Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clean code managing canvas

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-18 06:02:52 +02:00
parent b49211b278
commit b35db6b9dd
8 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/adherents/card.php
View File

@ -82,7 +82,7 @@ if (!empty($canvas)) {
}
// Security check
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', $objcanvas);
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', 0);
if ($id > 0) {
// Load member

2
htdocs/contact/agenda.php
View File

@ -83,7 +83,7 @@ $search_agenda_label = GETPOST('search_agenda_label');
// Security check
if ($user->socid) $socid = $user->socid;
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', $objcanvas); // If we create a contact with no company (shared contacts), no check on write permission
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');

2
htdocs/contact/card.php
View File

@ -78,7 +78,7 @@ if (!empty($canvas))
// Security check
if ($user->socid) $socid = $user->socid;
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', $objcanvas); // If we create a contact with no company (shared contacts), no check on write permission
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('contactcard', 'globalcard'));

2
htdocs/contact/document.php
View File

@ -52,7 +52,7 @@ if (!empty($canvas))
// Security check
if ($user->socid) $socid = $user->socid;
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', $objcanvas); // If we create a contact with no company (shared contacts), no check on write permission
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission
// Get parameters
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;

6
htdocs/core/ajax/contacts.php
View File

@ -27,11 +27,15 @@ if (!defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1');
require '../../main.inc.php';
$id = GETPOST('id', 'int');
$id = GETPOST('id', 'int'); // id of thirdparty
$action = GETPOST('action', 'aZ09');
$htmlname = GETPOST('htmlname', 'alpha');
$showempty = GETPOST('showempty', 'int');
// Security check
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', $objcanvas);
/*
* View
*/

6
htdocs/product/list.php
View File

@ -127,9 +127,9 @@ if (!empty($canvas))
}
// Security check
if ($search_type == '0') $result = restrictedArea($user, 'produit', '', '', '', '', '', $objcanvas);
elseif ($search_type == '1') $result = restrictedArea($user, 'service', '', '', '', '', '', $objcanvas);
else $result = restrictedArea($user, 'produit|service', '', '', '', '', '', $objcanvas);
if ($search_type == '0') $result = restrictedArea($user, 'produit', '', '', '', '', '', 0);
elseif ($search_type == '1') $result = restrictedArea($user, 'service', '', '', '', '', '', 0);
else $result = restrictedArea($user, 'produit|service', '', '', '', '', '', 0);
// Define virtualdiffersfromphysical
$virtualdiffersfromphysical = 0;

3
htdocs/societe/card.php
View File

@ -85,7 +85,6 @@ if (!($object->id > 0) && $action == 'view')
}
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
$object->getCanvas($socid);
$canvas = $object->canvas ? $object->canvas : GETPOST("canvas");
$objcanvas = null;
if (!empty($canvas))
@ -96,7 +95,7 @@ if (!empty($canvas))
}
// Security check
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', $objcanvas);
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0);
$permissiontoread = $user->rights->societe->lire;
$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php

7
htdocs/societe/contact.php
View File

@ -68,7 +68,7 @@ $extrafields->fetch_name_optionals_label($object->table_element);
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('thirdpartycontact', 'globalcard'));
if ($action == 'view' && $object->fetch($socid) <= 0)
if ($object->fetch($socid) <= 0 && $action == 'view')
{
$langs->load("errors");
print($langs->trans('ErrorRecordNotFound'));
@ -76,7 +76,6 @@ if ($action == 'view' && $object->fetch($socid) <= 0)
}
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
$object->getCanvas($socid);
$canvas = $object->canvas ? $object->canvas : GETPOST("canvas");
$objcanvas = null;
if (!empty($canvas))
@ -87,12 +86,10 @@ if (!empty($canvas))
}
// Security check
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', $objcanvas);
$result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0);
if (empty($user->rights->societe->contact->lire)) accessforbidden();
/*
* Actions
*/