Fix: uniformize code and add specific rights

htdocs/admin/mailing.php

@@ -123,7 +123,7 @@ print '<input size="32" type="text" name="MAILING_EMAIL_ERRORSTO" value="'.$conf
 if (!empty($conf->global->MAILING_EMAIL_ERRORSTO) && ! isValidEmail($conf->global->MAILING_EMAIL_ERRORSTO)) print ' '.img_warning($langs->trans("BadEMail"));
 print '</td></tr>';
 
-
+// TODO the precedent values are deleted after turn on this switch 
 $var=!$var;
 print '<tr '.$bc[$var].'><td>';
 print $langs->trans("ActivateCheckRead").'</td><td>';

htdocs/comm/mailing/cibles.php

@@ -57,6 +57,8 @@ $search_email=GETPOST("search_email");
 // Search modules dirs
 $modulesdir = dolGetModulesDirs('/mailings');
 
+$object = new Mailing($db);
+
 
 
 /*
@@ -97,7 +99,7 @@ if ($action == 'add')
 
 	if ($result > 0)
 	{
-		Header("Location: cibles.php?id=".$id);
+		Header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
 		exit;
 	}
 	if ($result == 0)
@@ -117,14 +119,14 @@ if ($action == 'clear')
 	$obj = new $classname($db);
 	$obj->clear_target($id);
 
-	Header("Location: cibles.php?id=".$id);
+	Header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
 	exit;
 }
 
 if ($action == 'delete')
 {
 	// Ici, rowid indique le destinataire et id le mailing
-	$sql="DELETE FROM ".MAIN_DB_PREFIX."mailing_cibles where rowid=".$id;
+	$sql="DELETE FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE rowid=".$id;
 	$resql=$db->query($sql);
 	if ($resql)
 	{   //on récurpére l'id du mailing
@@ -139,7 +141,7 @@ if ($action == 'delete')
 			$obj = new $classname($db);
 			$obj->update_nb($id);
 			
-			Header("Location: cibles.php?id=".$id);
+			Header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
 			exit;
 		}
 		else
@@ -171,11 +173,9 @@ llxHeader('',$langs->trans("Mailing"),'EN:Module_EMailing|FR:Module_Mailing|ES:M
 
 $form = new Form($db);
 
-$mil = new Mailing($db);
-
-if ($mil->fetch($id) >= 0)
+if ($object->fetch($id) >= 0)
 {
-	$head = emailing_prepare_head($mil);
+	$head = emailing_prepare_head($object);
 
 	dol_fiche_head($head, 'targets', $langs->trans("Mailing"), 0, 'email');
 
@@ -184,25 +184,25 @@ if ($mil->fetch($id) >= 0)
 
 	print '<tr><td width="25%">'.$langs->trans("Ref").'</td>';
 	print '<td colspan="3">';
-	print $form->showrefnav($mil,'id');
+	print $form->showrefnav($object,'id');
 	print '</td></tr>';
 
-	print '<tr><td width="25%">'.$langs->trans("MailTitle").'</td><td colspan="3">'.$mil->titre.'</td></tr>';
+	print '<tr><td width="25%">'.$langs->trans("MailTitle").'</td><td colspan="3">'.$object->titre.'</td></tr>';
 
-	print '<tr><td width="25%">'.$langs->trans("MailFrom").'</td><td colspan="3">'.dol_print_email($mil->email_from,0,0,0,0,1).'</td></tr>';
+	print '<tr><td width="25%">'.$langs->trans("MailFrom").'</td><td colspan="3">'.dol_print_email($object->email_from,0,0,0,0,1).'</td></tr>';
 
 	// Errors to
-	print '<tr><td width="25%">'.$langs->trans("MailErrorsTo").'</td><td colspan="3">'.dol_print_email($mil->email_errorsto,0,0,0,0,1);
+	print '<tr><td width="25%">'.$langs->trans("MailErrorsTo").'</td><td colspan="3">'.dol_print_email($object->email_errorsto,0,0,0,0,1);
 	print '</td></tr>';
 
 	// Status
-	print '<tr><td width="25%">'.$langs->trans("Status").'</td><td colspan="3">'.$mil->getLibStatut(4).'</td></tr>';
+	print '<tr><td width="25%">'.$langs->trans("Status").'</td><td colspan="3">'.$object->getLibStatut(4).'</td></tr>';
 
 	// Nb of distinct emails
 	print '<tr><td width="25%">';
 	print $langs->trans("TotalNbOfDistinctRecipients");
 	print '</td><td colspan="3">';
-	$nbemail = ($mil->nbemail?$mil->nbemail:'0');
+	$nbemail = ($object->nbemail?$object->nbemail:'0');
 	if (!empty($conf->global->MAILING_LIMIT_SENDBYWEB) && $conf->global->MAILING_LIMIT_SENDBYWEB < $nbemail)
 	{
 		$text=$langs->trans('LimitSendingEmailing',$conf->global->MAILING_LIMIT_SENDBYWEB);
@@ -223,7 +223,7 @@ if ($mil->fetch($id) >= 0)
 	$var=!$var;
 
 	// Show email selectors
-	if ($mil->statut == 0 && $user->rights->mailing->creer)
+	if ($object->statut == 0 && $user->rights->mailing->creer)
 	{
 		print_fiche_titre($langs->trans("ToAddRecipientsChooseHere"),($user->admin?info_admin($langs->trans("YouCanAddYourOwnPredefindedListHere"),1):''),'');
 
@@ -293,9 +293,9 @@ if ($mil->fetch($id) >= 0)
 					$var = !$var;
 					print '<tr '.$bc[$var].'>';
 
-					if ($mil->statut == 0)
+					if ($object->statut == 0)
 					{
-						print '<form name="'.$modulename.'" action="cibles.php?action=add&rowid='.$mil->id.'&module='.$modulename.'" method="POST" enctype="multipart/form-data">';
+						print '<form name="'.$modulename.'" action="cibles.php?action=add&rowid='.$object->id.'&module='.$modulename.'" method="POST" enctype="multipart/form-data">';
 						print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 					}
 
@@ -328,7 +328,7 @@ if ($mil->fetch($id) >= 0)
 					print '</td>';
 
 					print '<td align="right">';
-					if ($mil->statut == 0)
+					if ($object->statut == 0)
 					{
 						print '<input type="submit" class="button" value="'.$langs->trans("Add").'">';
 					}
@@ -339,7 +339,7 @@ if ($mil->fetch($id) >= 0)
 					}
 					print '</td>';
 
-					if ($mil->statut == 0) print '</form>';
+					if ($object->statut == 0) print '</form>';
 
 					print "</tr>\n";
 				}
@@ -349,7 +349,7 @@ if ($mil->fetch($id) >= 0)
 		print '</table>';
 		print '<br>';
 
-		print '<form action="cibles.php?action=clear&rowid='.$mil->id.'" method="POST">';
+		print '<form action="'.$_SERVER['PHP_SELF'].'?action=clear&rowid='.$object->id.'" method="POST">';
 		print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 		print_titre($langs->trans("ToClearAllRecipientsClickHere"));
 		print '<table class="noborder" width="100%">';
@@ -365,15 +365,15 @@ if ($mil->fetch($id) >= 0)
 
 	// List of selected targets
 	print "\n<!-- Liste destinataires selectionnes -->\n";
-	print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
+	print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
 	print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 	print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
 	print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
-	print '<input type="hidden" name="id" value="'.$mil->id.'">';
+	print '<input type="hidden" name="id" value="'.$object->id.'">';
 
 	$sql  = "SELECT mc.rowid, mc.nom, mc.prenom, mc.email, mc.other, mc.statut, mc.date_envoi, mc.source_url, mc.source_id, mc.source_type";
 	$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc";
-	$sql .= " WHERE mc.fk_mailing=".$mil->id;
+	$sql .= " WHERE mc.fk_mailing=".$object->id;
 	if ($search_nom)    $sql.= " AND mc.nom    LIKE '%".$db->escape($search_nom)."%'";
 	if ($search_prenom) $sql.= " AND mc.prenom LIKE '%".$db->escape($search_prenom)."%'";
 	if ($search_email)  $sql.= " AND mc.email  LIKE '%".$db->escape($search_email)."%'";
@@ -385,12 +385,12 @@ if ($mil->fetch($id) >= 0)
 	{
 		$num = $db->num_rows($resql);
 
-		$parm = "&amp;id=".$mil->id;
+		$parm = "&amp;id=".$object->id;
 		if ($search_nom)    $parm.= "&amp;search_nom=".urlencode($search_nom);
 		if ($search_prenom) $parm.= "&amp;search_prenom=".urlencode($search_prenom);
 		if ($search_email)  $parm.= "&amp;search_email=".urlencode($search_email);
 
-		print_barre_liste($langs->trans("MailSelectedRecipients"),$page,$_SERVER["PHP_SELF"],$parm,$sortfield,$sortorder,"",$num,$mil->nbemail,'');
+		print_barre_liste($langs->trans("MailSelectedRecipients"),$page,$_SERVER["PHP_SELF"],$parm,$sortfield,$sortorder,"",$num,$object->nbemail,'');
 
 		if ($page)			$parm.= "&amp;page=".$page;
 		print '<table class="noborder" width="100%">';
@@ -402,7 +402,7 @@ if ($mil->fetch($id) >= 0)
 		print_liste_field_titre($langs->trans("Source"),$_SERVER["PHP_SELF"],"",$parm,"",'align="center"',$sortfield,$sortorder);
 
 		// Date sendinf
-		if ($mil->statut < 2)
+		if ($object->statut < 2)
 		{
 			print '<td class="liste_titre">&nbsp;</td>';
 		}
@@ -498,7 +498,7 @@ if ($mil->fetch($id) >= 0)
 					print '<td align="center">&nbsp;</td>';
 					print '<td align="right" nowrap="nowrap">'.$langs->trans("MailingStatusNotSent");
 					if ($user->rights->mailing->creer) {
-						print '<a href="cibles.php?action=delete&rowid='.$obj->rowid.$parm.'">'.img_delete($langs->trans("RemoveRecipient"));
+						print '<a href="'.$_SERVER['PHP_SELF'].'?action=delete&rowid='.$obj->rowid.$parm.'">'.img_delete($langs->trans("RemoveRecipient"));
 					}
 					print '</td>';
 				}

htdocs/comm/mailing/class/mailing.class.php

@@ -121,6 +121,8 @@ class Mailing extends CommonObject
 			}
 			else
 			{
+				$this->error=$this->db->lasterror();
+				dol_syslog("Mailing::Create ".$this->error, LOG_ERR);
 				$this->db->rollback();
 				return -1;
 			}

htdocs/comm/mailing/fiche.php

@@ -39,6 +39,7 @@ if (! $user->rights->mailing->lire || $user->societe_id > 0) accessforbidden();
 $id=(GETPOST('mailid','int') ? GETPOST('mailid','int') : GETPOST('id','int'));
 $action=GETPOST('action','alpha');
 $confirm=GETPOST('confirm','alpha');
+$urlfrom=GETPOST('urlfrom');
 $message = '';
 
 $object=new Mailing($db);
@@ -389,8 +390,8 @@ if ($action == 'send' && empty($_POST["cancel"]))
 		if (preg_match('/[\s\t]*<html>/i',$message)) $msgishtml=1;
 
 		// Pratique les substitutions sur le sujet et message
-		$object->sujet=make_substitutions($object->sujet,$object->substitutionarrayfortest,$langs);
-		$object->body=make_substitutions($object->body,$object->substitutionarrayfortest,$langs);
+		$object->sujet=make_substitutions($object->sujet,$object->substitutionarrayfortest);
+		$object->body=make_substitutions($object->body,$object->substitutionarrayfortest);
 
 		$arr_file = array();
 		$arr_mime = array();
@@ -602,8 +603,9 @@ if ($action == 'confirm_reset' && $confirm == 'yes')
 if ($action == 'confirm_delete' && $confirm == 'yes')
 {
 	if ($object->delete($object->id))
-	{
-		Header("Location: liste.php");
+	{
+		$url= (! empty($urlfrom) ? $urlfrom : 'liste.php');
+		Header("Location: ".$url);
 		exit;
 	}
 }
@@ -756,7 +758,7 @@ else
 
 			print '<table class="border" width="100%">';
 
-			print '<tr><td width="25%">'.$langs->trans("Ref").'</td>';
+			print '<tr><td width="15%">'.$langs->trans("Ref").'</td>';
 			print '<td colspan="3">';
 			print $form->showrefnav($object,'id');
 			print '</td></tr>';
@@ -777,10 +779,10 @@ else
 			print '</td></tr>';
 
 			// Status
-			print '<tr><td width="25%">'.$langs->trans("Status").'</td><td colspan="3">'.$object->getLibStatut(4).'</td></tr>';
+			print '<tr><td width="15%">'.$langs->trans("Status").'</td><td colspan="3">'.$object->getLibStatut(4).'</td></tr>';
 
 			// Nb of distinct emails
-			print '<tr><td width="25%">';
+			print '<tr><td width="15%">';
 			print $langs->trans("TotalNbOfDistinctRecipients");
 			print '</td><td colspan="3">';
 			$nbemail = ($object->nbemail?$object->nbemail:img_warning('').' <font class="warning">'.$langs->trans("NoTargetYet").'</font>');
@@ -855,8 +857,15 @@ else
 				}
 
 				//print '<a class="butAction" href="fiche.php?action=test&amp;id='.$object->id.'">'.$langs->trans("PreviewMailing").'</a>';
-
-				print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=test&amp;id='.$object->id.'">'.$langs->trans("TestMailing").'</a>';
+				
+				if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! $user->rights->mailing->mailing_advance->send)
+				{
+					print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("TestMailing").'</a>';
+				}
+				else
+				{
+					print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=test&amp;id='.$object->id.'">'.$langs->trans("TestMailing").'</a>';
+				}
 
 				if ($object->statut == 0)
 				{
@@ -876,7 +885,7 @@ else
 
 				if (($object->statut == 1 || $object->statut == 2) && $object->nbemail > 0 && $user->rights->mailing->valider)
 				{
-					if ($conf->global->MAILING_LIMIT_SENDBYWEB < 0)
+					if ($conf->global->MAILING_LIMIT_SENDBYWEB < 0 || (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! $user->rights->mailing->mailing_advance->send))
 					{
 						print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("SendMailing").'</a>';
 					}
@@ -893,12 +902,19 @@ else
 
 				if (($object->statut == 2 || $object->statut == 3) && $user->rights->mailing->valider)
 				{
-					print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=reset&amp;id='.$object->id.'">'.$langs->trans("ResetMailing").'</a>';
+					if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! $user->rights->mailing->mailing_advance->send)
+					{
+						print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("NotEnoughPermissions")).'">'.$langs->trans("ResetMailing").'</a>';
+					}
+					else
+					{
+						print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=reset&amp;id='.$object->id.'">'.$langs->trans("ResetMailing").'</a>';
+					}
 				}
 
 				if (($object->statut <= 1 && $user->rights->mailing->creer) || $user->rights->mailing->supprimer)
 				{
-					print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;id='.$object->id.'">'.$langs->trans("DeleteMailing").'</a>';
+					print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;id='.$object->id.(! empty($urlfrom) ? '&urlfrom='.$urlfrom : '').'">'.$langs->trans("DeleteMailing").'</a>';
 				}
 
 				print '<br><br></div>';
@@ -944,7 +960,7 @@ else
 			print '<table class="border" width="100%">';
 
 			// Subject
-			print '<tr><td width="25%">'.$langs->trans("MailTopic").'</td><td colspan="3">'.$object->sujet.'</td></tr>';
+			print '<tr><td width="15%">'.$langs->trans("MailTopic").'</td><td colspan="3">'.$object->sujet.'</td></tr>';
 
 			// Joined files
 			print '<tr><td>'.$langs->trans("MailFile").'</td><td colspan="3">';
@@ -965,7 +981,7 @@ else
 			print '</td></tr>';
 
             // Background color
-            /*print '<tr><td width="25%">'.$langs->trans("BackgroundColorByDefault").'</td><td colspan="3">';
+            /*print '<tr><td width="15%">'.$langs->trans("BackgroundColorByDefault").'</td><td colspan="3">';
             $htmlother->select_color($object->bgcolor,'bgcolor','edit_mailing',0);
             print '</td></tr>';*/
 

htdocs/core/modules/modMailing.class.php

@@ -74,30 +74,43 @@ class modMailing extends DolibarrModules
 		// Permissions
 		$this->rights = array();
 		$this->rights_class = 'mailing';
-
-		$this->rights[1][0] = 221; // id de la permission
-		$this->rights[1][1] = 'Consulter les mailings'; // libelle de la permission
-		$this->rights[1][2] = 'r'; // type de la permission (deprecie a ce jour)
-		$this->rights[1][3] = 1; // La permission est-elle une permission par defaut
-		$this->rights[1][4] = 'lire';
-
-		$this->rights[2][0] = 222;
-		$this->rights[2][1] = 'Creer/modifier les mailings (sujet, destinataires...)';
-		$this->rights[2][2] = 'w';
-		$this->rights[2][3] = 0;
-		$this->rights[2][4] = 'creer';
-
-		$this->rights[3][0] = 223;
-		$this->rights[3][1] = 'Valider les mailings (permet leur envoi)';
-		$this->rights[3][2] = 'w';
-		$this->rights[3][3] = 0;
-		$this->rights[3][4] = 'valider';
-
-		$this->rights[4][0] = 229;
-		$this->rights[4][1] = 'Supprimer les mailings)';
-		$this->rights[4][2] = 'd';
-		$this->rights[4][3] = 0;
-		$this->rights[4][4] = 'supprimer';
+		$r=0;
+		
+		$r++;
+		$this->rights[$r][0] = 221; // id de la permission
+		$this->rights[$r][1] = 'Consulter les mailings'; // libelle de la permission
+		$this->rights[$r][2] = 'r'; // type de la permission (deprecie a ce jour)
+		$this->rights[$r][3] = 1; // La permission est-elle une permission par defaut
+		$this->rights[$r][4] = 'lire';
+		
+		$r++;
+		$this->rights[$r][0] = 222;
+		$this->rights[$r][1] = 'Creer/modifier les mailings (sujet, destinataires...)';
+		$this->rights[$r][2] = 'w';
+		$this->rights[$r][3] = 0;
+		$this->rights[$r][4] = 'creer';
+		
+		$r++;
+		$this->rights[$r][0] = 223;
+		$this->rights[$r][1] = 'Valider les mailings (permet leur envoi)';
+		$this->rights[$r][2] = 'w';
+		$this->rights[$r][3] = 0;
+		$this->rights[$r][4] = 'valider';
+		
+		$r++;
+		$this->rights[$r][0] = 228;
+		$this->rights[$r][1] = 'Envoyer les mailings';
+		$this->rights[$r][2] = 'w';
+		$this->rights[$r][3] = 0;
+		$this->rights[$r][4] = 'mailing_advance';		// Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][5] = 'send';
+		
+		$r++;
+		$this->rights[$r][0] = 229;
+		$this->rights[$r][1] = 'Supprimer les mailings';
+		$this->rights[$r][2] = 'd';
+		$this->rights[$r][3] = 0;
+		$this->rights[$r][4] = 'supprimer';
 
 	}