From 6131d5a2b4a0c1fc9d9a616e4041fa7744022831 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 22 May 2022 01:19:00 +0200 Subject: [PATCH 1/5] Fix scrutinizer --- htdocs/expedition/class/expedition.class.php | 63 ---------------- .../fournisseur.commande.dispatch.class.php | 7 ++ htdocs/reception/card.php | 12 ++-- htdocs/reception/class/reception.class.php | 71 +------------------ 4 files changed, 16 insertions(+), 137 deletions(-) diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index acb54dde6f3..9035413b533 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -2069,69 +2069,6 @@ class Expedition extends CommonObject } } - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * Update/create delivery method. - * - * @param string $id id method to activate - * - * @return void - */ - public function update_delivery_method($id = '') - { - // phpcs:enable - if ($id == '') { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."c_shipment_mode (code, libelle, description, tracking)"; - $sql .= " VALUES ('".$this->db->escape($this->update['code'])."','".$this->db->escape($this->update['libelle'])."','".$this->db->escape($this->update['description'])."','".$this->db->escape($this->update['tracking'])."')"; - $resql = $this->db->query($sql); - } else { - $sql = "UPDATE ".MAIN_DB_PREFIX."c_shipment_mode SET"; - $sql .= " code='".$this->db->escape($this->update['code'])."'"; - $sql .= ",libelle='".$this->db->escape($this->update['libelle'])."'"; - $sql .= ",description='".$this->db->escape($this->update['description'])."'"; - $sql .= ",tracking='".$this->db->escape($this->update['tracking'])."'"; - $sql .= " WHERE rowid=".((int) $id); - $resql = $this->db->query($sql); - } - if ($resql < 0) { - dol_print_error($this->db, ''); - } - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * Activate delivery method. - * - * @param int $id id method to activate - * @return void - */ - public function activ_delivery_method($id) - { - // phpcs:enable - $sql = 'UPDATE '.MAIN_DB_PREFIX.'c_shipment_mode SET active=1'; - $sql .= " WHERE rowid = ".((int) $id); - - $resql = $this->db->query($sql); - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * DesActivate delivery method. - * - * @param int $id id method to desactivate - * - * @return void - */ - public function disable_delivery_method($id) - { - // phpcs:enable - $sql = 'UPDATE '.MAIN_DB_PREFIX.'c_shipment_mode SET active=0'; - $sql .= " WHERE rowid= ".((int) $id); - - $resql = $this->db->query($sql); - } - - /** * Forge an set tracking url * diff --git a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php index 2ed936ee1f6..5bfafff57b5 100644 --- a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php +++ b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php @@ -80,6 +80,13 @@ class CommandeFournisseurDispatch extends CommonObjectLine public $fk_commandefourndet; public $qty; + public $qty_asked; + + public $libelle; + public $desc; + public $tva_tx; + public $vat_src_code; + public $ref_supplier; /** * @var int ID diff --git a/htdocs/reception/card.php b/htdocs/reception/card.php index cdd82525b6e..f5ce925efc3 100644 --- a/htdocs/reception/card.php +++ b/htdocs/reception/card.php @@ -270,9 +270,9 @@ if (empty($reshook)) { $object->origin_id = $origin_id; $object->fk_project = GETPOST('projectid', 'int'); $object->weight = GETPOST('weight', 'int') == '' ? null : GETPOST('weight', 'int'); - $object->sizeH = GETPOST('sizeH', 'int') == '' ? null : GETPOST('sizeH', 'int'); - $object->sizeW = GETPOST('sizeW', 'int') == '' ? null : GETPOST('sizeW', 'int'); - $object->sizeS = GETPOST('sizeS', 'int') == '' ? null : GETPOST('sizeS', 'int'); + $object->trueHeight = GETPOST('trueHeight', 'int') == '' ? null : GETPOST('trueHeight', 'int'); + $object->trueWidth = GETPOST('trueWidth', 'int') == '' ? null : GETPOST('trueWidth', 'int'); + $object->trueDepth = GETPOST('trueDepth', 'int') == '' ? null : GETPOST('trueDepth', 'int'); $object->size_units = GETPOST('size_units', 'int'); $object->weight_units = GETPOST('weight_units', 'int'); @@ -849,9 +849,9 @@ if ($action == 'create') { // Dim print ''; print $langs->trans("Width").' x '.$langs->trans("Height").' x '.$langs->trans("Depth"); - print ' '; - print ' x '; - print ' x '; + print ' '; + print ' x '; + print ' x '; print ' '; $text = $formproduct->selectMeasuringUnits("size_units", "size", GETPOST('size_units', 'int'), 0, 2); $htmltext = $langs->trans("KeepEmptyForAutoCalculation"); diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 2ff316ecb58..eea65c440e1 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -273,9 +273,9 @@ class Reception extends CommonObject $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : "null"); $sql .= ", '".$this->db->escape($this->tracking_number)."'"; $sql .= ", ".(is_null($this->weight) ? "NULL" : ((double) $this->weight)); - $sql .= ", ".(is_null($this->sizeS) ? "NULL" : ((double) $this->sizeS)); // TODO Should use this->trueDepth - $sql .= ", ".(is_null($this->sizeW) ? "NULL" : ((double) $this->sizeW)); // TODO Should use this->trueWidth - $sql .= ", ".(is_null($this->sizeH) ? "NULL" : ((double) $this->sizeH)); // TODO Should use this->trueHeight + $sql .= ", ".(is_null($this->trueDepth) ? "NULL" : ((double) $this->trueDepth)); + $sql .= ", ".(is_null($this->trueWidth) ? "NULL" : ((double) $this->trueWidth)); + $sql .= ", ".(is_null($this->trueHeight) ? "NULL" : ((double) $this->trueHeight)); $sql .= ", ".(is_null($this->weight_units) ? "NULL" : ((double) $this->weight_units)); $sql .= ", ".(is_null($this->size_units) ? "NULL" : ((double) $this->size_units)); $sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); @@ -744,7 +744,6 @@ class Reception extends CommonObject if (!empty($this->origin) && $this->origin_id > 0 && ($this->origin == 'order_supplier' || $this->origin == 'commandeFournisseur')) { if (empty($this->commandeFournisseur)) { - $this->commandeFournisseur = null; $this->fetch_origin(); if (empty($this->commandeFournisseur->lines)) { $res = $this->commandeFournisseur->fetch_lines(); @@ -1485,70 +1484,6 @@ class Reception extends CommonObject } } - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * Update/create delivery method. - * - * @param string $id id method to activate - * - * @return void - */ - public function update_delivery_method($id = '') - { - // phpcs:enable - if ($id == '') { - $sql = "INSERT INTO ".MAIN_DB_PREFIX."c_shipment_mode (code, libelle, description, tracking)"; - $sql .= " VALUES ('".$this->db->escape($this->update['code'])."','".$this->db->escape($this->update['libelle'])."','".$this->db->escape($this->update['description'])."','".$this->db->escape($this->update['tracking'])."')"; - $resql = $this->db->query($sql); - } else { - $sql = "UPDATE ".MAIN_DB_PREFIX."c_shipment_mode SET"; - $sql .= " code='".$this->db->escape($this->update['code'])."'"; - $sql .= ",libelle='".$this->db->escape($this->update['libelle'])."'"; - $sql .= ",description='".$this->db->escape($this->update['description'])."'"; - $sql .= ",tracking='".$this->db->escape($this->update['tracking'])."'"; - $sql .= " WHERE rowid=".((int) $id); - $resql = $this->db->query($sql); - } - if ($resql < 0) { - dol_print_error($this->db, ''); - } - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * Activate delivery method. - * - * @param int $id id method to activate - * - * @return void - */ - public function activ_delivery_method($id) - { - // phpcs:enable - $sql = 'UPDATE '.MAIN_DB_PREFIX.'c_shipment_mode SET active=1'; - $sql .= " WHERE rowid = ".((int) $id); - - $resql = $this->db->query($sql); - } - - // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps - /** - * DesActivate delivery method. - * - * @param int $id id method to desactivate - * - * @return void - */ - public function disable_delivery_method($id) - { - // phpcs:enable - $sql = 'UPDATE '.MAIN_DB_PREFIX.'c_shipment_mode SET active=0'; - $sql .= " WHERE rowid = ".((int) $id); - - $resql = $this->db->query($sql); - } - - /** * Forge an set tracking url * From 0559cc08ac1c33cb110213578f048cff65bda16e Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 22 May 2022 01:28:27 +0200 Subject: [PATCH 2/5] Fix scrutinizer remove unused functions --- htdocs/compta/index.php | 2 - htdocs/core/lib/invoice.lib.php | 240 -------------------------------- 2 files changed, 242 deletions(-) diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 207f806dc74..8cef74e4fc7 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -102,11 +102,9 @@ print load_fiche_titre($langs->trans("AccountancyTreasuryArea"), '', 'bill'); print '
'; -//print getCustomerInvoicePieChart($socid); print getNumberInvoicesPieChart('customers'); print '
'; print getNumberInvoicesPieChart('fourn'); -//print getPurchaseInvoicePieChart($socid); print '
'; print getCustomerInvoiceDraftTable($max, $socid); print '
'; diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 7c24d17d61e..786483e257b 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -245,246 +245,6 @@ function supplier_invoice_rec_prepare_head($object) return $head; } -/** - * Return a HTML table that contains a pie chart of customer invoices - * - * @param int $socid (Optional) Show only results from the customer with this id - * @return string A HTML table that contains a pie chart of customer invoices - */ -function getCustomerInvoicePieChart($socid = 0) -{ - global $conf, $db, $langs, $user; - - if (empty($conf->facture->enabled) || empty($user->rights->facture->lire)) { - return ''; - } - - $sql = "SELECT count(f.rowid), f.fk_statut"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - $sql .= ", ".MAIN_DB_PREFIX."facture as f"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - } - $sql .= " WHERE f.fk_soc = s.rowid"; - $sql .= " AND f.entity IN (".getEntity('facture').")"; - if ($user->socid) { - $sql .= ' AND f.fk_soc = '.((int) $user->socid); - } - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); - } - $sql .= " GROUP BY f.fk_statut"; - - $resql = $db->query($sql); - if (!$resql) { - dol_print_error($db); - return ''; - } - - $num = $db->num_rows($resql); - $i = 0; - - $total = 0; - $vals = array(); - - while ($i < $num) { - $row = $db->fetch_row($resql); - if ($row) { - $vals[$row[1]] = $row[0]; - $total += $row[0]; - } - - $i++; - } - - $db->free($resql); - - include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php'; - - $result = '
'; - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; - - $objectstatic = new Facture($db); - $array = array(Facture::STATUS_DRAFT, Facture::STATUS_VALIDATED, Facture::STATUS_CLOSED, Facture::STATUS_ABANDONED); - $dataseries = array(); - - foreach ($array as $status) { - $objectstatic->statut = $status; - $objectstatic->paye = $status == Facture::STATUS_CLOSED ? -1 : 0; - - $dataseries[] = array($objectstatic->getLibStatut(1), (isset($vals[$status]) ? (int) $vals[$status] : 0)); - if ($status == Facture::STATUS_DRAFT) { - $colorseries[$status] = '-'.$badgeStatus0; - } - if ($status == Facture::STATUS_VALIDATED) { - $colorseries[$status] = $badgeStatus1; - } - if ($status == Facture::STATUS_CLOSED) { - $colorseries[$status] = $badgeStatus9; - } - if ($status == Facture::STATUS_ABANDONED) { - $colorseries[$status] = $badgeStatus6; - } - - if (!$conf->use_javascript_ajax) { - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; - } - } - - if ($conf->use_javascript_ajax) { - $dolgraph = new DolGraph(); - $dolgraph->SetData($dataseries); - $dolgraph->SetDataColor(array_values($colorseries)); - $dolgraph->setShowLegend(2); - $dolgraph->setShowPercent(1); - $dolgraph->SetType(['pie']); - $dolgraph->setHeight('150'); - $dolgraph->setWidth('300'); - $dolgraph->draw('idgraphcustomerinvoices'); - - $result .= ''; - $result .= ''; - $result .= ''; - } - - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; - - $result .= '
'.$langs->trans("Statistics").' - '.$langs->trans("CustomerInvoice").'
'.$objectstatic->getLibStatut(0).''.(isset($vals[$status]) ? $vals[$status] : 0).'
'.$dolgraph->show($total ? 0 : 1).'
'.$langs->trans("Total").''.$total.'
'; - $result .= '
'; - - return $result; -} - - -/** - * Return a HTML table that contains a pie chart of supplier invoices - * - * @param int $socid (Optional) Show only results from the supplier with this id - * @return string A HTML table that contains a pie chart of supplier invoices - */ -function getPurchaseInvoicePieChart($socid = 0) -{ - global $conf, $db, $langs, $user; - - if (!((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->rights->fournisseur->facture->lire) || (!empty($conf->supplier_invoice->enabled) && $user->rights->supplier_invoice->lire))) { - return ''; - } - - $sql = "SELECT count(f.rowid), f.fk_statut"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - } - $sql .= " WHERE f.fk_soc = s.rowid"; - $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; - if ($user->socid) { - $sql .= ' AND f.fk_soc = '.((int) $user->socid); - } - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); - } - $sql .= " GROUP BY f.fk_statut"; - - $resql = $db->query($sql); - if (!$resql) { - dol_print_error($db); - return ''; - } - - $num = $db->num_rows($resql); - $i = 0; - - $total = 0; - $vals = array(); - - while ($i < $num) { - $row = $db->fetch_row($resql); - if ($row) { - $vals[$row[1]] = $row[0]; - $total += $row[0]; - } - - $i++; - } - - $db->free($resql); - - include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php'; - - $result = '
'; - $result .= ''; - - $result .= ''; - $result .= ''; - $result .= ''; - - $objectstatic = new FactureFournisseur($db); - $array = array(FactureFournisseur::STATUS_DRAFT, FactureFournisseur::STATUS_VALIDATED, FactureFournisseur::STATUS_CLOSED, FactureFournisseur::STATUS_ABANDONED); - $dataseries = array(); - - foreach ($array as $status) { - $objectstatic->statut = $status; - $objectstatic->paye = $status == FactureFournisseur::STATUS_CLOSED ? -1 : 0; - - $dataseries[] = array($objectstatic->getLibStatut(1), (isset($vals[$status]) ? (int) $vals[$status] : 0)); - if ($status == FactureFournisseur::STATUS_DRAFT) { - $colorseries[$status] = '-'.$badgeStatus0; - } - if ($status == FactureFournisseur::STATUS_VALIDATED) { - $colorseries[$status] = $badgeStatus1; - } - if ($status == FactureFournisseur::STATUS_CLOSED) { - $colorseries[$status] = $badgeStatus9; - } - if ($status == FactureFournisseur::STATUS_ABANDONED) { - $colorseries[$status] = $badgeStatus6; - } - - if (!$conf->use_javascript_ajax) { - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; - } - } - - if ($conf->use_javascript_ajax) { - $dolgraph = new DolGraph(); - $dolgraph->SetData($dataseries); - $dolgraph->SetDataColor(array_values($colorseries)); - $dolgraph->setShowLegend(2); - $dolgraph->setShowPercent(1); - $dolgraph->SetType(['pie']); - $dolgraph->setHeight('150'); - $dolgraph->setWidth('300'); - $dolgraph->draw('idgraphpurchaseinvoices'); - - $result .= ''; - $result .= ''; - $result .= ''; - } - - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; - - $result .= '
'.$langs->trans("Statistics").' - '.$langs->trans("SupplierInvoice").'
'.$objectstatic->getLibStatut(0).''.(isset($vals[$status]) ? $vals[$status] : 0).'
'.$dolgraph->show($total ? 0 : 1).'
'.$langs->trans("Total").''.$total.'
'; - $result .= '
'; - - return $result; -} - /** * Return an HTML table that contains a pie chart of the number of customers or supplier invoices * From 5a489e4594d189be410ddb34c42f0a13634c4ec6 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 22 May 2022 01:43:45 +0200 Subject: [PATCH 3/5] Fix scrutinizer --- htdocs/expensereport/class/expensereport.class.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index 1ed0e7a30f5..9a69784adce 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -112,6 +112,9 @@ class ExpenseReport extends CommonObject public $fk_user_validator; // User that is defined to approve // Validation + /* @deprecated */ + public $datevalid; + public $date_valid; // User making validation public $fk_user_valid; public $user_valid_infos; @@ -1806,8 +1809,6 @@ class ExpenseReport extends CommonObject // We don't know seller and buyer for expense reports $seller = $mysoc; // We use same than current company (expense report are often done in same country) $seller->tva_assuj = 1; // Most seller uses vat - $seller->localtax1_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company - $seller->localtax2_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company $buyer = new Societe($this->db); $localtaxes_type = getLocalTaxesFromRate($vatrate, 0, $buyer, $seller); @@ -1891,10 +1892,7 @@ class ExpenseReport extends CommonObject if (!is_object($seller)) { $seller = $mysoc; // We use same than current company (expense report are often done in same country) $seller->tva_assuj = 1; // Most seller uses vat - $seller->localtax1_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company - $seller->localtax2_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company } - //$buyer = new Societe($this->db); $expensereportrule = new ExpenseReportRule($db); $rulestocheck = $expensereportrule->getAllRule($this->line->fk_c_type_fees, $this->line->date, $this->fk_user_author); @@ -1979,10 +1977,7 @@ class ExpenseReport extends CommonObject if (!is_object($seller)) { $seller = $mysoc; // We use same than current company (expense report are often done in same country) $seller->tva_assuj = 1; // Most seller uses vat - $seller->localtax1_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company - $seller->localtax2_assuj = $mysoc->localtax1_assuj; // We don't know, we reuse the state of company } - //$buyer = new Societe($this->db); $expenseik = new ExpenseReportIk($this->db); $range = $expenseik->getRangeByUser($userauthor, $this->line->fk_c_exp_tax_cat); @@ -2618,9 +2613,11 @@ class ExpenseReportLine extends CommonObjectLine public $projet_ref; public $projet_title; + public $rang; public $vatrate; public $vat_src_code; + public $tva_tx; public $localtax1_tx; public $localtax2_tx; public $localtax1_type; From 977907c07bc9bd5b139a2ee4458b70ce751bfa6a Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sun, 22 May 2022 06:47:28 +0200 Subject: [PATCH 4/5] Asset module - Fix advanced rights --- htdocs/asset/model/accountancy_codes.php | 4 ++-- htdocs/asset/model/agenda.php | 4 ++-- htdocs/asset/model/card.php | 6 +++--- htdocs/asset/model/depreciation_options.php | 4 ++-- htdocs/asset/model/list.php | 17 ++++++++++------- htdocs/asset/model/note.php | 4 ++-- htdocs/core/menus/init_menu_auguria.sql | 6 +++--- htdocs/core/menus/standard/eldy.lib.php | 6 +++--- 8 files changed, 27 insertions(+), 24 deletions(-) diff --git a/htdocs/asset/model/accountancy_codes.php b/htdocs/asset/model/accountancy_codes.php index fd5999b20b0..7582b61177e 100644 --- a/htdocs/asset/model/accountancy_codes.php +++ b/htdocs/asset/model/accountancy_codes.php @@ -52,8 +52,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id; } -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); // Used by the include of actions_addupdatedelete.inc.php +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/model/agenda.php b/htdocs/asset/model/agenda.php index cd0365a1418..a915f540ce9 100644 --- a/htdocs/asset/model/agenda.php +++ b/htdocs/asset/model/agenda.php @@ -80,8 +80,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/model/" . $object->id; } -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); // Used by the include of actions_addupdatedelete.inc.php +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/model/card.php b/htdocs/asset/model/card.php index 89843f0fc4e..f4cf1074dd2 100644 --- a/htdocs/asset/model/card.php +++ b/htdocs/asset/model/card.php @@ -68,9 +68,9 @@ if (empty($action) && empty($id) && empty($ref)) { // Load object include DOL_DOCUMENT_ROOT . '/core/actions_fetchobject.inc.php'; // Must be include, not include_once. -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->delete))) || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete))) || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); $permissionnote = $permissiontoadd; // Used by the include of actions_setnotes.inc.php $permissiondellink = $permissiontoadd; // Used by the include of actions_dellink.inc.php $upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1]; diff --git a/htdocs/asset/model/depreciation_options.php b/htdocs/asset/model/depreciation_options.php index f5bc751663b..c34bd38dc46 100644 --- a/htdocs/asset/model/depreciation_options.php +++ b/htdocs/asset/model/depreciation_options.php @@ -52,8 +52,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id; } -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); // Used by the include of actions_addupdatedelete.inc.php +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/model/list.php b/htdocs/asset/model/list.php index a6423bb3a73..3972975910a 100644 --- a/htdocs/asset/model/list.php +++ b/htdocs/asset/model/list.php @@ -121,9 +121,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); -$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->delete))); +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); +$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete))); // Security check if (empty($conf->asset->enabled)) { @@ -131,15 +131,18 @@ if (empty($conf->asset->enabled)) { } // Security check (enable the most restrictive one) -if ($user->socid > 0) accessforbidden(); -$socid = 0; if ($user->socid > 0) $socid = $user->socid; +if ($user->socid > 0) { + accessforbidden(); +} +$socid = 0; +if ($user->socid > 0) { + $socid = $user->socid; +} $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); restrictedArea($user, 'asset', $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); if (empty($conf->asset->enabled)) accessforbidden(); if (!$permissiontoread) accessforbidden(); - - /* * Actions */ diff --git a/htdocs/asset/model/note.php b/htdocs/asset/model/note.php index 4af8407976f..8c88feba449 100644 --- a/htdocs/asset/model/note.php +++ b/htdocs/asset/model/note.php @@ -50,8 +50,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id; } -$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); -$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); // Used by the include of actions_addupdatedelete.inc.php +$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); +$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php $permissionnote = $permissiontoadd; // Used by the include of actions_setnotes.inc.php // Security check (enable the most restrictive one) diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index 9a91aa58ac1..9270b946199 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -365,9 +365,9 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled', __HANDLER__, 'left', 3000__+MAX_llx_menu__, 'accountancy', 'asset', 9__+MAX_llx_menu__, '/asset/list.php?mainmenu=accountancy&leftmenu=asset', 'MenuAssets', 1, 'assets', '$user->rights->asset->read', '', 0, 20, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3001__+MAX_llx_menu__, 'asset', '', 3000__+MAX_llx_menu__, '/asset/card.php?mainmenu=accountancy&leftmenu=asset&action=create', 'MenuNewAsset', 2, 'assets', '$user->rights->asset->write', '', 0, 21, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3003__+MAX_llx_menu__, 'asset', '', 3000__+MAX_llx_menu__, '/asset/list.php?mainmenu=accountancy&leftmenu=asset', 'MenuListAssets', 2, 'assets', '$user->rights->asset->read', '', 0, 22, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3004__+MAX_llx_menu__, 'asset', 'asset_type', 3000__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy&leftmenu=asset', 'MenuTypeAssets', 2, 'assets', '$user->rights->asset->read', '', 0, 23, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3005__+MAX_llx_menu__, 'asset', '', 3004__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy&action=create', 'MenuNewTypeAssets', 3, 'assets', '$user->rights->asset->setup_advance', '', 0, 24, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3006__+MAX_llx_menu__, 'asset', '', 3004__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy', 'MenuListTypeAssets', 3, 'assets', '$user->rights->asset->read', '', 0, 25, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3004__+MAX_llx_menu__, 'asset', 'asset_type', 3000__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy&leftmenu=asset', 'MenuTypeAssets', 2, 'assets', '($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->asset->model_advance->read:$user->rights->asset->read)', '', 0, 23, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3005__+MAX_llx_menu__, 'asset', '', 3004__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy&action=create', 'MenuNewTypeAssets', 3, 'assets', '($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->asset->model_advance->write:$user->rights->asset->write)', '', 0, 24, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->asset->enabled && $leftmenu=="asset"', __HANDLER__, 'left', 3006__+MAX_llx_menu__, 'asset', '', 3004__+MAX_llx_menu__, '/asset/type.php?mainmenu=accountancy', 'MenuListTypeAssets', 3, 'assets', '($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->asset->model_advance->read:$user->rights->asset->read)', '', 0, 25, __ENTITY__); -- Check deposit insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', 'empty($conf->global->BANK_DISABLE_CHECK_DEPOSIT) && ! empty($conf->banque->enabled) && (! empty($conf->facture->enabled) || ! empty($conf->global->MAIN_MENU_CHEQUE_DEPOSIT_ON))', __HANDLER__, 'left', 1711__+MAX_llx_menu__, 'accountancy', 'checks', 14__+MAX_llx_menu__, '/compta/paiement/cheque/index.php?mainmenu=bank&leftmenu=checks', 'MenuChequeDeposits', 0, 'bills', '$user->rights->banque->lire', '', 2, 9, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index d48402ab0fb..3dc1ab6c4fd 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1879,10 +1879,10 @@ function get_left_menu_accountancy($mainmenu, &$newmenu, $usemenuhider = 1, $lef $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuAssets"), 0, $user->rights->asset->read, '', $mainmenu, 'asset', 100, '', '', '', img_picto('', 'payment', 'class="paddingright pictofixedwidth"')); $newmenu->add("/asset/card.php?leftmenu=asset&action=create", $langs->trans("MenuNewAsset"), 1, $user->rights->asset->write); $newmenu->add("/asset/list.php?leftmenu=asset&mainmenu=accountancy", $langs->trans("MenuListAssets"), 1, $user->rights->asset->read); - $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuAssetModels"), 1, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read)), '', $mainmenu, 'asset_model'); + $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuAssetModels"), 1, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)), '', $mainmenu, 'asset_model'); if ($usemenuhider || empty($leftmenu) || preg_match('/asset_model/', $leftmenu)) { - $newmenu->add("/asset/model/card.php?leftmenu=asset_model&action=create", $langs->trans("MenuNewAssetModel"), 2, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->write))); - $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuListAssetModels"), 2, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->setup_advance->read))); + $newmenu->add("/asset/model/card.php?leftmenu=asset_model&action=create", $langs->trans("MenuNewAssetModel"), 2, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); + $newmenu->add("/asset/model/list.php?leftmenu=asset_model", $langs->trans("MenuListAssetModels"), 2, (empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read))); } } } From 7b919f1513111da267b7d25aa8d53651edd50a41 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sun, 22 May 2022 07:08:39 +0200 Subject: [PATCH 5/5] Field fk_pays don't exist & fix sql error --- htdocs/asset/class/assetmodel.class.php | 1 - htdocs/asset/model/list.php | 19 ++++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/htdocs/asset/class/assetmodel.class.php b/htdocs/asset/class/assetmodel.class.php index 6390ad74c18..077f33936e8 100644 --- a/htdocs/asset/class/assetmodel.class.php +++ b/htdocs/asset/class/assetmodel.class.php @@ -105,7 +105,6 @@ class AssetModel extends CommonObject 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>20, 'notnull'=>1, 'visible'=>1, 'index'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'validate'=>'1'), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth300', 'cssview'=>'wordbreak', 'showoncombobox'=>'2', 'validate'=>'1',), 'asset_type' => array('type'=>'smallint', 'label'=>'AssetType', 'enabled'=>'1', 'position'=>40, 'notnull'=>1, 'visible'=>1, 'arrayofkeyval'=>array('0'=>'AssetTypeIntangible', '1'=>'AssetTypeTangible', '2'=>'AssetTypeInProgress', '3'=>'AssetTypeFinancial'), 'validate'=>'1',), - 'fk_pays' =>array('type'=>'integer:Ccountry:core/class/ccountry.class.php', 'label'=>'Country', 'enabled'=>1, 'visible'=>1, 'position'=>50), 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>'1', 'position'=>300, 'notnull'=>0, 'visible'=>0, 'validate'=>'1',), 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>'1', 'position'=>301, 'notnull'=>0, 'visible'=>0, 'validate'=>'1',), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>'1', 'position'=>500, 'notnull'=>1, 'visible'=>-2,), diff --git a/htdocs/asset/model/list.php b/htdocs/asset/model/list.php index 3972975910a..a55d5f49f9a 100644 --- a/htdocs/asset/model/list.php +++ b/htdocs/asset/model/list.php @@ -303,19 +303,20 @@ $sql .= !empty($hookmanager->resPrint) ? (" HAVING 1=1 " . $hookmanager->resPrin $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { /* This old and fast method to get and count full list returns all record so use a high amount of memory. - $resql = $db->query($sql); - $nbtotalofrecords = $db->num_rows($resql); + $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); */ - /* The slow method does not consume memory on mysql (not tested on pgsql) */ - /*$resql = $db->query($sql, 0, 'auto', 1); - while ($db->fetch_object($resql)) { - $nbtotalofrecords++; - }*/ /* The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-z0-9\._\s\(\),]+FROM/i', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $resql = $db->query($sqlforcount); - $objforcount = $db->fetch_object($resql); - $nbtotalofrecords = $objforcount->nbtotalofrecords; + if ($resql) { + $objforcount = $db->fetch_object($resql); + $nbtotalofrecords = $objforcount->nbtotalofrecords; + } else { + dol_print_error($db); + } + if (($page * $limit) > $nbtotalofrecords) { // if total of record found is smaller than page * limit, goto and load page 0 $page = 0; $offset = 0;