From 6bd6e4a309ee98648b6f7459841899e6a1ab9915 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur <eldy@users.sourceforge.net> Date: Sat, 1 Mar 2008 01:26:41 +0000 Subject: [PATCH] New: Add pages for agenda module --- htdocs/actioncomm.class.php | 6 +- htdocs/client.class.php | 2 +- htdocs/comm/action/fiche.php | 11 ++++ htdocs/comm/action/listactions.php | 63 ++++++++++++++++--- htdocs/comm/action/listevents.php | 4 +- htdocs/comm/clients.php | 8 +-- htdocs/comm/contact.php | 8 +-- htdocs/comm/fiche.php | 8 +-- htdocs/comm/index.php | 36 +++++------ htdocs/comm/propal.php | 6 +- htdocs/comm/propal/stats/index.php | 8 +-- htdocs/comm/propal/stats/month.php | 6 +- .../comm/propal/stats/propalestats.class.php | 24 +++---- htdocs/comm/prospect/fiche.php | 2 +- htdocs/comm/prospect/index.php | 30 ++++----- htdocs/comm/prospect/prospects.php | 8 +-- htdocs/commande/commande.class.php | 4 +- htdocs/commande/index.php | 24 +++---- htdocs/commande/liste.php | 8 +-- htdocs/commande/stats/commandestats.class.php | 16 ++--- htdocs/commande/stats/index.php | 2 +- htdocs/commande/stats/month.php | 6 +- htdocs/compta/clients.php | 6 +- htdocs/compta/commande/liste.php | 8 +-- htdocs/compta/deplacement/fiche.php | 2 +- htdocs/compta/deplacement/index.php | 8 +-- htdocs/compta/facture.php | 6 +- htdocs/compta/facture/impayees.php | 8 +-- htdocs/compta/fiche.php | 2 +- htdocs/compta/index.php | 42 ++++++------- htdocs/compta/paiement/cheque/fiche.php | 2 +- htdocs/compta/paiement/cheque/index.php | 2 +- htdocs/compta/paiement/cheque/liste.php | 2 +- htdocs/compta/paiement/liste.php | 6 +- htdocs/compta/prelevement/demandes.php | 8 +-- htdocs/compta/prelevement/index.php | 8 +-- htdocs/compta/propal.php | 6 +- htdocs/contact/index.php | 6 +- htdocs/contrat/contrat.class.php | 10 +-- htdocs/contrat/index.php | 20 +++--- htdocs/contrat/info.php | 2 +- htdocs/contrat/liste.php | 8 +-- htdocs/contrat/note.php | 2 +- htdocs/contrat/services.php | 8 +-- htdocs/expedition/index.php | 16 ++--- htdocs/expedition/liste.php | 4 +- htdocs/facture.class.php | 4 +- htdocs/fichinter/index.php | 8 +-- htdocs/fourn/commande/index.php | 8 +-- htdocs/fourn/commande/liste.php | 8 +-- htdocs/fourn/contact.php | 6 +- htdocs/fourn/facture/impayees.php | 6 +- htdocs/fourn/facture/index.php | 6 +- htdocs/fourn/facture/paiement.php | 12 ++-- htdocs/fourn/fiche-stats.php | 2 +- htdocs/fourn/fiche.php | 2 +- htdocs/fourn/fournisseur.class.php | 8 +-- htdocs/fourn/fournisseur.facture.class.php | 6 +- htdocs/fourn/index.php | 8 +-- htdocs/fourn/liste.php | 8 +-- htdocs/fourn/stats.php | 8 +-- htdocs/html.form.class.php | 4 +- htdocs/includes/boxes/box_actions.php | 6 +- htdocs/includes/boxes/box_clients.php | 6 +- htdocs/includes/boxes/box_commandes.php | 6 +- htdocs/includes/boxes/box_factures.php | 6 +- htdocs/includes/boxes/box_factures_fourn.php | 6 +- .../includes/boxes/box_factures_fourn_imp.php | 6 +- htdocs/includes/boxes/box_factures_imp.php | 6 +- htdocs/includes/boxes/box_fournisseurs.php | 6 +- htdocs/includes/boxes/box_propales.php | 6 +- htdocs/includes/boxes/box_prospect.php | 6 +- htdocs/includes/boxes/box_services_vendus.php | 6 +- .../menus/barre_left/eldy_backoffice.php | 6 +- .../menus/barre_left/eldy_frontoffice.php | 4 +- htdocs/langs/en_US/commercial.lang | 5 ++ htdocs/langs/en_US/main.lang | 1 + htdocs/langs/fr_FR/commercial.lang | 5 ++ htdocs/langs/fr_FR/main.lang | 1 + htdocs/lib/agenda.lib.php | 12 ++-- htdocs/lib/functions.inc.php | 4 +- htdocs/product.class.php | 40 ++++++------ htdocs/product/fiche.php | 12 ++-- htdocs/product/stats/commande.php | 6 +- htdocs/product/stats/commande_fournisseur.php | 6 +- htdocs/product/stats/contrat.php | 6 +- htdocs/product/stats/facture.php | 6 +- htdocs/product/stats/facture_fournisseur.php | 6 +- htdocs/product/stats/propal.php | 6 +- htdocs/projet/activity/index.php | 24 +++---- htdocs/projet/activity/myactivity.php | 6 +- htdocs/projet/index.php | 12 ++-- htdocs/projet/liste.php | 6 +- htdocs/projet/tasks/index.php | 12 ++-- htdocs/propal.class.php | 4 +- htdocs/prospect.class.php | 2 +- htdocs/soc.php | 2 +- htdocs/societe.class.php | 2 +- htdocs/societe.php | 14 ++--- htdocs/societe/commerciaux.php | 2 +- htdocs/societe/info.php | 2 +- htdocs/societe/lien.php | 2 +- htdocs/societe/notify/fiche.php | 2 +- htdocs/societe/rib.php | 2 +- 104 files changed, 473 insertions(+), 399 deletions(-) diff --git a/htdocs/actioncomm.class.php b/htdocs/actioncomm.class.php index 3d7e205fb85..0b90aa1cad1 100644 --- a/htdocs/actioncomm.class.php +++ b/htdocs/actioncomm.class.php @@ -347,12 +347,12 @@ class ActionComm $this->nbtodo=$this->nbtodolate=0; $sql = "SELECT a.id,".$this->db->pdate("a.datea")." as da"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE a.percent < 100"; if ($user->societe_id) $sql.=" AND a.fk_soc = ".$user->societe_id; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/client.class.php b/htdocs/client.class.php index 6857ffc67e4..95ccb3cd814 100644 --- a/htdocs/client.class.php +++ b/htdocs/client.class.php @@ -96,7 +96,7 @@ class Client extends Societe $sql = "SELECT count(s.rowid) as nb, s.client"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index dcd108f98be..6c7bf2939df 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -28,6 +28,7 @@ require_once("./pre.inc.php"); require_once(DOL_DOCUMENT_ROOT."/contact.class.php"); +require_once(DOL_DOCUMENT_ROOT."/user.class.php"); require_once(DOL_DOCUMENT_ROOT."/cactioncomm.class.php"); require_once(DOL_DOCUMENT_ROOT."/actioncomm.class.php"); @@ -661,6 +662,11 @@ if ($_GET["id"]) print '<input type="text" name="priority" value="'.$act->priority.'" size="5">'; print '</td></tr>'; + // Input by + print '<tr><td nowrap>'.$langs->trans("ActionAskedBy").'</td><td colspan="3">'; + print $act->author->getNomUrl(1); + print '</td></tr>'; + // Affecte a print '<tr><td nowrap>'.$langs->trans("ActionAffectedTo").'</td><td colspan="3">'; $html->select_users($act->usertodo->id,'affectedto',1); @@ -749,6 +755,11 @@ if ($_GET["id"]) print $act->priority; print '</td></tr>'; + // Input by + print '<tr><td nowrap>'.$langs->trans("ActionAskedBy").'</td><td colspan="3">'; + print $act->author->getNomUrl(1); + print '</td></tr>'; + // Affecte a print '<tr><td nowrap>'.$langs->trans("ActionAffectedTo").'</td><td colspan="3">'; if ($act->usertodo->id > 0) print $act->usertodo->getNomUrl(1); diff --git a/htdocs/comm/action/listactions.php b/htdocs/comm/action/listactions.php index 7bedacbba1d..de9348292dc 100644 --- a/htdocs/comm/action/listactions.php +++ b/htdocs/comm/action/listactions.php @@ -33,6 +33,10 @@ require_once(DOL_DOCUMENT_ROOT."/actioncomm.class.php"); $langs->load("companies"); $langs->load("agenda"); +$filtera = isset($_REQUEST["userasked"])?$_REQUEST["userasked"]:''; +$filtert = isset($_REQUEST["usertodo"])?$_REQUEST["usertodo"]:''; +$filterd = isset($_REQUEST["userdone"])?$_REQUEST["userdone"]:''; + $socid = isset($_GET["socid"])?$_GET["socid"]:$_POST["socid"]; $sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"]; $sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"]; @@ -41,7 +45,9 @@ $page = isset($_GET["page"])?$_GET["page"]:$_POST["page"]; // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe', $socid,''); + +if (! $user->rights->agenda->actions->read) $filter="mine"; if ($page == -1) { $page = 0 ; } $limit = $conf->liste_limit; @@ -62,14 +68,16 @@ llxHeader(); $sql = "SELECT s.nom as societe, s.rowid as socid, s.client,"; $sql.= " a.id,".$db->pdate("a.datep")." as dp, ".$db->pdate("a.datea")." as da, a.fk_contact, a.note, a.label, a.percent as percent,"; $sql.= " c.code as acode, c.libelle,"; +$sql.= " ua.login as loginauthor, ua.rowid as useridauthor,"; $sql.= " ut.login as logintodo, ut.rowid as useridtodo,"; $sql.= " ud.login as logindone, ud.rowid as useriddone,"; $sql.= " sp.name, sp.firstname"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; $sql.= " ".MAIN_DB_PREFIX."actioncomm as a"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON a.fk_contact = sp.rowid"; +$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ua ON a.fk_user_author = ua.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ut ON a.fk_user_action = ut.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as ud ON a.fk_user_done = ud.rowid"; $sql.= " WHERE a.fk_soc = s.rowid AND c.id = a.fk_action"; @@ -85,7 +93,7 @@ if ($socid) { $sql .= " AND s.rowid = ".$socid; } -if (!$user->rights->commercial->client->voir && !$socid) //restriction +if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } @@ -118,7 +126,31 @@ if ($resql) { print_barre_liste($langs->trans($title), $page, "index.php",$param,$sortfield,$sortorder,'',$num); } - $i = 0; + + print '<br>'; + print '<form name="listactionsfilter" action="'.$_SERVER["PHP_SELF"].'" method="POST">'; + print '<table class="border" width="100%"><tr>'; + print '<td>'; + print $langs->trans("Filter"); + print '</td>'; + print '<td><input type="checkbox" name="userasked" '.($filtera?'checked="true"':'').'> '; + print $langs->trans("MyActionsAsked"); + print '</td>'; + print '<td><input type="checkbox" name="usertodo" '.($filtert?'checked="true"':'').'> '; + print $langs->trans("MyActionsToDo"); + print '</td>'; + print '<td><input type="checkbox" name="userdone" '.($filterd?'checked="true"':'').'> '; + print $langs->trans("MyActionsDone"); + print '</td>'; + print '<td align="center"><input type="submit" class="button" value="'.$langs->trans("ToFilter").'">'; + print '</td>'; + print '</tr></table>'; + print '</form><br>'; + + + + + $i = 0; print "<table class=\"noborder\" width=\"100%\">"; print '<tr class="liste_titre">'; print_liste_field_titre($langs->trans("Action"),$_SERVER["PHP_SELF"],"acode",$param,"","",$sortfield,$sortorder); @@ -127,6 +159,7 @@ if ($resql) print_liste_field_titre($langs->trans("Title"),$_SERVER["PHP_SELF"],"a.label",$param,"","",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Company"),$_SERVER["PHP_SELF"],"s.nom",$param,"","",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Contact"),$_SERVER["PHP_SELF"],"a.fk_contact",$param,"","",$sortfield,$sortorder); + print_liste_field_titre($langs->trans("ActionUserAsk"),$_SERVER["PHP_SELF"],"ua.login",$param,"","",$sortfield,$sortorder); print_liste_field_titre($langs->trans("AffectedTo"),$_SERVER["PHP_SELF"],"ut.login",$param,"","",$sortfield,$sortorder); print_liste_field_titre($langs->trans("DoneBy"),$_SERVER["PHP_SELF"],"ud.login",$param,"","",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"a.percent",$param,"",'align="right"',$sortfield,$sortorder); @@ -148,20 +181,20 @@ if ($resql) $actionstatic->id=$obj->id; $actionstatic->code=$obj->acode; $actionstatic->libelle=$obj->libelle; - print $actionstatic->getNomUrl(1,12); + print $actionstatic->getNomUrl(1,4); print '</td>'; print '<td align="left" nowrap="nowrap">'; - print dolibarr_print_date($obj->dp,"dayhour"); + print dolibarr_print_date($obj->dp,"day"); print '</td>'; print '<td align="left" nowrap="nowrap">'; - print dolibarr_print_date($obj->da,"dayhour"); + print dolibarr_print_date($obj->da,"day"); print '</td>'; // Titre print '<td>'; - print $obj->label; + print dolibarr_trunc($obj->label,16); print '</td>'; // Soci�t� @@ -187,6 +220,18 @@ if ($resql) } print '</td>'; + // User author + print '<td align="left">'; + if ($obj->useridauthor) + { + $userstatic=new User($db,$obj->useridauthor); + $userstatic->id=$obj->useridauthor; + $userstatic->login=$obj->loginauthor; + print $userstatic->getLoginUrl(1); + } + else print ' '; + print '</td>'; + // User to do print '<td align="left">'; if ($obj->useridtodo) diff --git a/htdocs/comm/action/listevents.php b/htdocs/comm/action/listevents.php index 9df7b11b649..5eedb8279eb 100644 --- a/htdocs/comm/action/listevents.php +++ b/htdocs/comm/action/listevents.php @@ -38,7 +38,7 @@ $page = isset($_GET["page"])?$_GET["page"]:$_POST["page"]; // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); if ($page == -1) { $page = 0 ; } $limit = $conf->liste_limit; @@ -164,7 +164,7 @@ if ($resql) print $obj->label; print '</td>'; - // Soci�t� + // Soci�t� print '<td>'; $societestatic->id=$obj->socid; $societestatic->client=$obj->client; diff --git a/htdocs/comm/clients.php b/htdocs/comm/clients.php index 3d8e738f891..afeca7ea1be 100644 --- a/htdocs/comm/clients.php +++ b/htdocs/comm/clients.php @@ -29,7 +29,7 @@ require("./pre.inc.php"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); $page=$_GET["page"]; $sortorder=$_GET["sortorder"]; @@ -46,14 +46,14 @@ $search_code=isset($_GET["search_code"])?$_GET["search_code"]:$_POST["search_cod $sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm, s.code_client"; -if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = st.id AND s.client=1"; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($user->societe_id) $sql .= " AND s.rowid = " .$user->societe_id; -if (!$user->rights->commercial->client->voir) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($search_nom) $sql .= " AND s.nom like '%".addslashes(strtolower($search_nom))."%'"; if ($search_ville) $sql .= " AND s.ville like '%".addslashes(strtolower($search_ville))."%'"; diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php index 6c81405ba85..c8e2609973a 100644 --- a/htdocs/comm/contact.php +++ b/htdocs/comm/contact.php @@ -43,7 +43,7 @@ $type=$_GET["type"]; // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); /* @@ -75,13 +75,13 @@ if ($type == "f") $sql = "SELECT s.rowid, s.nom, st.libelle as stcomm"; $sql .= ", p.rowid as cidp, p.name, p.firstname, p.email, p.phone"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; $sql .= " ".MAIN_DB_PREFIX."socpeople as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc"; $sql .= " WHERE s.fk_stcomm = st.id"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($type == "c") $sql .= " AND s.client = 1"; if ($type == "p") $sql .= " AND s.client = 2"; if ($type == "f") $sql .= " AND s.fournisseur = 1"; diff --git a/htdocs/comm/fiche.php b/htdocs/comm/fiche.php index 9a262679e63..4bb68f18c9e 100644 --- a/htdocs/comm/fiche.php +++ b/htdocs/comm/fiche.php @@ -44,7 +44,7 @@ if ($conf->fichinter->enabled) $langs->load("interventions"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); $sortorder=$_GET["sortorder"]; $sortfield=$_GET["sortfield"]; @@ -100,11 +100,11 @@ if ($_POST["action"] == 'setassujtva' && $user->rights->societe->creer) if ($mode == 'search') { if ($mode-search == 'soc') { $sql = "SELECT s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE lower(s.nom) like '%".strtolower($socname)."%'"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } if ( $db->query($sql) ) { diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index f98554b28f2..91bc562f213 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -134,15 +134,15 @@ if ($conf->contrat->enabled) if ($conf->propal->enabled && $user->rights->propale->lire) { $sql = "SELECT p.rowid, p.ref, p.total_ht, s.rowid as socid, s.nom"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.rowid"; if ($socid) { $sql .= " AND s.rowid = ".$socid; } - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$db->query($sql); if ($resql) @@ -186,11 +186,11 @@ if ($conf->commande->enabled) { $langs->load("orders"); $sql = "SELECT c.rowid, c.ref, c.total_ttc, s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 0"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND c.fk_soc = ".$socid; @@ -298,15 +298,15 @@ show_array_last_actions_done($max); if ($user->rights->societe->lire) { $sql = "SELECT s.rowid,s.nom,".$db->pdate("datec")." as datec"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.client = 1"; if ($socid) { $sql .= " AND s.rowid = $socid"; } - if (!$user->rights->commercial->client->voir && !$socid) //restriction + if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } @@ -355,15 +355,15 @@ if ($conf->contrat->enabled && 0) // \todo A REFAIRE DEPUIS NOUVEAU CONTRAT $langs->load("contracts"); $sql = "SELECT s.nom, s.rowid, c.statut, c.rowid as contratid, p.ref, c.mise_en_service as datemes, c.fin_validite as datefin, c.date_cloture as dateclo"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."product as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid and c.fk_product = p.rowid"; if ($socid) { $sql .= " AND s.rowid = ".$socid; } - if (!$user->rights->commercial->client->voir && !$socid) //restriction + if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } @@ -410,12 +410,12 @@ if ($conf->propal->enabled && $user->rights->propale->lire) $langs->load("propal"); $sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.total_ht, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid AND p.fk_statut = 1"; if ($socid) $sql .= " AND s.rowid = ".$socid; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY p.rowid DESC"; $result=$db->query($sql); @@ -485,15 +485,15 @@ if ($conf->propal->enabled && $user->rights->propale->lire) { $NBMAX=5; $sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.total_ht, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid AND p.fk_statut > 1"; if ($socid) { $sql .= " AND s.rowid = ".$socid; } - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY p.rowid DESC"; $sql .= $db->plimit($NBMAX, 0); diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index c5fba87c966..8776ecb35f5 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -1812,13 +1812,13 @@ else $sql = 'SELECT s.nom, s.rowid, s.client, '; $sql.= 'p.rowid as propalid, p.total_ht, p.ref, p.fk_statut, '.$db->pdate('p.datep').' as dp,'.$db->pdate('p.fin_validite').' as dfv'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'propal as p'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'propaldet as pd ON p.rowid=pd.fk_propal'; $sql.= ' WHERE p.fk_soc = s.rowid'; - if (!$user->rights->commercial->client->voir && !$socid) //restriction + if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php index a602f41a526..f05575d331a 100644 --- a/htdocs/comm/propal/stats/index.php +++ b/htdocs/comm/propal/stats/index.php @@ -46,7 +46,7 @@ $data = $stats->getNbByMonthWithPrevYear($endyear,$startyear); create_exdir($conf->propal->dir_temp); -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename = $conf->propal->dir_temp.'/nbpropale2year-'.$user->id.'-'.$year.'.png'; $fileurl = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=nbpropale2year-'.$user->id.'-'.$year.'.png'; @@ -82,11 +82,11 @@ if (! $mesg) } $sql = "SELECT count(*) as nb, date_format(p.datep,'%Y') as dm, sum(p.total) as total_ttc"; -if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."propal as p"; -if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE fk_statut > 0"; -if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND p.fk_soc = ".$user->societe_id; diff --git a/htdocs/comm/propal/stats/month.php b/htdocs/comm/propal/stats/month.php index 4bdde0d74ae..7ee8a5d5076 100644 --- a/htdocs/comm/propal/stats/month.php +++ b/htdocs/comm/propal/stats/month.php @@ -55,7 +55,7 @@ $data = $stats->getNbByMonth($year); create_exdir($conf->propal->dir_temp); -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename = $conf->propal->dir_temp.'/propale-'.$user->id.'-'.$year.'.png'; $fileurl = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propale-'.$user->id.'-'.$year.'.png'; @@ -90,7 +90,7 @@ for ($i = 1 ; $i < 13 ; $i++) $data[$i-1] = array(ucfirst(substr(strftime("%b",dolibarr_mktime(12,12,12,$i,1,$year)),0,3)), $res[$i]); } -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename_amount = $conf->propal->dir_temp.'/propaleamount-'.$user->id.'-'.$year.'.png'; $fileurl_amount = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propaleamount-'.$user->id.'-'.$year.'.png'; @@ -125,7 +125,7 @@ for ($i = 1 ; $i < 13 ; $i++) $data[$i-1] = array(ucfirst(substr(strftime("%b",dolibarr_mktime(12,12,12,$i,1,$year)),0,3)), $res[$i]); } -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename_avg = $conf->propal->dir_temp.'/propaleaverage-'.$user->id.'-'.$year.'.png'; $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=propalstats&file=propaleaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/comm/propal/stats/propalestats.class.php b/htdocs/comm/propal/stats/propalestats.class.php index 63c90f0f004..cd7ccc2e32c 100644 --- a/htdocs/comm/propal/stats/propalestats.class.php +++ b/htdocs/comm/propal/stats/propalestats.class.php @@ -53,11 +53,11 @@ class PropaleStats extends Stats global $user; $sql = "SELECT date_format(p.datep,'%m') as dm, count(*)"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(p.datep,'%Y') = $year AND p.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND p.fk_soc = ".$user->societe_id; @@ -76,11 +76,11 @@ class PropaleStats extends Stats global $user; $sql = "SELECT date_format(p.datep,'%Y') as dm, count(*)"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND p.fk_soc = ".$user->societe_id; @@ -98,11 +98,11 @@ class PropaleStats extends Stats global $user; $sql = "SELECT date_format(p.datep,'%m') as dm, sum(p.total_ht)"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(p.datep,'%Y') = $year AND p.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND p.fk_soc = ".$user->societe_id; @@ -120,11 +120,11 @@ class PropaleStats extends Stats global $user; $sql = "SELECT date_format(p.datep,'%m') as dm, avg(p.total_ht)"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(p.datep,'%Y') = $year AND p.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND p.fk_soc = ".$user->societe_id; diff --git a/htdocs/comm/prospect/fiche.php b/htdocs/comm/prospect/fiche.php index bde1b611068..ccd83da46e3 100644 --- a/htdocs/comm/prospect/fiche.php +++ b/htdocs/comm/prospect/fiche.php @@ -38,7 +38,7 @@ $langs->load('propal'); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); /* diff --git a/htdocs/comm/prospect/index.php b/htdocs/comm/prospect/index.php index 3cf729de8cf..cec367c0854 100644 --- a/htdocs/comm/prospect/index.php +++ b/htdocs/comm/prospect/index.php @@ -71,11 +71,11 @@ if ($conf->propal->enabled) */ $sql = "SELECT count(*) as cc, st.libelle, st.id"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = st.id AND s.client=2"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " GROUP BY st.id"; $sql .= " ORDER BY st.id"; @@ -112,11 +112,11 @@ if ($resql) if ($conf->propal->enabled && $user->rights->propale->lire) { $sql = "SELECT p.rowid, p.ref, p.price, s.nom"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_statut = 0 and p.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$db->query($sql); if ($resql) @@ -165,11 +165,11 @@ if ($conf->agenda->enabled) $sql = "SELECT a.id, ".$db->pdate("a.datea")." as da, a.fk_user_author, a.percent,"; $sql.= " c.code, c.libelle,"; $sql.= " s.nom as sname, s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.id = a.fk_action AND a.percent < 100 AND s.rowid = a.fk_soc AND a.fk_user_action = ".$user->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY a.datea DESC"; $resql=$db->query($sql); @@ -219,11 +219,11 @@ if ($conf->agenda->enabled) if ($conf->propal->enabled && $user->rights->propale->lire) { $sql = "SELECT s.nom, s.rowid as socid, p.rowid as propalid, p.price, p.ref,".$db->pdate("p.datep")." as dp, c.label as statut, c.id as statutid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid AND p.fk_statut = c.id AND p.fk_statut = 1"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; $sql .= " ORDER BY p.rowid DESC"; $sql .= $db->plimit(5, 0); @@ -268,11 +268,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire) * */ $sql = "SELECT s.nom, s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = 1"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY s.tms ASC"; $sql .= $db->plimit(15, 0); diff --git a/htdocs/comm/prospect/prospects.php b/htdocs/comm/prospect/prospects.php index a1d486139c2..6560e033603 100644 --- a/htdocs/comm/prospect/prospects.php +++ b/htdocs/comm/prospect/prospects.php @@ -32,7 +32,7 @@ $langs->load("propal"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); $socname=isset($_GET["socname"])?$_GET["socname"]:$_POST["socname"]; $stcomm=isset($_GET["stcomm"])?$_GET["stcomm"]:$_POST["stcomm"]; @@ -67,13 +67,13 @@ if ($_GET["action"] == 'cstc') $sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea,"; $sql.= " st.libelle as stcomm, s.prefix_comm, s.fk_stcomm, s.fk_prospectlevel,"; $sql.= " d.nom as departement"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."societe as s"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d on (d.rowid = s.fk_departement)"; $sql.= " WHERE s.fk_stcomm = st.id AND s.client = 2"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (isset($stcomm)) { diff --git a/htdocs/commande/commande.class.php b/htdocs/commande/commande.class.php index bd5b4291d9e..6422863f83f 100644 --- a/htdocs/commande/commande.class.php +++ b/htdocs/commande/commande.class.php @@ -1825,7 +1825,7 @@ class Commande extends CommonObject $sql = 'SELECT c.rowid,'.$this->db->pdate('c.date_creation').' as datec'; $sql.= ' FROM '.MAIN_DB_PREFIX.'commande as c'; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; @@ -2118,7 +2118,7 @@ class Commande extends CommonObject $sql = "SELECT count(co.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as co"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index d203aaf3aab..7fa463e9599 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -72,12 +72,12 @@ print "</form></table><br>\n"; * Commandes brouillons */ $sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 0"; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ( $db->query($sql) ) { @@ -108,12 +108,12 @@ if ( $db->query($sql) ) * Commandes � traiter */ $sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .=" FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 1"; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY c.rowid DESC"; if ( $db->query($sql) ) @@ -170,12 +170,12 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">'; * Commandes en cours */ $sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 2 "; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " ORDER BY c.rowid DESC"; if ( $db->query($sql) ) @@ -233,12 +233,12 @@ $max=5; $sql = "SELECT c.rowid, c.ref, c.fk_statut, c.facture, s.nom, s.rowid as socid,"; $sql.= " ".$db->pdate("date_cloture")." as datec"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid and c.fk_statut > 2"; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY c.tms DESC"; $sql.= $db->plimit($max, 0); diff --git a/htdocs/commande/liste.php b/htdocs/commande/liste.php index 3618de5e868..e3edad92772 100644 --- a/htdocs/commande/liste.php +++ b/htdocs/commande/liste.php @@ -43,7 +43,7 @@ $sall=isset($_GET['sall'])?$_GET['sall']:$_POST['sall']; // Security check $orderid = isset($_GET["orderid"])?$_GET["orderid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'commande', $orderid,'',1); +$result = restrictedArea($user, 'commande', $orderid,''); /* @@ -68,11 +68,11 @@ $offset = $limit * $_GET['page'] ; $sql = 'SELECT s.nom, s.rowid as socid, c.rowid, c.ref, c.total_ht, c.ref_client,'; $sql.= ' '.$db->pdate('c.date_commande').' as date_commande, c.fk_statut, c.facture as facturee'; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande as c'; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' WHERE c.fk_soc = s.rowid'; -if (!$user->rights->commercial->client->voir && !$socid) //restriction +if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/commande/stats/commandestats.class.php b/htdocs/commande/stats/commandestats.class.php index f54c00e1421..590c2afa96c 100644 --- a/htdocs/commande/stats/commandestats.class.php +++ b/htdocs/commande/stats/commandestats.class.php @@ -56,9 +56,9 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, count(*) nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(c.date_commande,'%Y') = $year AND c.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($this->socid) { $sql .= " AND c.fk_soc = ".$this->socid; @@ -80,9 +80,9 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as dm, count(*), sum(c.total_ht)"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($this->socid) { $sql .= " AND c.fk_soc = ".$this->socid; @@ -103,9 +103,9 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, sum(c.total_ht)"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(c.date_commande,'%Y') = $year AND c.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($this->socid) { $sql .= " AND c.fk_soc = ".$this->socid; @@ -126,9 +126,9 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, avg(c.total_ht)"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE date_format(c.date_commande,'%Y') = $year AND c.fk_statut > 0"; - if (!$user->rights->commercial->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$this->socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($this->socid) { $sql .= " AND c.fk_soc = ".$this->socid; diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php index b87341f8e74..89fdb756117 100644 --- a/htdocs/commande/stats/index.php +++ b/htdocs/commande/stats/index.php @@ -65,7 +65,7 @@ if (! file_exists($dir)) } } -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename = $conf->commande->dir_temp.'/nbcommande2year-'.$user->id.'-'.$year.'.png'; $fileurl = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=nbcommande2year-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/commande/stats/month.php b/htdocs/commande/stats/month.php index 91ca353fcec..d3918811fbc 100644 --- a/htdocs/commande/stats/month.php +++ b/htdocs/commande/stats/month.php @@ -63,7 +63,7 @@ $data = $stats->getNbByMonth($year); create_exdir($conf->commande->dir_temp); -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename = $conf->commande->dir_temp.'/commande-'.$user->id.'-'.$year.'.png'; $fileurl = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=commande-'.$user->id.'-'.$year.'.png'; @@ -98,7 +98,7 @@ for ($i = 1 ; $i < 13 ; $i++) $data[$i-1] = array(ucfirst(substr(strftime("%b",dolibarr_mktime(12,12,12,$i,1,$year)),0,3)), $res[$i]); } -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename_amount = $conf->commande->dir_temp.'/commandeamount-'.$user->id.'-'.$year.'.png'; $fileurl_amount = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=commandeamount-'.$user->id.'-'.$year.'.png'; @@ -132,7 +132,7 @@ for ($i = 1 ; $i < 13 ; $i++) $data[$i-1] = array(ucfirst(substr(strftime("%b",dolibarr_mktime(12,12,12,$i,1,$year)),0,3)), $res[$i]); } -if (!$user->rights->commercial->client->voir || $user->societe_id) +if (!$user->rights->societe->client->voir || $user->societe_id) { $filename_avg = $conf->commande->dir_temp.'/commandeaverage-'.$user->id.'-'.$year.'.png'; $fileurl_avg = DOL_URL_ROOT.'/viewimage.php?modulepart=orderstats&file=commandeaverage-'.$user->id.'-'.$year.'.png'; diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php index f82d8761bcd..6314d104bf3 100644 --- a/htdocs/compta/clients.php +++ b/htdocs/compta/clients.php @@ -98,11 +98,11 @@ if ($mode == 'search') { $sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea"; $sql .= ", st.libelle as stcomm, s.prefix_comm, s.code_client, s.code_compta "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = st.id AND s.client=1"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (strlen($stcomm)) { diff --git a/htdocs/compta/commande/liste.php b/htdocs/compta/commande/liste.php index 21275b1414b..54538879241 100644 --- a/htdocs/compta/commande/liste.php +++ b/htdocs/compta/commande/liste.php @@ -45,7 +45,7 @@ $offset = $limit * $_GET["page"] ; // Security check $orderid = isset($_GET["orderid"])?$_GET["orderid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'commande',$orderid,'',1); +$result = restrictedArea($user, 'commande',$orderid,''); $langs->load('companies'); @@ -59,11 +59,11 @@ llxHeader(); $sql = "SELECT s.nom, s.rowid as socid,"; $sql.= " c.rowid, c.ref, c.total_ht,".$db->pdate("c.date_commande")." as date_commande,"; $sql.= " c.fk_statut, c.facture"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND s.rowid = ".$socid; diff --git a/htdocs/compta/deplacement/fiche.php b/htdocs/compta/deplacement/fiche.php index 6cced25e651..561df46e946 100644 --- a/htdocs/compta/deplacement/fiche.php +++ b/htdocs/compta/deplacement/fiche.php @@ -30,7 +30,7 @@ $langs->load("trips"); // Security check $id=isset($_GET["id"])?$_GET["id"]:$_POST["id"]; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'deplacement', $id,'',1); +$result = restrictedArea($user, 'deplacement', $id,''); $mesg = ''; diff --git a/htdocs/compta/deplacement/index.php b/htdocs/compta/deplacement/index.php index 842cec4c828..3e840e2b9ce 100644 --- a/htdocs/compta/deplacement/index.php +++ b/htdocs/compta/deplacement/index.php @@ -34,7 +34,7 @@ $langs->load("trips"); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'deplacement','','',1); +$result = restrictedArea($user, 'deplacement','',''); llxHeader(); @@ -65,11 +65,11 @@ if ($user->societe_id > 0) $sql = "SELECT s.nom, s.rowid as socid,"; // Ou $sql.= " d.rowid, ".$db->pdate("d.dated")." as dd, d.km, "; // Comment $sql.= " u.name, u.firstname"; // Qui -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."deplacement as d, ".MAIN_DB_PREFIX."user as u"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE d.fk_soc = s.rowid AND d.fk_user = u.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index c718b49f2b3..1d32a31d5fd 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3163,14 +3163,14 @@ else $sql.= ' f.paye as paye, f.fk_statut,'; $sql.= ' s.nom, s.rowid as socid'; if (! $sall) $sql.= ' ,sum(pf.amount) as am'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ', '.MAIN_DB_PREFIX.'facture as f'; if (! $sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiement_facture as pf ON pf.fk_facture = f.rowid'; if ($sall) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'facturedet as fd ON fd.fk_facture = f.rowid'; $sql.= ' WHERE f.fk_soc = s.rowid'; - if (!$user->rights->commercial->client->voir && !$socid) //restriction + if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/compta/facture/impayees.php b/htdocs/compta/facture/impayees.php index d6e1b36960f..a7da32e672d 100644 --- a/htdocs/compta/facture/impayees.php +++ b/htdocs/compta/facture/impayees.php @@ -37,7 +37,7 @@ $langs->load("bills"); // Security check $facid = isset($_GET["facid"])?$_GET["facid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'facture',$facid,'',1); +$result = restrictedArea($user, 'facture',$facid,''); llxHeader('',$langs->trans("BillsCustomersUnpayed")); @@ -67,14 +67,14 @@ if ($user->rights->facture->lire) $sql.= ", ".$db->pdate("f.datef")." as df, ".$db->pdate("f.date_lim_reglement")." as datelimite"; $sql.= ", f.paye as paye, f.rowid as facid, f.fk_statut"; $sql.= ", sum(pf.amount) as am"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ",".MAIN_DB_PREFIX."facture as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture "; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.paye = 0 AND f.fk_statut = 1"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($_GET["filtre"]) diff --git a/htdocs/compta/fiche.php b/htdocs/compta/fiche.php index c87c7bac14e..cfea8a348fb 100644 --- a/htdocs/compta/fiche.php +++ b/htdocs/compta/fiche.php @@ -36,7 +36,7 @@ if ($conf->projet->enabled) $langs->load("projects"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); /* diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 556427a9534..9e19c881934 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -133,11 +133,11 @@ if ($conf->facture->enabled && $user->rights->facture->lire) { $sql = "SELECT f.facnumber, f.rowid, f.total_ttc, f.type,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { @@ -206,11 +206,11 @@ if ($conf->facture->enabled && $user->rights->facture->lire) { $sql = "SELECT f.facnumber, f.rowid, f.total_ttc, f.type,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = 0"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { @@ -381,11 +381,11 @@ if ($user->rights->societe->lire) $max=5; $sql = "SELECT s.nom, s.rowid, ".$db->pdate("s.datec")." as dc"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.client = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($user->societe_id > 0) { $sql .= " AND s.rowid = ".$user->societe_id; @@ -444,11 +444,11 @@ if ($user->rights->societe->lire) $max=5; $sql = "SELECT s.nom, s.rowid, ".$db->pdate("s.datec")." as dc"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fournisseur = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($user->societe_id > 0) { $sql .= " AND s.rowid = ".$user->societe_id; @@ -507,14 +507,14 @@ if ($conf->facture->enabled && $conf->commande->enabled && $user->rights->comman $sql = "SELECT sum(f.total) as tot_fht, sum(f.total_ttc) as tot_fttc,"; $sql.= " s.nom, s.rowid as socid,"; $sql.= " p.rowid, p.ref, p.facture, p.fk_statut, p.total_ht, p.total_ttc"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe AS s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."commande AS p"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."co_fa AS co_fa ON co_fa.fk_commande = p.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture AS f ON co_fa.fk_facture = f.rowid"; $sql.= " WHERE p.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql.= " AND p.fk_soc = ".$socid; @@ -608,12 +608,12 @@ if ($conf->facture->enabled && $user->rights->facture->lire) $sql.= $db->pdate("f.date_lim_reglement")." as datelimite,"; $sql.= " sum(pf.amount) as am,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = 1"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND f.fk_soc = ".$socid; $sql.= " GROUP BY f.rowid, f.facnumber, f.fk_statut, f.total, f.total_ttc, s.nom, s.rowid"; $sql.= " ORDER BY f.datef ASC, f.facnumber ASC"; @@ -706,13 +706,13 @@ if ($conf->facture->enabled && $user->rights->facture->lire) $sql = "SELECT ff.rowid, ff.facnumber, ff.fk_statut, ff.fk_statut, ff.libelle, ff.total_ht, ff.total_ttc,"; $sql.= " sum(pf.amount) as am,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.rowid = ff.fk_soc"; $sql.= " AND ff.paye=0 AND ff.fk_statut = 1"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND ff.fk_soc = ".$socid; $sql.= " GROUP BY ff.rowid, ff.facnumber, ff.fk_statut, ff.total, ff.total_ttc, s.nom, s.rowid"; diff --git a/htdocs/compta/paiement/cheque/fiche.php b/htdocs/compta/paiement/cheque/fiche.php index a0b194f30fe..10a33ad32cf 100644 --- a/htdocs/compta/paiement/cheque/fiche.php +++ b/htdocs/compta/paiement/cheque/fiche.php @@ -36,7 +36,7 @@ $langs->load('companies'); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'banque', '','',0); +$result = restrictedArea($user, 'banque', '',''); $mesg=''; diff --git a/htdocs/compta/paiement/cheque/index.php b/htdocs/compta/paiement/cheque/index.php index c3e6621dae7..2d550eccc4a 100644 --- a/htdocs/compta/paiement/cheque/index.php +++ b/htdocs/compta/paiement/cheque/index.php @@ -32,7 +32,7 @@ $langs->load("banks"); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'banque', '','',1); +$result = restrictedArea($user, 'banque', '',''); $checkdepositstatic=new RemiseCheque($db); diff --git a/htdocs/compta/paiement/cheque/liste.php b/htdocs/compta/paiement/cheque/liste.php index 174be64db03..e24f352d35b 100644 --- a/htdocs/compta/paiement/cheque/liste.php +++ b/htdocs/compta/paiement/cheque/liste.php @@ -32,7 +32,7 @@ $langs->load("bills"); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'banque', '','',1); +$result = restrictedArea($user, 'banque', '',''); $page=$_GET["page"]; $sortorder=$_GET["sortorder"]; diff --git a/htdocs/compta/paiement/liste.php b/htdocs/compta/paiement/liste.php index d658972d70c..2ccf7f42521 100644 --- a/htdocs/compta/paiement/liste.php +++ b/htdocs/compta/paiement/liste.php @@ -36,7 +36,7 @@ $langs->load("bills"); // Security check $facid = isset($_GET["facid"])?$_GET["facid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'facture',$facid,'',1); +$result = restrictedArea($user, 'facture',$facid,''); $paymentstatic=new Paiement($db); @@ -71,12 +71,12 @@ $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.row $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) +if (!$user->rights->societe->client->voir && !$socid) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; } $sql.= " WHERE p.fk_paiement = c.id"; -if (!$user->rights->commercial->client->voir && !$socid) +if (!$user->rights->societe->client->voir && !$socid) { $sql.= " AND sc.fk_user = " .$user->id; } diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index 71c19388fcb..4e71530c66a 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -35,7 +35,7 @@ $langs->load("widthdrawals"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'prelevement','','',1); +$result = restrictedArea($user, 'prelevement','',''); llxHeader(); @@ -64,12 +64,12 @@ if (! $sortfield) $sortfield="f.facnumber"; $sql= "SELECT f.facnumber, f.rowid, s.nom, s.rowid as socid"; $sql.= " , ".$db->pdate("pfd.date_demande")." as date_demande"; $sql.= " , pfd.fk_user_demande"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s"; $sql.= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.rowid = f.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (! $statut) $sql.= " AND pfd.traite = 0"; if ($statut) $sql.= " AND pfd.traite = ".$statut; $sql.= " AND pfd.fk_facture = f.rowid"; diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php index f4031862c6b..0df07d6c79b 100644 --- a/htdocs/compta/prelevement/index.php +++ b/htdocs/compta/prelevement/index.php @@ -35,7 +35,7 @@ $langs->load("withdrawals"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'prelevement','','',1); +$result = restrictedArea($user, 'prelevement','',''); @@ -127,14 +127,14 @@ print '</td><td valign="top" width="70%">'; * */ $sql = "SELECT f.facnumber, f.rowid, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " , ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; $sql .= " WHERE s.rowid = f.fk_soc"; $sql .= " AND pfd.traite = 0 AND pfd.fk_facture = f.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { diff --git a/htdocs/compta/propal.php b/htdocs/compta/propal.php index 51c65a5dd67..90d07c40be6 100644 --- a/htdocs/compta/propal.php +++ b/htdocs/compta/propal.php @@ -668,11 +668,11 @@ else $sql.= " p.total_ht, p.tva, p.total,"; $sql.= $db->pdate("p.datep")." as dp, "; $sql.= $db->pdate("p.fin_validite")." as dfin"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($viewstatut <> '') $sql .= " AND p.fk_statut in ($viewstatut)"; // viewstatut peut etre combinaisons s�par� par virgules if ($month > 0) diff --git a/htdocs/contact/index.php b/htdocs/contact/index.php index 2aa05c15899..5e064c3400f 100644 --- a/htdocs/contact/index.php +++ b/htdocs/contact/index.php @@ -34,7 +34,7 @@ $langs->load("suppliers"); // Security check $contactid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contact', $contactid,'',1); +$result = restrictedArea($user, 'contact', $contactid,''); $search_nom=isset($_GET["search_nom"])?$_GET["search_nom"]:$_POST["search_nom"]; $search_prenom=isset($_GET["search_prenom"])?$_GET["search_prenom"]:$_POST["search_prenom"]; @@ -100,9 +100,9 @@ $sql.= " p.rowid as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, $sql.= " ".$db->pdate("p.tms")." as tms"; $sql.= " FROM ".MAIN_DB_PREFIX."socpeople as p"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE 1=1 "; -if (!$user->rights->commercial->client->voir && !$socid) //restriction +if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND IFNULL(sc.fk_user, ".$user->id.") = " .$user->id; } diff --git a/htdocs/contrat/contrat.class.php b/htdocs/contrat/contrat.class.php index dbcefe51603..ae0a3f0ffec 100644 --- a/htdocs/contrat/contrat.class.php +++ b/htdocs/contrat/contrat.class.php @@ -1069,24 +1069,24 @@ class Contrat extends CommonObject if ($mode == 'inactives') { $sql = "SELECT cd.rowid,".$this->db->pdate("cd.date_ouverture_prevue")." as datefin"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut = 1 AND c.rowid = cd.fk_contrat"; $sql.= " AND cd.statut = 0"; } if ($mode == 'expired') { $sql = "SELECT cd.rowid,".$this->db->pdate("cd.date_fin_validite")." as datefin"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut = 1 AND c.rowid = cd.fk_contrat"; $sql.= " AND cd.statut = 4"; $sql.= " AND cd.date_fin_validite < '".$this->db->idate(time())."'"; } if ($user->societe_id) $sql.=" AND c.fk_soc = ".$user->societe_id; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index 1c782b8a766..6be149770ef 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -41,7 +41,7 @@ $statut=isset($_GET["statut"])?$_GET["statut"]:1; // Security check $contratid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contrat',$contratid,'',1); +$result = restrictedArea($user, 'contrat',$contratid,''); $staticcontrat=new Contrat($db); $staticcontratligne=new ContratLigne($db); @@ -101,13 +101,13 @@ $sql.= ' sum('.$db->ifsql("cd.statut=4 AND cd.date_fin_validite > sysdate()",1,0 $sql.= ' sum('.$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= sysdate())",1,0).') as nb_late,'; $sql.= ' sum('.$db->ifsql("cd.statut=5",1,0).') as nb_closed,'; $sql.= " c.rowid as cid, c.ref, c.datec, c.statut, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; $sql.= " ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.rowid "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) $sql .= " AND s.rowid = ".$socid; $sql.= " GROUP BY c.rowid, c.datec, c.statut, s.nom, s.rowid"; $sql.= " ORDER BY c.datec DESC"; @@ -163,12 +163,12 @@ print '<br>'; // Not activated services $sql = "SELECT cd.rowid as cid, c.ref, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut=1 AND cd.statut = 0"; $sql.= " AND cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY cd.tms DESC"; @@ -217,11 +217,11 @@ print '<br>'; $max=5; $sql = "SELECT cd.rowid as cid, c.ref, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) $sql.= " AND s.rowid = ".$socid; $sql.= " ORDER BY cd.tms DESC"; diff --git a/htdocs/contrat/info.php b/htdocs/contrat/info.php index c138c0ce472..72d6010591a 100644 --- a/htdocs/contrat/info.php +++ b/htdocs/contrat/info.php @@ -32,7 +32,7 @@ $langs->load("contracts"); // Security check $contratid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contrat',$contratid,'',1); +$result = restrictedArea($user, 'contrat',$contratid,''); /* diff --git a/htdocs/contrat/liste.php b/htdocs/contrat/liste.php index a26001b2907..a5256727236 100644 --- a/htdocs/contrat/liste.php +++ b/htdocs/contrat/liste.php @@ -50,7 +50,7 @@ if (! $sortorder) $sortorder="DESC"; // Security check $contratid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contrat', $contratid,'',1); +$result = restrictedArea($user, 'contrat', $contratid,''); $staticcontrat=new Contrat($db); $staticcontratligne=new ContratLigne($db); @@ -68,13 +68,13 @@ $sql.= ' sum('.$db->ifsql("cd.statut=4 AND cd.date_fin_validite > sysdate()",1,0 $sql.= ' sum('.$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= sysdate())",1,0).') as nb_late,'; $sql.= ' sum('.$db->ifsql("cd.statut=5",1,0).') as nb_closed,'; $sql.= " c.rowid as cid, c.ref, c.datec, c.statut, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; $sql.= " ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.rowid "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($search_nom) $sql.= " AND s.nom like '%".addslashes($search_nom)."%'"; if ($search_contract) $sql.= " AND c.rowid = '".addslashes($search_contract)."'"; if ($sall) $sql.= " AND (s.nom like '%".addslashes($sall)."%' OR cd.label like '%".addslashes($sall)."%' OR cd.description like '%".addslashes($sall)."%')"; diff --git a/htdocs/contrat/note.php b/htdocs/contrat/note.php index b62610374dc..f95acf7a6ea 100644 --- a/htdocs/contrat/note.php +++ b/htdocs/contrat/note.php @@ -39,7 +39,7 @@ $langs->load("contracts"); // Security check $contactid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contact',$contactid,'',1); +$result = restrictedArea($user, 'contact',$contactid,''); $contrat = new Contrat($db); diff --git a/htdocs/contrat/services.php b/htdocs/contrat/services.php index 2a00ac4ac78..ccbafa2431e 100644 --- a/htdocs/contrat/services.php +++ b/htdocs/contrat/services.php @@ -51,7 +51,7 @@ $socid=$_GET["socid"]; // Security check $contratid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contrat',$contratid,'',1); +$result = restrictedArea($user, 'contrat',$contratid,''); $staticcontrat=new Contrat($db); @@ -65,20 +65,20 @@ llxHeader(); $sql = "SELECT s.rowid as socid, s.nom, c.rowid as cid,"; $sql.= " cd.rowid, cd.description, cd.statut, p.rowid as pid, p.label as label,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " sc.fk_soc, sc.fk_user,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " sc.fk_soc, sc.fk_user,"; $sql.= " ".$db->pdate("cd.date_ouverture_prevue")." as date_ouverture_prevue,"; $sql.= " ".$db->pdate("cd.date_ouverture")." as date_ouverture,"; $sql.= " ".$db->pdate("cd.date_fin_validite")." as date_fin_validite,"; $sql.= " ".$db->pdate("cd.date_cloture")." as date_cloture"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c,"; $sql.= " ".MAIN_DB_PREFIX."societe as s,"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,"; $sql.= " ".MAIN_DB_PREFIX."contratdet as cd"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; $sql.= " WHERE"; $sql.= " c.rowid = cd.fk_contrat"; $sql.= " AND c.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($mode == "0") $sql.= " AND cd.statut = 0"; if ($mode == "4") $sql.= " AND cd.statut = 4"; if ($mode == "5") $sql.= " AND cd.statut = 5"; diff --git a/htdocs/expedition/index.php b/htdocs/expedition/index.php index 09438f94385..1e876b92a79 100644 --- a/htdocs/expedition/index.php +++ b/htdocs/expedition/index.php @@ -60,7 +60,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."co_exp as ce ON e.rowid = ce.fk_expedition"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON ce.fk_commande = c.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) +if (!$user->rights->societe->client->voir && !$socid) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql.= $clause." sc.fk_user = " .$user->id; @@ -101,12 +101,12 @@ if ($resql) * Commandes � traiter */ $sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 1"; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY c.rowid ASC"; if ( $db->query($sql) ) @@ -146,12 +146,12 @@ print '</td><td valign="top" width="70%">'; * Commandes en traitement */ $sql = "SELECT c.rowid, c.ref, s.nom, s.rowid as socid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.fk_soc = s.rowid AND c.fk_statut = 2"; if ($socid) $sql .= " AND c.fk_soc = ".$socid; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $resql = $db->query($sql); if ( $resql ) { @@ -190,7 +190,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."expedition as e"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."co_exp as ce ON e.rowid = ce.fk_expedition"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON ce.fk_commande = c.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) +if (!$user->rights->societe->client->voir && !$socid) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql.= $clause." sc.fk_user = " .$user->id; diff --git a/htdocs/expedition/liste.php b/htdocs/expedition/liste.php index e40352039a7..9f8abc3da20 100644 --- a/htdocs/expedition/liste.php +++ b/htdocs/expedition/liste.php @@ -32,7 +32,7 @@ $langs->load('companies'); // Security check $expeditionid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'expedition',$expeditionid,'',1); +$result = restrictedArea($user, 'expedition',$expeditionid,''); $sortfield=isset($_GET["sortfield"])?$_GET["sortfield"]:""; @@ -70,7 +70,7 @@ else $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."propal as ori ON pe.fk_commande = ori.rowid"; } $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) +if (!$user->rights->societe->client->voir && !$socid) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; $sql.= $clause." sc.fk_user = " .$user->id; diff --git a/htdocs/facture.class.php b/htdocs/facture.class.php index 70ad7f2e49c..59ef610588a 100644 --- a/htdocs/facture.class.php +++ b/htdocs/facture.class.php @@ -2405,7 +2405,7 @@ class Facture extends CommonObject $sql = 'SELECT f.rowid,'.$this->db->pdate('f.date_lim_reglement').' as datefin'; $sql.= ' FROM '.MAIN_DB_PREFIX.'facture as f'; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; @@ -2543,7 +2543,7 @@ class Facture extends CommonObject $sql = "SELECT count(f.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; diff --git a/htdocs/fichinter/index.php b/htdocs/fichinter/index.php index 063fa7a46aa..6a2709fcc2c 100644 --- a/htdocs/fichinter/index.php +++ b/htdocs/fichinter/index.php @@ -40,7 +40,7 @@ $page=$_GET["page"]?$_GET["page"]:$_POST["page"]; // Security check $fichinterid = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'ficheinter', $fichinterid,'',1); +$result = restrictedArea($user, 'ficheinter', $fichinterid,''); if (! $sortorder) $sortorder="DESC"; if (! $sortfield) $sortfield="f.datei"; @@ -59,11 +59,11 @@ llxHeader(); $sql = "SELECT s.nom,s.rowid as socid, f.ref,".$db->pdate("f.datei")." as dp, f.rowid as fichid, f.fk_statut, f.description, f.duree"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as f "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.fk_soc = s.rowid "; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql .= " AND s.rowid = " . $socid; diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php index f925c5fe807..b0f3d7c1f72 100644 --- a/htdocs/fourn/commande/index.php +++ b/htdocs/fourn/commande/index.php @@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/contact.class.php"); // Security check $orderid = isset($_GET["orderid"])?$_GET["orderid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'commande_fournisseur', $orderid,'',1); +$result = restrictedArea($user, 'commande_fournisseur', $orderid,''); /* @@ -47,11 +47,11 @@ print '<table class="notopnoleftnoright" width="100%">'; print '<tr valign="top"><td class="notopnoleft" width="30%">'; $sql = "SELECT count(cf.rowid), fk_statut"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as cf"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE cf.fk_soc = s.rowid "; -if (!$user->rights->commercial->client->voir && !$socid) //restriction +if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/fourn/commande/liste.php b/htdocs/fourn/commande/liste.php index 30e2e1db775..5a8069f07fd 100644 --- a/htdocs/fourn/commande/liste.php +++ b/htdocs/fourn/commande/liste.php @@ -36,7 +36,7 @@ $sortfield = $_GET["sortfield"]; // Security check $orderid = isset($_GET["orderid"])?$_GET["orderid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'commande_fournisseur', $orderid,'',1); +$result = restrictedArea($user, 'commande_fournisseur', $orderid,''); /* @@ -67,11 +67,11 @@ $offset = $conf->liste_limit * $page ; $sql = "SELECT s.rowid as socid, s.nom, ".$db->pdate("cf.date_commande")." as dc,"; $sql .= " cf.rowid,cf.ref, cf.fk_statut"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as cf"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE cf.fk_soc = s.rowid "; -if (!$user->rights->commercial->client->voir && !$socid) //restriction +if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/fourn/contact.php b/htdocs/fourn/contact.php index 085b4754862..1248da1e43a 100644 --- a/htdocs/fourn/contact.php +++ b/htdocs/fourn/contact.php @@ -59,11 +59,11 @@ $offset = $limit * $page ; */ $sql = "SELECT s.rowid as socid, s.nom, st.libelle as stcomm, p.rowid as cidp, p.name, p.firstname, p.email, p.phone"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."socpeople as p, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = st.id AND s.fournisseur = 1 AND s.rowid = p.fk_soc"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (strlen($stcomm)) { $sql .= " AND s.fk_stcomm=$stcomm"; diff --git a/htdocs/fourn/facture/impayees.php b/htdocs/fourn/facture/impayees.php index 8a7638cb465..18278c5442c 100644 --- a/htdocs/fourn/facture/impayees.php +++ b/htdocs/fourn/facture/impayees.php @@ -73,14 +73,14 @@ if ($user->rights->fournisseur->facture->lire) $sql.= $db->pdate("f.datef")." as df, ".$db->pdate("f.date_lim_reglement")." as datelimite, "; $sql.= " f.paye as paye, f.rowid as facid, f.fk_statut"; $sql.= " ,sum(pf.amount) as am"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ",".MAIN_DB_PREFIX."facture_fourn as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf ON f.rowid=pf.fk_facturefourn "; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.paye = 0 AND f.fk_statut = 1"; - if (! $user->rights->commercial->client->voir && ! $socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (! $user->rights->societe->client->voir && ! $socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($_GET["filtre"]) diff --git a/htdocs/fourn/facture/index.php b/htdocs/fourn/facture/index.php index 7d85bd07666..4009533d64e 100644 --- a/htdocs/fourn/facture/index.php +++ b/htdocs/fourn/facture/index.php @@ -92,11 +92,11 @@ llxHeader(); $sql = "SELECT s.rowid as socid, s.nom, "; $sql.= " ".$db->pdate("fac.datef")." as datef, ".$db->pdate("fac.date_lim_reglement")." as date_echeance,"; $sql.= " fac.total_ht, fac.total_ttc, fac.paye as paye, fac.fk_statut as fk_statut, fac.libelle, fac.rowid as facid, fac.facnumber"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as fac"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE fac.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND s.rowid = ".$socid; diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index 040d1220414..8ba55670bae 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -204,12 +204,12 @@ if ($action == 'create' || $action == 'add_paiement') $facture->fetch($facid); $sql = 'SELECT s.nom, s.rowid as socid, f.amount, f.total_ttc as total, f.facnumber'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'facture_fourn as f'; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= ' WHERE f.fk_soc = s.rowid'; $sql .= ' AND f.rowid = '.$facid; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $resql = $db->query($sql); if ($resql) { @@ -361,16 +361,16 @@ if (! $_GET['action'] && ! $_POST['action']) $sql.= ' s.rowid as socid, s.nom,'; $sql.= ' c.libelle as paiement_type, p.num_paiement,'; $sql.= ' ba.rowid as bid, ba.label'; - if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= ' FROM '.MAIN_DB_PREFIX.'paiementfourn AS p'; - if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn AS pf ON p.rowid=pf.fk_paiementfourn'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'facture_fourn AS f ON f.rowid=pf.fk_facturefourn '; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement AS c ON p.fk_paiement = c.id'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON s.rowid = f.fk_soc'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; - if (!$user->rights->commercial->client->voir) $sql .= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir) $sql .= " WHERE s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= ' WHERE f.fk_soc = '.$socid; diff --git a/htdocs/fourn/fiche-stats.php b/htdocs/fourn/fiche-stats.php index 6a921452117..13dc72b34e4 100644 --- a/htdocs/fourn/fiche-stats.php +++ b/htdocs/fourn/fiche-stats.php @@ -39,7 +39,7 @@ $langs->load('commercial'); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); /* diff --git a/htdocs/fourn/fiche.php b/htdocs/fourn/fiche.php index b5ed16d3c81..6b5f8cae547 100644 --- a/htdocs/fourn/fiche.php +++ b/htdocs/fourn/fiche.php @@ -39,7 +39,7 @@ $langs->load('commercial'); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); diff --git a/htdocs/fourn/fournisseur.class.php b/htdocs/fourn/fournisseur.class.php index fc7496f4e46..6135125f0c2 100644 --- a/htdocs/fourn/fournisseur.class.php +++ b/htdocs/fourn/fournisseur.class.php @@ -192,7 +192,7 @@ class Fournisseur extends Societe $sql = "SELECT count(s.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; @@ -255,11 +255,11 @@ class Fournisseur extends Societe $arr = array(); $sql = "SELECT s.rowid, s.nom"; - if (!$this->user->rights->commercial->client->voir && !$this->user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$this->user->rights->societe->client->voir && !$this->user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$this->user->rights->commercial->client->voir && !$this->user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$this->user->rights->societe->client->voir && !$this->user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fournisseur = 1"; - if (!$this->user->rights->commercial->client->voir && !$this->user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$this->user->id; + if (!$this->user->rights->societe->client->voir && !$this->user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$this->user->id; $resql=$this->db->query($sql); diff --git a/htdocs/fourn/fournisseur.facture.class.php b/htdocs/fourn/fournisseur.facture.class.php index 3296e2989c8..818222b5e6d 100644 --- a/htdocs/fourn/fournisseur.facture.class.php +++ b/htdocs/fourn/fournisseur.facture.class.php @@ -651,12 +651,12 @@ class FactureFournisseur extends Facture $this->nbtodo=$this->nbtodolate=0; $sql = 'SELECT ff.rowid,'.$this->db->pdate('ff.date_lim_reglement').' as datefin'; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' WHERE ff.paye=0 AND ff.fk_statut > 0'; if ($user->societe_id) $sql.=' AND ff.fk_soc = '.$user->societe_id; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/fourn/index.php b/htdocs/fourn/index.php index 26b60a2e933..7a3e485e13f 100644 --- a/htdocs/fourn/index.php +++ b/htdocs/fourn/index.php @@ -36,7 +36,7 @@ $langs->load("companies"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); /* @@ -262,11 +262,11 @@ print '<td valign="top" width="70%" class="notopnoleft">'; $max=10; $sql = "SELECT s.rowid as socid, s.nom, s.ville,".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm"; $sql.= " , code_fournisseur, code_compta_fournisseur"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = st.id AND s.fournisseur=1"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; $sql.= " ORDER BY s.datec DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/fourn/liste.php b/htdocs/fourn/liste.php index 4e2003cf5b3..ee5a8c56aac 100644 --- a/htdocs/fourn/liste.php +++ b/htdocs/fourn/liste.php @@ -47,7 +47,7 @@ $langs->load("companies"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); if ($page == -1) { $page = 0 ; } @@ -69,13 +69,13 @@ llxHeader(); */ $sql = "SELECT s.rowid as socid, s.nom, s.ville,".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm"; $sql.= " , code_fournisseur, code_compta_fournisseur"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; if ($_GET["cat"]) $sql .= ", ".MAIN_DB_PREFIX."categorie_fournisseur as cf"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = st.id AND s.fournisseur=1"; if ($_GET["cat"]) $sql .= " AND cf.fk_societe = s.rowid AND cf.fk_categorie='".$_GET["cat"]."'"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($socname) { $sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'"; diff --git a/htdocs/fourn/stats.php b/htdocs/fourn/stats.php index 07f1169d948..1bfc57d2b23 100644 --- a/htdocs/fourn/stats.php +++ b/htdocs/fourn/stats.php @@ -43,7 +43,7 @@ $search_ville = isset($_GET["search_ville"])?$_GET["search_ville"]:''; // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe',$socid,'',1); +$result = restrictedArea($user, 'societe',$socid,''); if ($page == -1) { $page = 0 ; } @@ -64,13 +64,13 @@ llxHeader(); $sql = "SELECT s.rowid as socid, s.nom, s.ville, ca.ca_genere as ca, ca.year"; $sql.= " , s.code_fournisseur, s.code_compta_fournisseur"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."fournisseur_ca as ca"; if ($_GET["cat"]) $sql .= ", ".MAIN_DB_PREFIX."categorie_fournisseur as cf"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = st.id AND s.fournisseur=1 AND s.rowid = ca.fk_societe"; if ($_GET["cat"]) $sql .= " AND cf.fk_societe = s.rowid AND cf.fk_categorie = '".$_GET["cat"]."'"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql .= " AND s.rowid = ".$socid; if ($socname) { $sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'"; diff --git a/htdocs/html.form.class.php b/htdocs/html.form.class.php index dd941a32d54..ca385ac2e92 100644 --- a/htdocs/html.form.class.php +++ b/htdocs/html.form.class.php @@ -588,14 +588,14 @@ class Form // On recherche les societes $sql = "SELECT s.rowid, s.nom"; $sql.= " FROM ".MAIN_DB_PREFIX ."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE 1=1"; if ($filter) $sql.= " AND ".$filter; if ($selected && $conf->use_javascript_ajax && $conf->global->COMPANY_USE_SEARCH_TO_SELECT) { $sql.= " AND rowid = ".$selected; } - if (!$user->rights->commercial->client->voir && !$user->societe_id) //restriction + if (!$user->rights->societe->client->voir && !$user->societe_id) //restriction { $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/includes/boxes/box_actions.php b/htdocs/includes/boxes/box_actions.php index fd88b65d424..bcfe7c189c8 100644 --- a/htdocs/includes/boxes/box_actions.php +++ b/htdocs/includes/boxes/box_actions.php @@ -73,14 +73,14 @@ class box_actions extends ModeleBoxes { $sql = "SELECT a.id, a.label, ".$db->pdate("a.datep")." as dp , a.percent as percentage,"; $sql.= " ta.code,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, "; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux AS sc, "; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux AS sc, "; $sql.= MAIN_DB_PREFIX."actioncomm AS a"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe AS s ON a.fk_soc = s.rowid"; $sql.= " WHERE a.fk_action = ta.id"; $sql.= " AND a.percent <> 100"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_clients.php b/htdocs/includes/boxes/box_clients.php index 543e8f812bf..fc425463e46 100644 --- a/htdocs/includes/boxes/box_clients.php +++ b/htdocs/includes/boxes/box_clients.php @@ -68,11 +68,11 @@ class box_clients extends ModeleBoxes { if ($user->rights->societe->lire) { $sql = "SELECT s.nom, s.rowid as socid, ".$db->pdate("s.datec")." as dc"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.client = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($user->societe_id > 0) { $sql .= " AND s.rowid = $user->societe_id"; diff --git a/htdocs/includes/boxes/box_commandes.php b/htdocs/includes/boxes/box_commandes.php index 04596a026cc..e5a2d3f1351 100644 --- a/htdocs/includes/boxes/box_commandes.php +++ b/htdocs/includes/boxes/box_commandes.php @@ -73,11 +73,11 @@ class box_commandes extends ModeleBoxes { $sql = "SELECT s.nom, s.rowid as socid,"; $sql.= " p.ref, p.tms, p.rowid,"; $sql.= " p.fk_statut, p.facture"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_factures.php b/htdocs/includes/boxes/box_factures.php index 9e4b3797bf7..7de9b653572 100644 --- a/htdocs/includes/boxes/box_factures.php +++ b/htdocs/includes/boxes/box_factures.php @@ -75,11 +75,11 @@ class box_factures extends ModeleBoxes { $sql = "SELECT f.rowid as facid, f.facnumber, f.type, f.amount, ".$db->pdate("f.datef")." as df,"; $sql.= " f.paye, f.fk_statut, f.datec,"; $sql.= " s.nom, s.rowid as socid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql.= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_factures_fourn.php b/htdocs/includes/boxes/box_factures_fourn.php index 69c2f9a3033..f2df39e7fb6 100644 --- a/htdocs/includes/boxes/box_factures_fourn.php +++ b/htdocs/includes/boxes/box_factures_fourn.php @@ -74,11 +74,11 @@ class box_factures_fourn extends ModeleBoxes { $sql = "SELECT s.nom, s.rowid as socid,"; $sql.= " f.rowid as facid, f.facnumber, f.amount,".$db->pdate("f.datef")." as df,"; $sql.= " f.paye, f.fk_statut, f.datec"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE f.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_factures_fourn_imp.php b/htdocs/includes/boxes/box_factures_fourn_imp.php index 1eda115c410..c658c9bc039 100644 --- a/htdocs/includes/boxes/box_factures_fourn_imp.php +++ b/htdocs/includes/boxes/box_factures_fourn_imp.php @@ -74,11 +74,11 @@ class box_factures_fourn_imp extends ModeleBoxes { $sql.= " f.facnumber,".$db->pdate("f.date_lim_reglement")." as datelimite,"; $sql.= " f.amount,".$db->pdate("f.datef")." as df,"; $sql.= " f.paye, f.fk_statut, f.rowid as facid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE f.fk_soc = s.rowid AND f.paye=0 AND fk_statut = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_factures_imp.php b/htdocs/includes/boxes/box_factures_imp.php index 69f020ba4cc..2d827de0fb4 100644 --- a/htdocs/includes/boxes/box_factures_imp.php +++ b/htdocs/includes/boxes/box_factures_imp.php @@ -74,11 +74,11 @@ class box_factures_imp extends ModeleBoxes { $sql.= " f.facnumber,".$db->pdate("f.date_lim_reglement")." as datelimite,"; $sql.= " f.amount,".$db->pdate("f.datef")." as df,"; $sql.= " f.paye, f.fk_statut, f.rowid as facid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE f.fk_soc = s.rowid AND f.paye=0 AND fk_statut = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_fournisseurs.php b/htdocs/includes/boxes/box_fournisseurs.php index 6b04a051814..4e4adc8db11 100644 --- a/htdocs/includes/boxes/box_fournisseurs.php +++ b/htdocs/includes/boxes/box_fournisseurs.php @@ -67,11 +67,11 @@ class box_fournisseurs extends ModeleBoxes { if ($user->rights->societe->lire) { $sql = "SELECT s.nom, s.rowid as socid, ".$db->pdate("s.datec")." as dc"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fournisseur = 1"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($user->societe_id > 0) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_propales.php b/htdocs/includes/boxes/box_propales.php index 7a65a6db3a1..440cfb2ebf0 100644 --- a/htdocs/includes/boxes/box_propales.php +++ b/htdocs/includes/boxes/box_propales.php @@ -74,11 +74,11 @@ class box_propales extends ModeleBoxes { $sql = "SELECT s.nom, s.rowid as socid,"; $sql.= " p.rowid, p.ref, p.fk_statut, ".$db->pdate("p.datep")." as dp, p.datec"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_prospect.php b/htdocs/includes/boxes/box_prospect.php index 03fe2be536d..4608156a92e 100644 --- a/htdocs/includes/boxes/box_prospect.php +++ b/htdocs/includes/boxes/box_prospect.php @@ -68,11 +68,11 @@ class box_prospect extends ModeleBoxes { if ($user->rights->societe->lire) { $sql = "SELECT s.nom, s.rowid as socid, s.fk_stcomm, ".$db->pdate("s.datec")." as dc"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.client = 2"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($user->societe_id > 0) { $sql .= " AND s.rowid = ".$user->societe_id; diff --git a/htdocs/includes/boxes/box_services_vendus.php b/htdocs/includes/boxes/box_services_vendus.php index c4fc8e6d03c..34ccf2c8d11 100644 --- a/htdocs/includes/boxes/box_services_vendus.php +++ b/htdocs/includes/boxes/box_services_vendus.php @@ -73,16 +73,16 @@ class box_services_vendus extends ModeleBoxes { $sql.= " c.rowid,"; $sql.= " cd.rowid as cdid, cd.tms as datem, cd.statut,"; $sql.= " p.rowid as pid, p.label, p.fk_product_type"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."product as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; if ($conf->categorie->enabled && !$user->rights->categorie->voir) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."categorie_product as cp ON cp.fk_product = p.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."categorie as ca ON cp.fk_categorie = ca.rowid"; } $sql.= " WHERE s.rowid = c.fk_soc AND c.rowid = cd.fk_contrat AND cd.fk_product = p.rowid"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($conf->categorie->enabled && !$user->rights->categorie->voir) { $sql.= ' AND IFNULL(ca.visible,1)=1'; diff --git a/htdocs/includes/menus/barre_left/eldy_backoffice.php b/htdocs/includes/menus/barre_left/eldy_backoffice.php index eef4471166b..5df4caa57ed 100644 --- a/htdocs/includes/menus/barre_left/eldy_backoffice.php +++ b/htdocs/includes/menus/barre_left/eldy_backoffice.php @@ -1,5 +1,5 @@ <?php -/* Copyright (C) 2005-2007 Laurent Destailleur <eldy@users.sourceforge.net> +/* Copyright (C) 2005-2008 Laurent Destailleur <eldy@users.sourceforge.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -271,6 +271,8 @@ class MenuLeft { $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/indexactions.php?leftmenu=agenda", $langs->trans("Actions"), 0, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/societe.php?leftmenu=agenda", $langs->trans("NewAction"), 1, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda", $langs->trans("List"), 1, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo&filter=mine", $langs->trans("MenuToDoMyActions"),2, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done&filter=mine", $langs->trans("MenuDoneMyActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo", $langs->trans("MenuToDoActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done", $langs->trans("MenuDoneActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&time=today", $langs->trans("Today"), 2, $user->rights->agenda->myactions->read); @@ -725,6 +727,8 @@ class MenuLeft { $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/indexactions.php?leftmenu=agenda", $langs->trans("Actions"), 0, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/societe.php?leftmenu=agenda", $langs->trans("NewAction"), 1, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda", $langs->trans("List"), 1, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo&filter=mine", $langs->trans("MenuToDoMyActions"),2, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done&filter=mine", $langs->trans("MenuDoneMyActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo", $langs->trans("MenuToDoActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done", $langs->trans("MenuDoneActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&time=today", $langs->trans("Today"), 2, $user->rights->agenda->myactions->read); diff --git a/htdocs/includes/menus/barre_left/eldy_frontoffice.php b/htdocs/includes/menus/barre_left/eldy_frontoffice.php index af50d0ff313..5945331825c 100644 --- a/htdocs/includes/menus/barre_left/eldy_frontoffice.php +++ b/htdocs/includes/menus/barre_left/eldy_frontoffice.php @@ -1,5 +1,5 @@ <?php -/* Copyright (C) 2005-2007 Laurent Destailleur <eldy@users.sourceforge.net> +/* Copyright (C) 2005-2008 Laurent Destailleur <eldy@users.sourceforge.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -252,6 +252,8 @@ class MenuLeft { $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/indexactions.php?leftmenu=agenda", $langs->trans("Actions"), 0, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/societe.php?leftmenu=agenda", $langs->trans("NewAction"), 1, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda", $langs->trans("List"), 1, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo&filter=mine", $langs->trans("MenuToDoMyActions"),2, $user->rights->agenda->myactions->read); + //$newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done&filter=mine", $langs->trans("MenuDoneMyActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=todo", $langs->trans("MenuToDoActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&status=done", $langs->trans("MenuDoneActions"),2, $user->rights->agenda->myactions->read); $newmenu->add_submenu(DOL_URL_ROOT."/comm/action/listactions.php?leftmenu=agenda&time=today", $langs->trans("Today"), 2, $user->rights->agenda->myactions->read); diff --git a/htdocs/langs/en_US/commercial.lang b/htdocs/langs/en_US/commercial.lang index 011a10803b1..b587398f448 100644 --- a/htdocs/langs/en_US/commercial.lang +++ b/htdocs/langs/en_US/commercial.lang @@ -47,6 +47,9 @@ SendOrderRef=Send order %s NoRecordedProspects=No prospect recorded StatusActionToDo=To do StatusActionDone=Done +MyActionsAsked=Actions I have asked +MyActionsToDo=Actions I have to do +MyActionsDone=Actions I have done StatusActionInProcess=In process TasksHistoryForThisContact=Actions for this contact LastProspectDoNotContact=Do not contact @@ -56,8 +59,10 @@ LastProspectContactInProcess=Contact in process LastProspectContactDone=Contact done DateActionPlanned=Date planned DateActionDone=Date done +ActionAskedBy=Action asked by ActionAffectedTo=Action affected to ActionDoneBy=Action done by +ActionUserAsk=Requerent ErrorStatusCantBeZeroIfStarted=If field '<b>Date done</b>' is filled, action is started (or finished), so field '<b>Status</b>' can't be 0%%. ActionAC_TEL=Phone call ActionAC_FAX=Send fax diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index ac9c899ed0a..64af9c14c3d 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -59,6 +59,7 @@ NotePublic=Note (public) NotePrivate=Note (private) PrecisionUnitIsLimitedToXDecimals=Dolibarr was setup to limit precision of unit prices to <b>%s</b> decimals. DoTest=Test +ToFilter=Filter yes=yes Yes=Yes no=no diff --git a/htdocs/langs/fr_FR/commercial.lang b/htdocs/langs/fr_FR/commercial.lang index a36eb4dffd1..29640857fcf 100644 --- a/htdocs/langs/fr_FR/commercial.lang +++ b/htdocs/langs/fr_FR/commercial.lang @@ -48,6 +48,9 @@ NoRecordedProspects=Aucun prospect enregistr StatusActionToDo=� faire StatusActionDone=R�alis� StatusActionInProcess=En cours +MyActionsAsked=Actions que j'ai demand� +MyActionsToDo=Actions que j'ai � faire +MyActionsDone=Actions que j'ai faite TasksHistoryForThisContact=Actions vis � vis de contact LastProspectDoNotContact=A ne pas contacter LastProspectNeverContacted=Non contact�s @@ -56,8 +59,10 @@ LastProspectContactInProcess=Contact en cours LastProspectContactDone=Prospects contact�s DateActionPlanned=Date planification DateActionDone=Date r�alisation +ActionAskedBy=Action saisie par ActionAffectedTo=Action affect�e � ActionDoneBy=Action faite par +ActionUserAsk=Demandeur ErrorStatusCantBeZeroIfStarted=Si le champ '<b>Date de r�alisation</b>' est renseign� alors l'action est commenc�e voire finie, aussi le champ 'Etat' ne peut etre 0%%. ActionAC_TEL=Appel t�l�phonique ActionAC_FAX=Envoi fax diff --git a/htdocs/langs/fr_FR/main.lang b/htdocs/langs/fr_FR/main.lang index c201ee9bb9c..43d98dded06 100644 --- a/htdocs/langs/fr_FR/main.lang +++ b/htdocs/langs/fr_FR/main.lang @@ -59,6 +59,7 @@ NotePublic=Note (publique) NotePrivate=Note (priv�e) PrecisionUnitIsLimitedToXDecimals=Dolibarr a �t� configur� pour limiter la pr�cision des prix unitaires � <b>%s</b> d�cimals. DoTest=Tester +ToFilter=Filtrer yes=oui Yes=Oui no=non diff --git a/htdocs/lib/agenda.lib.php b/htdocs/lib/agenda.lib.php index c4a6f4b8efa..c4eeb08b4e8 100644 --- a/htdocs/lib/agenda.lib.php +++ b/htdocs/lib/agenda.lib.php @@ -35,11 +35,11 @@ function show_array_actions_to_do($max) $sql = "SELECT a.id, a.label, ".$db->pdate("a.datep")." as dp, a.fk_user_author,"; $sql.= " c.code, c.libelle,"; $sql.= " s.nom as sname, s.rowid, s.client"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.id=a.fk_action AND a.percent < 100 AND s.rowid = a.fk_soc"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND s.rowid = ".$socid; @@ -118,15 +118,15 @@ function show_array_last_actions_done($max) $sql = "SELECT a.id, a.percent, ".$db->pdate("a.datea")." as da, a.fk_user_author,"; $sql.= " c.code, c.libelle,"; $sql.= " s.rowid, s.nom as sname, s.client"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE c.id = a.fk_action AND a.percent >= 100 AND s.rowid = a.fk_soc"; if ($socid) { $sql .= " AND s.rowid = ".$socid; } - if (!$user->rights->commercial->client->voir && !$socid) //restriction + if (!$user->rights->societe->client->voir && !$socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/lib/functions.inc.php b/htdocs/lib/functions.inc.php index 22ea9b3a2b2..b8fceeb30e5 100644 --- a/htdocs/lib/functions.inc.php +++ b/htdocs/lib/functions.inc.php @@ -1223,7 +1223,7 @@ function info_admin($texte,$infoonimgalt=0) \brief Check permissions of a user to show a page and an object. \param user User to check \param feature Feature to check (in most cases, it's module name) - \param objectid Object ID if we want to chack permission on on object (optionnal) + \param objectid Object ID if we want to check permission on on object (optionnal) \param dbtable Table name where object is stored. Not used if objectid is null (optionnel) */ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='') @@ -1309,7 +1309,7 @@ function restrictedArea($user, $feature='societe', $objectid=0, $dbtablename='') } } // Check permission for internal users that are restricted on their objects - else if (! $user->rights->commercial->client->voir) + else if (! $user->rights->societe->client->voir) { if ($feature == 'societe') { diff --git a/htdocs/product.class.php b/htdocs/product.class.php index 65c5b3b57b8..6f04897529c 100644 --- a/htdocs/product.class.php +++ b/htdocs/product.class.php @@ -1008,9 +1008,9 @@ class Product extends CommonObject $sql = "SELECT COUNT(DISTINCT pr.fk_soc) as nb_customers, COUNT(DISTINCT pr.rowid) as nb,"; $sql.= " COUNT(pd.rowid) as nb_rows, SUM(pd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."propaldet as pd, ".MAIN_DB_PREFIX."propal as pr"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE pr.rowid = pd.fk_propal AND pd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND pr.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND pr.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { @@ -1049,9 +1049,9 @@ class Product extends CommonObject $sql.= " COUNT(cd.rowid) as nb_rows, SUM(cd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."commandedet as cd,"; $sql.= " ".MAIN_DB_PREFIX."commande as c"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.rowid = cd.fk_commande AND cd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql.= " AND c.fk_soc = ".$socid; @@ -1093,9 +1093,9 @@ class Product extends CommonObject $sql.= " COUNT(cd.rowid) as nb_rows, SUM(cd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as cd,"; $sql.= " ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.rowid = cd.fk_commande AND cd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql.= " AND c.fk_soc = ".$socid; @@ -1136,9 +1136,9 @@ class Product extends CommonObject $sql.= " COUNT(cd.rowid) as nb_rows, SUM(cd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd,"; $sql.= " ".MAIN_DB_PREFIX."contrat as c"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.rowid = cd.fk_contrat AND cd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; //$sql.= " AND c.statut != 0"; if ($socid > 0) { @@ -1176,9 +1176,9 @@ class Product extends CommonObject $sql.= " COUNT(pd.rowid) as nb_rows, SUM(pd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."facturedet as pd,"; $sql.= " ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.rowid = pd.fk_facture AND pd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -1216,9 +1216,9 @@ class Product extends CommonObject $sql.= " COUNT(pd.rowid) as nb_rows, SUM(pd.qty) as qty"; $sql.= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as pd,"; $sql.= " ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.rowid = pd.fk_facture_fourn AND pd.fk_product = ".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -1308,9 +1308,9 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(f.datef, '%Y%m') "; $sql .= " FROM ".MAIN_DB_PREFIX."facturedet as d, ".MAIN_DB_PREFIX."facture as f"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE f.rowid = d.fk_facture and d.fk_product =".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql .= " AND f.fk_soc = $socid"; @@ -1333,9 +1333,9 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(f.datef, '%Y%m') "; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as d, ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE f.rowid = d.fk_facture_fourn and d.fk_product =".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql .= " AND f.fk_soc = $socid"; @@ -1358,9 +1358,9 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(p.datep, '%Y%m') "; $sql .= " FROM ".MAIN_DB_PREFIX."propaldet as d, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.rowid = d.fk_propal and d.fk_product =".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql .= " AND p.fk_soc = $socid"; @@ -1381,9 +1381,9 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(p.date_commande, '%Y%m') "; $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as d, ".MAIN_DB_PREFIX."commande as p"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.rowid = d.fk_commande and d.fk_product =".$this->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid > 0) { $sql .= " AND p.fk_soc = $socid"; diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php index c4cd51d7052..1770e1b148b 100644 --- a/htdocs/product/fiche.php +++ b/htdocs/product/fiche.php @@ -1128,7 +1128,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '<tr class="liste_titre"><td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToMyProposals") . '</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { print '<td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToOtherProposals").'</td>'; @@ -1191,7 +1191,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { // Liste de "Other propals" print '<td width="50%" valign="top">'; @@ -1242,7 +1242,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '<tr class="liste_titre"><td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToMyOrders").'</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { print '<td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToOtherOrders").'</td>'; @@ -1305,7 +1305,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { // Liste de "Other orders" print '<td width="50%" valign="top">'; @@ -1351,7 +1351,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '<tr class="liste_titre"><td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToMyBills").'</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { print '<td width="50%" valign="top" class="liste_titre">'; print $langs->trans("AddToOtherBills").'</td>'; @@ -1416,7 +1416,7 @@ if ($_GET["id"] && $_GET["action"] == '' && $product->status) print '</td>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { print '<td width="50%" valign="top">'; diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 37e0b2a6549..57a623d45f0 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -128,12 +128,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, s.code_client, c.rowid, c.total_ht as amount, c.ref,"; $sql.= " ".$db->pdate("c.date_creation")." as date, c.fk_statut as statut, c.facture, c.rowid as commandeid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."commandedet as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND d.fk_commande = c.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND c.fk_soc = $socid"; diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index b67ee9f3c2c..a8a94dcac4a 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -121,12 +121,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, s.code_client, c.rowid, c.total_ht as amount, c.ref,"; $sql.= " ".$db->pdate("c.date_creation")." as date, c.fk_statut as statut, c.rowid as commandeid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."commande_fournisseur as c, ".MAIN_DB_PREFIX."commande_fournisseurdet as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND d.fk_commande = c.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND c.fk_soc = ".$socid; diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index 38e54da5352..81d45ae47b4 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -124,12 +124,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, s.code_client, c.rowid, "; $sql.= " ".$db->pdate("c.datec")." as date, c.statut as statut, c.rowid as contratid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND d.fk_contrat = c.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND c.fk_soc = $socid"; diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index 430e5009730..98e7dae4996 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -122,12 +122,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, s.code_client, f.facnumber, f.amount as amount,"; $sql.= " ".$db->pdate("f.datef")." as date, f.paye, f.fk_statut as statut, f.rowid as facid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."facturedet as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND d.fk_facture = f.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND f.fk_soc = $socid"; diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index e68228ed916..4160f50a84b 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -122,12 +122,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, s.code_client, f.facnumber, f.amount as amount,"; $sql.= " ".$db->pdate("f.datef")." as date, f.paye, f.fk_statut as statut, f.rowid as facid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."facture_fourn_det as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND d.fk_facture_fourn = f.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND f.fk_soc = $socid"; diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 12301f4e9c3..56910ec59d1 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -126,12 +126,12 @@ if ($_GET["id"] || $_GET["ref"]) $sql = "SELECT distinct(s.nom), s.rowid as socid, p.rowid as propalid, p.ref, p.total as amount,"; $sql.= $db->pdate("p.datec")." as date, p.fk_statut as statut"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."propaldet as d"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.fk_soc = s.rowid"; $sql.= " AND d.fk_propal = p.rowid AND d.fk_product =".$product->id; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND p.fk_soc = $socid"; diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php index b4c9e2142a9..d1cfb42a394 100644 --- a/htdocs/projet/activity/index.php +++ b/htdocs/projet/activity/index.php @@ -63,12 +63,12 @@ print '<td align="center">'.$langs->trans("NbOpenTasks").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, count(t.rowid)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " GROUP BY p.rowid"; @@ -132,13 +132,13 @@ print '<td width="50%" align="right">'.$langs->trans("Hours").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, sum(tt.task_duration) as total"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " , ".MAIN_DB_PREFIX."projet_task_time as tt"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " AND tt.fk_task = t.rowid"; $sql .= " AND task_date >= '".$db->idate($datestartw)."' AND task_date <= '".$db->idate($dateendw)."'"; $sql .= " GROUP BY p.rowid"; @@ -177,13 +177,13 @@ print '<td width="50%" align="right">'.$langs->trans("Hours").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, sum(tt.task_duration) as total"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " , ".MAIN_DB_PREFIX."projet_task_time as tt"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " AND tt.fk_task = t.rowid"; $sql .= " AND task_date >= '".$db->idate($datestartm)."' AND task_date <= '".$db->idate($dateendm)."'"; $sql .= " GROUP BY p.rowid"; @@ -222,13 +222,13 @@ print '<td width="50%" align="right">'.$langs->trans("Hours").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, sum(tt.task_duration) as total"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " , ".MAIN_DB_PREFIX."projet_task_time as tt"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $sql .= " AND tt.fk_task = t.rowid"; $sql .= " AND task_date >= '".$db->idate($datestarty)."' AND task_date <= '".$db->idate($dateendy)."'"; $sql .= " GROUP BY p.rowid"; diff --git a/htdocs/projet/activity/myactivity.php b/htdocs/projet/activity/myactivity.php index 7ba45a5844f..4d2a83798bc 100644 --- a/htdocs/projet/activity/myactivity.php +++ b/htdocs/projet/activity/myactivity.php @@ -61,12 +61,12 @@ print '<td align="center">'.$langs->trans("NbOpenTasks").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, count(t.rowid)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND p.fk_soc = ".$socid; diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php index 68d569b2eb5..f188420b2ad 100644 --- a/htdocs/projet/index.php +++ b/htdocs/projet/index.php @@ -58,13 +58,13 @@ print '<td align="right">'.$langs->trans("NbOpenTasks").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, count(t.rowid)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; //$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."projet_task as t ON p.rowid = t.fk_projet"; $sql.= " , ".MAIN_DB_PREFIX."projet_task as t"; // pourquoi est-ce que c'�tait en commentaire ? $sql.= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND p.fk_soc = ".$socid; @@ -112,11 +112,11 @@ print '<td align="right">'.$langs->trans("Nb").'</td>'; print "</tr>\n"; $sql = "SELECT s.nom, s.rowid as socid, count(p.rowid)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."projet as p"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND s.rowid = ".$socid; diff --git a/htdocs/projet/liste.php b/htdocs/projet/liste.php index 0538b8585a4..e9ecd4398b9 100644 --- a/htdocs/projet/liste.php +++ b/htdocs/projet/liste.php @@ -71,11 +71,11 @@ llxHeader(); $sql = "SELECT p.rowid as projectid, p.ref, p.title, ".$db->pdate("p.dateo")." as do"; $sql .= ", s.nom, s.rowid as socid, s.client"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."projet as p"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND s.rowid = ".$socid; diff --git a/htdocs/projet/tasks/index.php b/htdocs/projet/tasks/index.php index 178d5d08f2a..dd68d299205 100644 --- a/htdocs/projet/tasks/index.php +++ b/htdocs/projet/tasks/index.php @@ -59,12 +59,12 @@ print '<td align="center">'.$langs->trans("NbOpenTasks").'</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, count(t.rowid)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { @@ -113,14 +113,14 @@ print '<td>Nb heures</td>'; print "</tr>\n"; $sql = "SELECT p.title, p.rowid, sum(tt.task_duration)"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " , ".MAIN_DB_PREFIX."projet_task as t"; $sql .= " , ".MAIN_DB_PREFIX."projet_task_time as tt"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE t.fk_projet = p.rowid"; $sql .= " AND tt.fk_task = t.rowid"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; +if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { diff --git a/htdocs/propal.class.php b/htdocs/propal.class.php index 58018d89952..e683d74ebb0 100644 --- a/htdocs/propal.class.php +++ b/htdocs/propal.class.php @@ -1666,7 +1666,7 @@ class Propal extends CommonObject $sql ="SELECT p.rowid, p.ref, ".$this->db->pdate("p.datec")." as datec,".$this->db->pdate("p.fin_validite")." as datefin"; $sql.=" FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; @@ -1896,7 +1896,7 @@ class Propal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; diff --git a/htdocs/prospect.class.php b/htdocs/prospect.class.php index 460f3c63f4b..f28c8e1e366 100644 --- a/htdocs/prospect.class.php +++ b/htdocs/prospect.class.php @@ -67,7 +67,7 @@ class Prospect extends Societe $sql = "SELECT count(s.rowid) as nb, s.client"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; diff --git a/htdocs/soc.php b/htdocs/soc.php index 341d9277ef7..a6c38c236e3 100644 --- a/htdocs/soc.php +++ b/htdocs/soc.php @@ -563,7 +563,7 @@ if ($_POST["getcustomercode"] || $_POST["getsuppliercode"] || print '</tr>'; - if ($user->rights->commercial->client->voir) + if ($user->rights->societe->client->voir) { //Affecter un commercial print '<tr>'; diff --git a/htdocs/societe.class.php b/htdocs/societe.class.php index ee143f5523b..28946431293 100644 --- a/htdocs/societe.class.php +++ b/htdocs/societe.class.php @@ -161,7 +161,7 @@ class Societe extends CommonObject $ret = $this->update($this->id,$user,0,1,1); // si un commercial cr�e un client il lui est affect� automatiquement - if (!$user->rights->commercial->client->voir) + if (!$user->rights->societe->client->voir) { $this->add_commercial($user, $user->id); } diff --git a/htdocs/societe.php b/htdocs/societe.php index 595ee0cf442..b89d4310cc7 100644 --- a/htdocs/societe.php +++ b/htdocs/societe.php @@ -34,7 +34,7 @@ $langs->load("suppliers"); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); $search_nom=isset($_GET["search_nom"])?$_GET["search_nom"]:$_POST["search_nom"]; $search_ville=isset($_GET["search_ville"])?$_GET["search_ville"]:$_POST["search_ville"]; @@ -67,16 +67,16 @@ if ($mode == 'search') $_POST["search_nom"]=$socname; $sql = "SELECT s.rowid"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE ("; $sql.= "s.nom like '%".addslashes($socname)."%'"; $sql.= " OR s.code_client LIKE '%".addslashes($socname)."%'"; $sql.= " OR s.email like '%".addslashes($socname)."%'"; $sql.= " OR s.url like '%".addslashes($socname)."%'"; $sql.= ")"; - if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; + if (!$user->rights->societe->client->voir && !$socid) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (! $user->rights->societe->lire || ! $user->rights->fournisseur->lire) { if (! $user->rights->fournisseur->lire) $sql.=" AND s.fourn != 1"; @@ -136,10 +136,10 @@ $title=$langs->trans("ListOfThirdParties"); $sql = "SELECT s.rowid, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea"; $sql.= ", st.libelle as stcomm, s.prefix_comm, s.client, s.fournisseur, s.siren"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st"; -if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.fk_stcomm = st.id"; if ($socid) { @@ -150,7 +150,7 @@ if (strlen($stcomm)) $sql .= " AND s.fk_stcomm=".$stcomm; } -if (! $user->rights->commercial->client->voir && ! $socid) //restriction +if (! $user->rights->societe->client->voir && ! $socid) //restriction { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } diff --git a/htdocs/societe/commerciaux.php b/htdocs/societe/commerciaux.php index 650406a9686..e99a9fcd9f3 100644 --- a/htdocs/societe/commerciaux.php +++ b/htdocs/societe/commerciaux.php @@ -36,7 +36,7 @@ $langs->load("banks"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); /* diff --git a/htdocs/societe/info.php b/htdocs/societe/info.php index 29ea57ee5bd..271351ad6c4 100644 --- a/htdocs/societe/info.php +++ b/htdocs/societe/info.php @@ -33,7 +33,7 @@ $langs->load("other"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); /* diff --git a/htdocs/societe/lien.php b/htdocs/societe/lien.php index 48ce4f7cdcc..aa139928578 100644 --- a/htdocs/societe/lien.php +++ b/htdocs/societe/lien.php @@ -35,7 +35,7 @@ $langs->load("banks"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); /* diff --git a/htdocs/societe/notify/fiche.php b/htdocs/societe/notify/fiche.php index 23a5661913d..8d70e5087af 100644 --- a/htdocs/societe/notify/fiche.php +++ b/htdocs/societe/notify/fiche.php @@ -34,7 +34,7 @@ $langs->load("mails"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); $sortorder=$_GET["sortorder"]; $sortfield=$_GET["sortfield"]; diff --git a/htdocs/societe/rib.php b/htdocs/societe/rib.php index 55f49cde692..787901152b2 100644 --- a/htdocs/societe/rib.php +++ b/htdocs/societe/rib.php @@ -35,7 +35,7 @@ $langs->load("banks"); // Security check $socid = isset($_GET["socid"])?$_GET["socid"]:''; if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'societe','','',1); +$result = restrictedArea($user, 'societe','',''); $soc = new Societe($db); $soc->id = $_GET["socid"]; -- GitLab