box_factures_imp.php
View File

@ -82,7 +82,7 @@ require_once(DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php');
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND f.paye = 0";
$sql.= " AND fk_statut = 1";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/core/boxes/box_fournisseurs.php
View File

@ -77,7 +77,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY s.tms DESC ";

10
htdocs/core/boxes/box_members.php
View File

@ -74,12 +74,12 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
if ($user->rights->societe->lire)
{
$sql = "SELECT s.rowid, s.nom as lastname, s.prenom as firstname, s.datec, s.tms, s.statut as status, s.datefin as date_end_subscription,";
$sql = "SELECT a.rowid, a.nom as lastname, a.prenom as firstname, a.datec, a.tms, a.statut as status, a.datefin as date_end_subscription,";
$sql.= " t.cotisation";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as s, ".MAIN_DB_PREFIX."adherent_type as t";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " AND s.fk_adherent_type = t.rowid";
$sql.= " ORDER BY s.tms DESC";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as a, ".MAIN_DB_PREFIX."adherent_type as t";
$sql.= " WHERE a.entity = ".$conf->entity;
$sql.= " AND a.fk_adherent_type = t.rowid";
$sql.= " ORDER BY a.tms DESC";
$sql.= $db->plimit($max, 0);
$result = $db->query($sql);

2
htdocs/core/boxes/box_propales.php
View File

@ -80,7 +80,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
$sql.= ", ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY p.datep DESC, p.ref DESC ";

2
htdocs/core/boxes/box_prospect.php
View File

@ -82,7 +82,7 @@ include_once(DOL_DOCUMENT_ROOT."/comm/prospect/class/prospect.class.php");
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.client IN (2, 3)";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id;
$sql.= " ORDER BY s.tms DESC";

2
htdocs/core/boxes/box_services_vendus.php
View File

@ -84,7 +84,7 @@ include_once(DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php");
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ")";
$sql.= " WHERE s.rowid = c.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.rowid = cd.fk_contrat";
$sql.= " AND cd.fk_product = p.rowid";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/core/class/html.form.class.php
View File

@ -745,7 +745,7 @@ class Form
$sql = "SELECT s.rowid, s.nom, s.client, s.fournisseur, s.code_client, s.code_fournisseur";
$sql.= " FROM ".MAIN_DB_PREFIX ."societe as s";
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
if ($filter) $sql.= " AND ".$filter;
if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " ORDER BY nom ASC";

2
htdocs/core/class/notify.class.php
View File

@ -96,7 +96,7 @@ class Notify
$sql.= " AND n.fk_soc = s.rowid";
if (is_numeric($action)) $sql.= " AND n.fk_action = ".$action; // Old usage
else $sql.= " AND a.code = '".$action."'"; // New usage
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND s.rowid = ".$socid;
dol_syslog("Notify.class::countDefinedNotifications ".$action.", ".$socid." sql=".$sql);

6
htdocs/core/lib/agenda.lib.php
View File

@ -185,8 +185,9 @@ function show_array_actions_to_do($max=5)
$sql.= " ".MAIN_DB_PREFIX."actioncomm as a";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= ")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " WHERE c.id = a.fk_action";
$sql.= " AND a.entity = ".$conf->entity;
$sql.= " AND ((a.percent >= 0 AND a.percent < 100) OR (a.percent = -1 AND a.datep2 > '".$db->idate($now)."'))";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
@ -283,8 +284,9 @@ function show_array_last_actions_done($max=5)
$sql.= " ".MAIN_DB_PREFIX."actioncomm as a";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.=")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid AND s.entity IN (0, ".$conf->entity.")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql.= " WHERE c.id = a.fk_action";
$sql.= " AND a.entity = ".$conf->entity;
$sql.= " AND (a.percent >= 100 OR (a.percent = -1 AND a.datep2 <= '".$db->idate($now)."'))";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;

2
htdocs/core/lib/company.lib.php
View File

@ -989,7 +989,7 @@ function show_subsidiaries($conf,$langs,$db,$object)
$sql = "SELECT s.rowid, s.nom as name, s.address, s.cp as zip, s.ville as town, s.code_client, s.canvas";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.parent = ".$object->id;
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
$sql.= " ORDER BY s.nom";
$result = $db->query($sql);

9
htdocs/core/modules/mailings/contacts1.modules.php
View File

@ -73,8 +73,7 @@ class mailing_contacts1 extends MailingTargets
$statssql[0].= " FROM ".MAIN_DB_PREFIX."socpeople as c,";
$statssql[0].= " ".MAIN_DB_PREFIX."societe as s";
$statssql[0].= " WHERE s.rowid = c.fk_soc";
$statssql[0].= " AND s.entity = ".$conf->entity;
$statssql[0].= " AND c.entity = ".$conf->entity;
$statssql[0].= " AND c.entity IN (".getEntity('societe', 1).")";
$statssql[0].= " AND s.client IN (1, 3)";
$statssql[0].= " AND c.email != ''"; // Note that null != '' is false
@ -97,8 +96,7 @@ class mailing_contacts1 extends MailingTargets
$sql .= " FROM ".MAIN_DB_PREFIX."socpeople as c,";
$sql .= " ".MAIN_DB_PREFIX."societe as s";
$sql .= " WHERE s.rowid = c.fk_soc";
$sql .= " AND c.entity = ".$conf->entity;
$sql .= " AND s.entity = ".$conf->entity;
$sql .= " AND c.entity IN (".getEntity('societe', 1).")";
$sql .= " AND c.email != ''"; // Note that null != '' is false
// La requete doit retourner un champ "nb" pour etre comprise
@ -204,8 +202,7 @@ class mailing_contacts1 extends MailingTargets
$sql.= " FROM ".MAIN_DB_PREFIX."socpeople as c,";
$sql.= " ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.rowid = c.fk_soc";
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity IN (".getEntity('societe', 1).")";
$sql.= " AND c.email != ''";
foreach($filtersarray as $key)
{

3
htdocs/core/modules/mailings/contacts2.modules.php
View File

@ -163,8 +163,7 @@ class mailing_contacts2 extends MailingTargets
$sql.= " FROM ".MAIN_DB_PREFIX."socpeople as sp,";
$sql.= " ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.rowid = sp.fk_soc";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND sp.entity = ".$conf->entity;
$sql.= " AND sp.entity IN (".getEntity('societe', 1).")";
$sql.= " AND sp.email != ''"; // Note that null != '' is false
//$sql.= " AND sp.poste != ''";
// La requete doit retourner un champ "nb" pour etre comprise

6
htdocs/core/modules/mailings/contacts3.modules.php
View File

@ -169,8 +169,7 @@ class mailing_contacts3 extends MailingTargets
$sql.= " FROM ".MAIN_DB_PREFIX."socpeople as c,";
$sql.= " ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.rowid = c.fk_soc";
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity IN (".getEntity('societe', 1).")";
$sql.= " AND c.email != ''"; // Note that null != '' is false
/*
$sql = "SELECT count(distinct(sp.email)) as nb";
@ -179,8 +178,7 @@ class mailing_contacts3 extends MailingTargets
$sql.= " ".MAIN_DB_PREFIX."categorie as c,";
$sql.= " ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql.= " WHERE s.rowid = sp.fk_soc";
$sql.= " AND sp.entity = ".$conf->entity;
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND sp.entity IN (".getEntity('societe', 1).")";
$sql.= " AND sp.email != ''"; // Note that null != '' is false
$sql.= " AND cs.fk_categorie = c.rowid";
$sql.= " AND cs.fk_societe = sp.fk_soc";

20
htdocs/core/modules/mailings/framboise.modules.php
View File

@ -63,19 +63,19 @@ class mailing_framboise extends MailingTargets
// CHANGE THIS
// Select the members from category
$sql = "SELECT s.rowid as id, s.email as email, s.nom as name, null as fk_contact, null as firstname,";
$sql = "SELECT a.rowid as id, a.email as email, a.nom as name, null as fk_contact, null as firstname,";
if ($_POST['filter']) $sql.= " c.label";
else $sql.=" null as label";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as s";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as a";
if ($_POST['filter'])
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."categorie_member as cm ON cm.fk_member = s.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."categorie_member as cm ON cm.fk_member = a.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."categorie as c ON c.rowid = cm.fk_categorie";
}
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " WHERE a.email != ''";
$sql.= " AND a.entity = ".$conf->entity;
if ($_POST['filter']) $sql.= " AND c.rowid='".$_POST['filter']."'";
$sql.= " ORDER BY s.email";
$sql.= " ORDER BY a.email";
// Stocke destinataires dans cibles
$result=$this->db->query($sql);
@ -150,10 +150,10 @@ class mailing_framboise extends MailingTargets
{
global $conf;
$sql = "SELECT count(distinct(s.email)) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as s";
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql = "SELECT count(distinct(a.email)) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as a";
$sql.= " WHERE a.email != ''";
$sql.= " AND a.entity = ".$conf->entity;
// La requete doit retourner un champ "nb" pour etre comprise
// par parent::getNbOfRecipients

8
htdocs/core/modules/mailings/thirdparties.modules.php
View File

@ -67,14 +67,14 @@ class mailing_thirdparties extends MailingTargets
$sql = "SELECT s.rowid as id, s.email as email, s.nom as name, null as fk_contact, null as firstname, null as label";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
}
else
{
$sql = "SELECT s.rowid as id, s.email as email, s.nom as name, null as fk_contact, null as firstname, c.label as label";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_societe as cs, ".MAIN_DB_PREFIX."categorie as c";
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND cs.fk_societe = s.rowid";
$sql.= " AND c.rowid = cs.fk_categorie";
$sql.= " AND c.rowid='".$this->db->escape($_POST['filter'])."'";
@ -82,7 +82,7 @@ class mailing_thirdparties extends MailingTargets
$sql.= "SELECT s.rowid as id, s.email as email, s.nom as name, null as fk_contact, null as firstname, c.label as label";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_fournisseur as cs, ".MAIN_DB_PREFIX."categorie as c";
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND cs.fk_societe = s.rowid";
$sql.= " AND c.rowid = cs.fk_categorie";
$sql.= " AND c.rowid='".$this->db->escape($_POST['filter'])."'";
@ -164,7 +164,7 @@ class mailing_thirdparties extends MailingTargets
$sql = "SELECT count(distinct(s.email)) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.email != ''";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
// La requete doit retourner un champ "nb" pour etre comprise
// par parent::getNbOfRecipients

2
htdocs/core/modules/modFacture.class.php
View File

@ -182,7 +182,7 @@ class modFacture extends DolibarrModules
$this->export_sql_end[$r] =' FROM ('.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'facture as f, '.MAIN_DB_PREFIX.'facturedet as fd)';
$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product as p on (fd.fk_product = p.rowid)';
$this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_facture';
$this->export_sql_end[$r] .=' AND s.entity = '.$conf->entity;
$this->export_sql_end[$r] .=' AND f.entity = '.$conf->entity;
$r++;
$this->export_code[$r]=$this->rights_class.'_'.$r;

2
htdocs/core/modules/modSociete.class.php
View File

@ -222,7 +222,7 @@ class modSociete extends DolibarrModules
$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_effectif as ce ON s.fk_effectif = ce.id';
$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_forme_juridique as cfj ON s.fk_forme_juridique = cfj.code';
$this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid';
$this->export_sql_end[$r] .=' WHERE s.entity = '.$conf->entity;
$this->export_sql_end[$r] .=' WHERE s.entity IN ('.getEntity('societe', 1).')';
// Export list of contacts and attributes
$r++;

4
htdocs/fourn/class/fournisseur.class.php
View File

@ -125,7 +125,7 @@ class Fournisseur extends Societe
$clause = "AND";
}
$sql.= " ".$clause." s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
$resql=$this->db->query($sql);
if ($resql)
@ -188,7 +188,7 @@ class Fournisseur extends Societe
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if (!$this->user->rights->societe->client->voir && !$this->user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$this->user->rights->societe->client->voir && !$this->user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$this->user->id;
$resql=$this->db->query($sql);

4
htdocs/fourn/class/fournisseur.product.class.php
View File

@ -331,7 +331,7 @@ class ProductFournisseur extends Product
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " INNER JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp";
$sql.= " ON pfp.fk_soc = s.rowid";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND pfp.fk_product = ".$prodid;
$sql.= " ORDER BY s.nom, pfp.quantity, pfp.price";
@ -408,7 +408,7 @@ class ProductFournisseur extends Product
$sql.= " pfp.rowid as product_fourn_price_id, pfp.ref_fourn,";
$sql.= " pfp.price, pfp.quantity, pfp.unitprice";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."product_fournisseur_price as pfp";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND pfp.fk_product = ".$prodid;
$sql.= " AND pfp.fk_soc = s.rowid";
$sql.= " ORDER BY pfp.unitprice";

2
htdocs/fourn/commande/index.php
View File

@ -77,7 +77,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= ", ".MAIN_DB_PREFIX."commande_fournisseur as cf";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE cf.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cf.entity = ".$conf->entity;
if ($user->societe_id) $sql.=' AND cf.fk_soc = '.$user->societe_id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
$sql.= " GROUP BY cf.fk_statut";

4
htdocs/fourn/commande/liste.php
View File

@ -81,7 +81,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX
$sql.= ")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON cf.fk_user_author = u.rowid";
$sql.= " WHERE cf.fk_soc = s.rowid ";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND cf.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($sref)
{
@ -101,7 +101,7 @@ if ($sttc)
}
if ($sall)
{
$sql.= " AND (cf.ref like '%".$db->escape($sall)."%' OR cf.note like '%".$db->escape($sall)."%')";
$sql.= " AND (cf.ref LIKE '%".$db->escape($sall)."%' OR cf.note LIKE '%".$db->escape($sall)."%')";
}
if ($socid) $sql.= " AND s.rowid = ".$socid;

2
htdocs/fourn/index.php
View File

@ -235,7 +235,7 @@ $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql .= " AND s.rowid = ".$socid;
$sql.= " ORDER BY s.tms DESC";

2
htdocs/fourn/liste.php
View File

@ -74,7 +74,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
if ($search_categ) $sql.= ", ".MAIN_DB_PREFIX."categorie_fournisseur as cf";
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_stcomm = st.id AND s.fournisseur = 1";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if ($search_categ) $sql.= " AND s.rowid = cf.fk_societe"; // Join for the needed table to filter by categ
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql .= " AND s.rowid = ".$socid;

1
htdocs/install/mysql/migration/3.1.0-3.2.0.sql
View File

@ -182,3 +182,4 @@ update llx_cotisation set fk_bank = null where fk_bank not in (select rowid from
insert into llx_c_chargesociales (id, libelle, deductible, active, code, fk_pays) values (12, 'Cotisation foncière des entreprises', 0, 1, 'TAXCFE', '1');
insert into llx_c_chargesociales (id, libelle, deductible, active, code, fk_pays) values (13, 'Cotisation sur la valeur ajoutée des entreprises', 0, 1, 'TAXCVAE', '1');
ALTER TABLE llx_paiement ADD COLUMN entity integer DEFAULT 1 NOT NULL AFTER rowid;

14
htdocs/install/mysql/tables/llx_paiement.sql
View File

@ -1,6 +1,7 @@
-- ===================================================================
-- Copyright (C) 2001-2002,2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
-- Copyright (C) 2004 Laurent Destailleur <eldy@users.sourceforge.net>
-- Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
-- Copyright (C) 2004 Laurent Destailleur <eldy@users.sourceforge.net>
-- Copyright (C) 2012 Regis Houssin <regis@dolibarr.fr>
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
@ -24,16 +25,17 @@
create table llx_paiement
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
datec datetime, -- date de creation
entity integer DEFAULT 1 NOT NULL, -- Multi company id
datec datetime, -- date de creation
tms timestamp,
datep datetime, -- payment date
datep datetime, -- payment date
amount double(24,8) DEFAULT 0,
fk_paiement integer NOT NULL,
num_paiement varchar(50),
note text,
fk_bank integer NOT NULL DEFAULT 0,
fk_user_creat integer, -- utilisateur qui a cree l'info
fk_user_modif integer, -- utilisateur qui a modifie l'info
fk_user_creat integer, -- utilisateur qui a cree l'info
fk_user_modif integer, -- utilisateur qui a modifie l'info
statut smallint DEFAULT 0 NOT NULL,
fk_export_compta integer DEFAULT 0 NOT NULL

22
htdocs/product/class/product.class.php
View File

@ -1173,7 +1173,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.rowid = pd.fk_propal";
$sql.= " AND p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.entity = ".$conf->entity;
$sql.= " AND pd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
//$sql.= " AND pr.fk_statut != 0";
@ -1216,7 +1216,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.rowid = cd.fk_commande";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND cd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND c.fk_soc = ".$socid;
@ -1258,7 +1258,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.rowid = cd.fk_commande";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND cd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND c.fk_soc = ".$socid;
@ -1301,7 +1301,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE e.rowid = ed.fk_expedition";
$sql.= " AND e.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND e.entity = ".$conf->entity;
$sql.= " AND ed.fk_origin_line = cd.rowid";
$sql.= " AND cd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
@ -1344,7 +1344,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.rowid = cd.fk_contrat";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND cd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
//$sql.= " AND c.statut != 0";
@ -1386,7 +1386,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.rowid = fd.fk_facture";
$sql.= " AND f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND fd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
//$sql.= " AND f.fk_statut != 0";
@ -1428,7 +1428,7 @@ class Product extends CommonObject
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.rowid = fd.fk_facture_fourn";
$sql.= " AND f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND fd.fk_product = ".$this->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
//$sql.= " AND f.fk_statut != 0";
@ -1526,7 +1526,7 @@ class Product extends CommonObject
$sql.= " WHERE f.rowid = d.fk_facture";
$sql.= " AND d.fk_product =".$this->id;
$sql.= " AND f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND f.fk_soc = $socid";
$sql.= " GROUP BY date_format(f.datef,'%Y%m')";
@ -1555,7 +1555,7 @@ class Product extends CommonObject
$sql.= " WHERE f.rowid = d.fk_facture_fourn";
$sql.= " AND d.fk_product =".$this->id;
$sql.= " AND f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND f.fk_soc = $socid";
$sql.= " GROUP BY date_format(f.datef,'%Y%m')";
@ -1584,7 +1584,7 @@ class Product extends CommonObject
$sql.= " WHERE p.rowid = d.fk_propal";
$sql.= " AND d.fk_product =".$this->id;
$sql.= " AND p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND p.fk_soc = ".$socid;
$sql.= " GROUP BY date_format(p.datep,'%Y%m')";
@ -1611,7 +1611,7 @@ class Product extends CommonObject
$sql.= " WHERE c.rowid = d.fk_commande";
$sql.= " AND d.fk_product =".$this->id;
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid > 0) $sql.= " AND c.fk_soc = ".$socid;
$sql.= " GROUP BY date_format(c.date_commande,'%Y%m')";

2
htdocs/product/stats/commande.php
View File

@ -121,7 +121,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."commandedet as d";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND d.fk_commande = c.rowid";
$sql.= " AND d.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/product/stats/commande_fournisseur.php
View File

@ -115,7 +115,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."commande_fournisseurdet as d";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND d.fk_commande = c.rowid";
$sql.= " AND d.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/product/stats/contrat.php
View File

@ -127,7 +127,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."contratdet as cd";
$sql.= " WHERE c.rowid = cd.fk_contrat";
$sql.= " AND c.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND cd.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;

2
htdocs/product/stats/facture.php
View File

@ -124,7 +124,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."facturedet as d";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND d.fk_facture = f.rowid";
$sql.= " AND d.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/product/stats/facture_fournisseur.php
View File

@ -124,7 +124,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."facture_fourn_det as d";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE f.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND f.entity = ".$conf->entity;
$sql.= " AND d.fk_facture_fourn = f.rowid";
$sql.= " AND d.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

2
htdocs/product/stats/propal.php
View File

@ -118,7 +118,7 @@ if ($_GET["id"] || $_GET["ref"])
$sql.= ", ".MAIN_DB_PREFIX."propaldet as d";
if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE p.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND p.entity = ".$conf->entity;
$sql.= " AND d.fk_propal = p.rowid";
$sql.= " AND d.fk_product =".$product->id;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;

11
htdocs/product/stock/index.php
View File

@ -106,14 +106,14 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
// Last movements
$max=10;
$sql = "SELECT p.rowid, p.label as produit,";
$sql.= " s.label as stock, s.rowid as entrepot_id,";
$sql.= " e.label as stock, e.rowid as entrepot_id,";
$sql.= " m.value, m.datem";
$sql.= " FROM ".MAIN_DB_PREFIX."entrepot as s";
$sql.= " FROM ".MAIN_DB_PREFIX."entrepot as e";
$sql.= ", ".MAIN_DB_PREFIX."stock_mouvement as m";
$sql.= ", ".MAIN_DB_PREFIX."product as p";
$sql.= " WHERE m.fk_product = p.rowid";
$sql.= " AND m.fk_entrepot = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND m.fk_entrepot = e.rowid";
$sql.= " AND e.entity = ".$conf->entity;
if (empty($conf->global->STOCK_SUPPORTS_SERVICES)) $sql.= " AND p.fk_product_type = 0";
$sql.= $db->order("datem","DESC");
$sql.= $db->plimit($max,0);
@ -159,7 +159,8 @@ if ($resql)
print '</td></tr></table>';
llxFooter();
$db->close();
llxFooter();
?>

14
htdocs/product/stock/mouvement.php
View File

@ -75,20 +75,20 @@ $form=new Form($db);
$formother=new FormOther($db);
$sql = "SELECT p.rowid, p.label as produit, p.fk_product_type as type,";
$sql.= " s.label as stock, s.rowid as entrepot_id,";
$sql.= " e.label as stock, e.rowid as entrepot_id,";
$sql.= " m.rowid as mid, m.value, m.datem, m.fk_user_author, m.label,";
$sql.= " u.login";
$sql.= " FROM (".MAIN_DB_PREFIX."entrepot as s,";
$sql.= " FROM (".MAIN_DB_PREFIX."entrepot as e,";
$sql.= " ".MAIN_DB_PREFIX."stock_mouvement as m,";
$sql.= " ".MAIN_DB_PREFIX."product as p)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON m.fk_user_author = u.rowid";
$sql.= " WHERE m.fk_product = p.rowid";
$sql.= " AND m.fk_entrepot = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND m.fk_entrepot = e.rowid";
$sql.= " AND e.entity = ".$conf->entity;
if (empty($conf->global->STOCK_SUPPORTS_SERVICES)) $sql.= " AND p.fk_product_type = 0";
if ($_GET["id"])
{
$sql.= " AND s.rowid ='".$_GET["id"]."'";
$sql.= " AND e.rowid ='".$_GET["id"]."'";
}
if ($month > 0)
{
@ -111,7 +111,7 @@ if (! empty($search_product))
}
if (! empty($search_warehouse))
{
$sql.= " AND s.label LIKE '%".$db->escape($search_warehouse)."%'";
$sql.= " AND e.label LIKE '%".$db->escape($search_warehouse)."%'";
}
if (! empty($search_user))
{
@ -341,8 +341,8 @@ else
dol_print_error($db);
}
llxFooter();
$db->close();
llxFooter();
?>

2
htdocs/societe/ajaxcompanies.php
View File

@ -61,7 +61,7 @@ if (GETPOST('newcompany') || GETPOST('socid') || GETPOST('id_fourn'))
$sql = "SELECT rowid, nom";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.entity = ".$conf->entity;
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
if ($socid)
{
$sql.=" AND (";

14
htdocs/societe/class/societe.class.php
View File

@ -650,13 +650,13 @@ class Societe extends CommonObject
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_typent as te ON s.fk_typent = te.id';
if ($rowid) $sql .= ' WHERE s.rowid = '.$rowid;
if ($ref) $sql .= " WHERE s.nom = '".$this->db->escape($ref)."' AND s.entity = ".$conf->entity;
if ($ref_ext) $sql .= " WHERE s.ref_ext = '".$this->db->escape($ref_ext)."' AND s.entity = ".$conf->entity;
if ($ref_int) $sql .= " WHERE s.ref_int = '".$this->db->escape($ref_int)."' AND s.entity = ".$conf->entity;
if ($idprof1) $sql .= " WHERE s.siren = '".$this->db->escape($idprof1)."' AND s.entity = ".$conf->entity;
if ($idprof2) $sql .= " WHERE s.siret = '".$this->db->escape($idprof2)."' AND s.entity = ".$conf->entity;
if ($idprof3) $sql .= " WHERE s.ape = '".$this->db->escape($idprof3)."' AND s.entity = ".$conf->entity;
if ($idprof4) $sql .= " WHERE s.idprof4 = '".$this->db->escape($idprof4)."' AND s.entity = ".$conf->entity;
if ($ref) $sql .= " WHERE s.nom = '".$this->db->escape($ref)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($ref_ext) $sql .= " WHERE s.ref_ext = '".$this->db->escape($ref_ext)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($ref_int) $sql .= " WHERE s.ref_int = '".$this->db->escape($ref_int)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($idprof1) $sql .= " WHERE s.siren = '".$this->db->escape($idprof1)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($idprof2) $sql .= " WHERE s.siret = '".$this->db->escape($idprof2)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($idprof3) $sql .= " WHERE s.ape = '".$this->db->escape($idprof3)."' AND s.entity IN (".getEntity($this->element, 1).")";
if ($idprof4) $sql .= " WHERE s.idprof4 = '".$this->db->escape($idprof4)."' AND s.entity IN (".getEntity($this->element, 1).")";
$resql=$this->db->query($sql);
dol_syslog(get_class($this)."::fetch ".$sql);

2
htdocs/societe/lien.php
View File

@ -239,7 +239,7 @@ if ($socid)
$sql.= ", ".MAIN_DB_PREFIX."c_typent as te";
if (! $user->rights->societe->client->voir) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
$sql.= " WHERE s.fk_typent = te.id";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (! $user->rights->societe->client->voir) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (dol_strlen(trim($_GET["search_nom"]))) $sql.= " AND s.nom LIKE '%".$_GET["search_nom"]."%'";
$sql.= $db->order("s.nom","ASC");

2
htdocs/societe/notify/index.php
View File

@ -65,7 +65,7 @@ $sql.= " ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE n.fk_contact = c.rowid";
$sql.= " AND a.rowid = n.fk_action";
$sql.= " AND n.fk_soc = s.rowid";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if ($socid > 0) $sql.= " AND s.rowid = " . $user->societe_id;
$sql.= $db->order($sortfield,$sortorder);

23
htdocs/societe/societe.php
View File

@ -75,13 +75,13 @@ if ($mode == 'search')
if ($search_sale || !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
// We'll need this table joined to the select in order to filter by categ
if ($search_categ) $sql.= ", ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql.= " WHERE (";
$sql.= " s.nom like '%".$db->escape($socname)."%'";
$sql.= " WHERE s.entity IN (".getEntity('societe', 1).")";
$sql.= " AND (";
$sql.= " s.nom LIKE '%".$db->escape($socname)."%'";
$sql.= " OR s.code_client LIKE '%".$db->escape($socname)."%'";
$sql.= " OR s.email like '%".$db->escape($socname)."%'";
$sql.= " OR s.url like '%".$db->escape($socname)."%'";
$sql.= " OR s.email LIKE '%".$db->escape($socname)."%'";
$sql.= " OR s.url LIKE '%".$db->escape($socname)."%'";
$sql.= ")";
$sql.= " AND s.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($search_sale) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
@ -175,7 +175,7 @@ if ($search_sale || !$user->rights->societe->client->voir) $sql.= ", ".MAIN_DB_P
// We'll need this table joined to the select in order to filter by categ
if ($search_categ) $sql.= ", ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql.= " WHERE s.fk_stcomm = st.id";
$sql.= " AND s.entity = ".$conf->entity;
$sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($search_sale) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
@ -204,8 +204,8 @@ if ($search_all)
$sql.= " AND (";
$sql.= "s.nom LIKE '%".$db->escape($search_all)."%'";
$sql.= " OR s.code_client LIKE '%".$db->escape($search_all)."%'";
$sql.= " OR s.email like '%".$db->escape($search_all)."%'";
$sql.= " OR s.url like '%".$db->escape($search_all)."%'";
$sql.= " OR s.email LIKE '%".$db->escape($search_all)."%'";
$sql.= " OR s.url LIKE '%".$db->escape($search_all)."%'";
$sql.= ")";
}
if ($search_nom)
@ -213,8 +213,8 @@ if ($search_nom)
$sql.= " AND (";
$sql.= "s.nom LIKE '%".$db->escape($search_nom)."%'";
$sql.= " OR s.code_client LIKE '%".$db->escape($search_nom)."%'";
$sql.= " OR s.email like '%".$db->escape($search_nom)."%'";
$sql.= " OR s.url like '%".$db->escape($search_nom)."%'";
$sql.= " OR s.email LIKE '%".$db->escape($search_nom)."%'";
$sql.= " OR s.url LIKE '%".$db->escape($search_nom)."%'";
$sql.= ")";
}
@ -417,7 +417,8 @@ else
dol_print_error($db);
}
llxFooter();
$db->close();
llxFooter();
?>