diff --git a/htdocs/bom/ajax/ajax.php b/htdocs/bom/ajax/ajax.php index 2a57752edde..444ce9beeb2 100644 --- a/htdocs/bom/ajax/ajax.php +++ b/htdocs/bom/ajax/ajax.php @@ -66,7 +66,7 @@ $idproduct = GETPOST('idproduct', 'int'); top_httphead(); -if ($action == 'getDurationUnitByProduct') { +if ($action == 'getDurationUnitByProduct' && $user->hasRight('product', 'lire')) { $product = new Product($db); $res = $product->fetch($idproduct); diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index 7c436d5721e..46c708f8c4e 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -65,7 +65,9 @@ if (empty($outputalsopricetotalwithtax)) { } // add html5 elements -$domData = ' data-element="'.$line->element.'service"'; +if($filtertype == 1) $domData = ' data-element="'.$line->element.'service"'; +else $domData = ' data-element="'.$line->element.'"'; + $domData .= ' data-id="'.$line->id.'"'; $domData .= ' data-qty="'.$line->qty.'"'; $domData .= ' data-product_type="'.$line->product_type.'"'; diff --git a/htdocs/core/class/cunits.class.php b/htdocs/core/class/cunits.class.php index 3104ccd347d..102bbbda652 100644 --- a/htdocs/core/class/cunits.class.php +++ b/htdocs/core/class/cunits.class.php @@ -427,9 +427,9 @@ class CUnits // extends CommonObject { if ($mode == 'short_label') { - return dol_getIdFromCode($this->db, $code, 'c_units', 'short_label', 'rowid', 0, ' AND unit_type = "'.$unit_type.'"'); + return dol_getIdFromCode($this->db, $code, 'c_units', 'short_label', 'rowid', 0, ' AND unit_type = "'.$this->db->escape($unit_type).'"'); } elseif ($mode == 'code') { - return dol_getIdFromCode($this->db, $code, 'c_units', 'code', 'rowid', 0, ' AND unit_type = "'. $unit_type .'"'); + return dol_getIdFromCode($this->db, $code, 'c_units', 'code', 'rowid', 0, ' AND unit_type = "'. $this->db->escape($unit_type) .'"'); } return $code; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index afee28da2fd..2e819b8539d 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8539,11 +8539,11 @@ function dol_osencode($str) * @param string $fieldkey Field to search the key into * @param string $fieldid Field to get * @param int $entityfilter Filter by entity - * @param string $filters Filter on other fields + * @param string $filters Filter on other fields * @return int <0 if KO, Id of code if OK * @see $langs->getLabelFromKey */ -function dol_getIdFromCode($db, $key, $tablename, $fieldkey = 'code', $fieldid = 'id', $entityfilter = 0, $filters = array()) +function dol_getIdFromCode($db, $key, $tablename, $fieldkey = 'code', $fieldid = 'id', $entityfilter = 0, $filters = '') { global $cache_codes;