From 014cb4b004394793fbc8c653e379376b69755dd8 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Wed, 21 Jun 2017 12:03:49 +0200
Subject: [PATCH] Fix navigation on security event list
---
htdocs/admin/tools/listevents.php | 91 +++++++++++++++++--------------
htdocs/core/lib/functions.lib.php | 2 +-
2 files changed, 51 insertions(+), 42 deletions(-)
diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php
index 40ebcd69dc6..fc1d2b72fdf 100644
--- a/htdocs/admin/tools/listevents.php
+++ b/htdocs/admin/tools/listevents.php
@@ -1,5 +1,5 @@
<?php
-/* Copyright (C) 2004-2015 Laurent Destailleur <eldy@users.sourceforge.net>
+/* Copyright (C) 2004-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2015 Bahfir Abbes <bafbes@gmail.com>
*
@@ -45,15 +45,17 @@ $langs->load("companies");
$langs->load("users");
$langs->load("other");
-$sortfield = GETPOST("sortfield",'alpha');
-$sortorder = GETPOST("sortorder",'alpha');
-$page = GETPOST("page",'int');
-if ($page == -1) { $page = 0 ; }
-$offset = $conf->liste_limit * $page ;
+// Load variable for pagination
+$limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
+$sortfield = GETPOST('sortfield','alpha');
+$sortorder = GETPOST('sortorder','alpha');
+$page = GETPOST('page','int');
+if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
+$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
-if (! $sortorder) $sortorder="DESC";
if (! $sortfield) $sortfield="dateevent";
+if (! $sortorder) $sortorder="DESC";
$search_code = GETPOST("search_code");
$search_ip = GETPOST("search_ip");
@@ -61,9 +63,9 @@ $search_user = GETPOST("search_user");
$search_desc = GETPOST("search_desc");
$search_ua = GETPOST("search_ua");
-if (!isset($_REQUEST["date_startmonth"]) || $_REQUEST["date_startmonth"] > 0) $date_start=dol_mktime(0,0,0,$_REQUEST["date_startmonth"],$_REQUEST["date_startday"],$_REQUEST["date_startyear"]);
+if (GETPOST("date_startmonth") == '' || GETPOST("date_startmonth") > 0) $date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear"));
else $date_start=-1;
-if (!isset($_REQUEST["date_endmonth"]) || $_REQUEST["date_endmonth"] > 0) $date_end=dol_mktime(23,59,59,$_REQUEST["date_endmonth"],$_REQUEST["date_endday"],$_REQUEST["date_endyear"]);
+if (GETPOST("date_endmonth") == '' || GETPOST("date_endmonth") > 0) $date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear"));
else $date_end=-1;
// checks:if date_start>date_end then date_end=date_start + 24 hours
@@ -72,14 +74,6 @@ if ($date_start > 0 && $date_end > 0 && $date_start > $date_end) $date_end=$date
$now = dol_now();
$nowarray = dol_getdate($now);
-$params = "&search_code=$search_code&search_ip=$search_ip&search_user=$search_user&search_desc=$search_desc&search_ua=$search_ua";
-$params.= "&date_startmonth=".$_REQUEST["date_startmonth"];
-$params.= "&date_startday=".$_REQUEST["date_startday"];
-$params.= "&date_startyear=".$_REQUEST["date_startyear"];
-$params.= "&date_endmonth=".$_REQUEST["date_endmonth"];
-$params.= "&date_endday=".$_REQUEST["date_endday"];
-$params.= "&date_endyear=".$_REQUEST["date_endyear"];
-
if (empty($date_start)) // We define date_start and date_end
{
$date_start=dol_get_first_day($nowarray['year'],$nowarray['mon'],false);
@@ -88,6 +82,15 @@ if (empty($date_end))
{
$date_end=dol_mktime(23,59,59,$nowarray['mon'],$nowarray['mday'],$nowarray['year']);
}
+// Set $date_startmonth...
+$tmp = dol_getdate($date_start);
+$date_startday = $tmp['mday'];
+$date_startmonth = $tmp['mon'];
+$date_startyear = $tmp['year'];
+$tmp = dol_getdate($date_end);
+$date_endday = $tmp['mday'];
+$date_endmonth = $tmp['mon'];
+$date_endyear = $tmp['year'];
/*
@@ -97,7 +100,7 @@ if (empty($date_end))
$now=dol_now();
// Purge search criteria
-if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // Both test are required to be compatible with all browsers
+if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All tests are required to be compatible with all browsers
{
$date_start=-1;
$date_end=-1;
@@ -192,39 +195,39 @@ if ($result)
$i = 0;
$param='';
- if ($search_code) $param.='&search_code='.$search_code;
- if ($search_ip) $param.='&search_ip='.$search_ip;
- if ($search_user) $param.='&search_user='.$search_user;
- if ($search_desc) $param.='&search_desc='.$search_desc;
- if ($search_ua) $param.='&search_ua='.$search_ua;
+ if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage;
+ if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit;
+ if ($optioncss != '') $param.='&optioncss='.$optioncss;
+ if ($search_code) $param.='&search_code='.urlencode($search_code);
+ if ($search_ip) $param.='&search_ip='.urlencode($search_ip);
+ if ($search_user) $param.='&search_user='.urlencode($search_user);
+ if ($search_desc) $param.='&search_desc='.urlencode($search_desc);
+ if ($search_ua) $param.='&search_ua='.urlencode($search_ua);
+ if ($date_startmonth) $param.= "&date_startmonth=".urlencode($date_startmonth);
+ if ($date_startday) $param.= "&date_startday=".urlencode($date_startday);
+ if ($date_startyear) $param.= "&date_startyear=".urlencode($date_startyear);
+ if ($date_endmonth) $param.= "&date_endmonth=".urlencode($date_endmonth);
+ if ($date_endday) $param.= "&date_endday=".urlencode($date_endday);
+ if ($date_endyear) $param.= "&date_endyear=".urlencode($date_endyear);
$langs->load('withdrawals');
if ($num)
{
$center='<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=purge">'.$langs->trans("Purge").'</a>';
}
-
- print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $nbtotalofrecords, 'setup');
+
+ print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
+
+ print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $nbtotalofrecords, 'setup', 0, '', '', $limit);
if ($action == 'purge')
{
$formquestion=array();
print $form->formconfirm($_SERVER["PHP_SELF"].'?noparam=noparam', $langs->trans('PurgeAuditEvents'), $langs->trans('ConfirmPurgeAuditEvents'),'confirm_purge',$formquestion,'no',1);
}
-
- print '<form method="GET" action="'.$_SERVER["PHP_SELF"].'">';
print '<div class="div-table-responsive">';
print '<table class="liste" width="100%">';
- print '<tr class="liste_titre">';
- print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"e.dateevent","","",'align="left"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Code"),$_SERVER["PHP_SELF"],"e.type","","",'align="left"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("IP"),$_SERVER["PHP_SELF"],"e.ip","","",'align="left"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("User"),$_SERVER["PHP_SELF"],"u.login","","",'align="left"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Description"),$_SERVER["PHP_SELF"],"e.description","","",'align="left"',$sortfield,$sortorder);
- print_liste_field_titre('');
- print "</tr>\n";
-
// Lignes des champs de filtres
print '<tr class="liste_titre">';
@@ -255,14 +258,20 @@ if ($result)
print "</tr>\n";
- $var=True;
- while ($i < min($num, $conf->liste_limit))
+ print '<tr class="liste_titre">';
+ print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"e.dateevent","",$param,'align="left"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Code"),$_SERVER["PHP_SELF"],"e.type","",$param,'align="left"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("IP"),$_SERVER["PHP_SELF"],"e.ip","",$param,'align="left"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("User"),$_SERVER["PHP_SELF"],"u.login","",$param,'align="left"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Description"),$_SERVER["PHP_SELF"],"e.description","",$param,'align="left"',$sortfield,$sortorder);
+ print_liste_field_titre('');
+ print "</tr>\n";
+
+ while ($i < min($num, $limit))
{
$obj = $db->fetch_object($result);
-
-
print '<tr class="oddeven">';
// Date
@@ -316,7 +325,7 @@ if ($result)
}
print "</table>";
print "</div>";
-
+
print "</form>";
$db->free($result);
}
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 87fc05f7114..4fea390607a 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -3455,7 +3455,7 @@ function load_fiche_titre($titre, $morehtmlright='', $picto='title_generic.png',
* @param string $titre Title to show (required)
* @param int $page Numero of page to show in navigation links (required)
* @param string $file Url of page (required)
- * @param string $options More parameters for links ('' by default, does not include sortfield neither sortorder)
+ * @param string $options More parameters for links ('' by default, does not include sortfield neither sortorder). Value must be 'urlencoded' before calling function.
* @param string $sortfield Field to sort on ('' by default)
* @param string $sortorder Order to sort ('' by default)
* @param string $center String in the middle ('' by default). We often find here string $massaction comming from $form->selectMassAction()
--
GitLab