diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 0a596dd0ae2c2d98eb61792ccbd025aac21d53ea..30909855f14d0be21a9c0714a027afe0b171ef59 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -38,10 +38,12 @@ if ($conf->contrat->enabled) $langs->load("commercial"); $langs->load("orders"); -// Securit� acc�s client +// S�curit� acc�s client $socidp=''; -if ($user->societe_id > 0) +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } +if ($user->societe_id > 0) { + $action = ''; $socidp = $user->societe_id; } @@ -126,40 +128,41 @@ if ($conf->contrat->enabled) */ if ($conf->propal->enabled && $user->rights->propale->lire) { - $sql = "SELECT p.rowid, p.ref, p.price, s.idp, s.nom"; - $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - $sql .= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp"; - - $resql=$db->query($sql); - if ($resql) + $sql = "SELECT p.rowid, p.ref, p.price, s.idp, s.nom"; + $sql.= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; + $sql.= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp"; + $sql.= " AND s.idp = ".$socidp; + + $resql=$db->query($sql); + if ($resql) { - $total = 0; - $num = $db->num_rows($resql); - if ($num > 0) + $total = 0; + $num = $db->num_rows($resql); + if ($num > 0) { - print '<table class="noborder" width="100%">'; - print "<tr class=\"liste_titre\">"; - print "<td colspan=\"3\">".$langs->trans("ProposalsDraft")."</td></tr>"; - - $i = 0; - $var=true; - while ($i < $num) + print '<table class="noborder" width="100%">'; + print "<tr class=\"liste_titre\">"; + print "<td colspan=\"3\">".$langs->trans("ProposalsDraft")."</td></tr>"; + + $i = 0; + $var=true; + while ($i < $num) { - $obj = $db->fetch_object($resql); - $var=!$var; - print '<tr '.$bc[$var].'><td nowrap>'."<a href=\"".DOL_URL_ROOT."/comm/propal.php?propalid=".$obj->rowid."\">".img_object($langs->trans("ShowPropal"),"propal")." ".$obj->ref.'</a></td>'; - print '<td><a href="fiche.php?socid='.$obj->idp.'">'.dolibarr_trunc($obj->nom,18).'</a></td><td align="right">'.price($obj->price).'</td></tr>'; - $i++; - $total += $obj->price; + $obj = $db->fetch_object($resql); + $var=!$var; + print '<tr '.$bc[$var].'><td nowrap>'."<a href=\"".DOL_URL_ROOT."/comm/propal.php?propalid=".$obj->rowid."\">".img_object($langs->trans("ShowPropal"),"propal")." ".$obj->ref.'</a></td>'; + print '<td><a href="fiche.php?socid='.$obj->idp.'">'.dolibarr_trunc($obj->nom,18).'</a></td><td align="right">'.price($obj->price).'</td></tr>'; + $i++; + $total += $obj->price; } - if ($total>0) - { - $var=!$var; - print '<tr class="liste_total"><td>'.$langs->trans("Total").'</td><td colspan="2" align="right">'.price($total)."</td></tr>"; - } - print "</table><br>"; + if ($total>0) + { + $var=!$var; + print '<tr class="liste_total"><td>'.$langs->trans("Total").'</td><td colspan="2" align="right">'.price($total)."</td></tr>"; + } + print "</table><br>"; } - $db->free($resql); + $db->free($resql); } } diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index 98946efa98dca35e32b6fb24f3c714ea9e3cb5a2..44a82024e54e8a0d056fb21a03880f93913d872a 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -33,6 +33,17 @@ if (!$user->rights->commande->lire) accessforbidden(); $langs->load("orders"); +// S�curit� acc�s client +$socidp=''; +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } +if ($user->societe_id > 0) +{ + $action = ''; + $socidp = $user->societe_id; +} + + + llxHeader("",$langs->trans("Orders"),"Commande"); print_fiche_titre($langs->trans("OrdersArea")); @@ -60,10 +71,7 @@ print "</form></table><br>\n"; */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 0"; -if ($socidp) -{ - $sql .= " AND c.fk_soc = $socidp"; -} +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; if ( $db->query($sql) ) { @@ -93,28 +101,31 @@ if ( $db->query($sql) ) */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 1"; +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql .= " ORDER BY c.rowid DESC"; if ( $db->query($sql) ) { - $num = $db->num_rows(); - if ($num) + print '<table class="noborder" width="100%">'; + print '<tr class="liste_titre">'; + print '<td colspan="2">'.$langs->trans("OrdersToProcess").'</td></tr>'; + + $num = $db->num_rows(); + if ($num) { - $i = 0; - print '<table class="noborder" width="100%">'; - print '<tr class="liste_titre">'; - print '<td colspan="2">'.$langs->trans("OrdersToProcess").'</td></tr>'; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object(); - print "<tr $bc[$var]><td nowrap><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrder"),"order")." ".$obj->ref."</a></td>"; - print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.'</a></td></tr>'; - $i++; - } - print "</table><br>"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object(); + print "<tr $bc[$var]><td nowrap><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrder"),"order")." ".$obj->ref."</a></td>"; + print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.'</a></td></tr>'; + $i++; + } } + + print "</table><br>"; } @@ -126,32 +137,31 @@ print '</td><td valign="top" width="70%" class="notopnoleftnoright">'; */ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE c.fk_soc = s.idp AND c.fk_statut = 2 "; -if ($socidp) -{ - $sql .= " AND c.fk_soc = $socidp"; -} +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql .= " ORDER BY c.rowid DESC"; + if ( $db->query($sql) ) { - $num = $db->num_rows(); - if ($num) + print '<table class="noborder" width="100%">'; + print '<tr class="liste_titre">'; + print '<td colspan="2">'.$langs->trans("OnProcessOrders").' ('.$num.')</td></tr>'; + + $num = $db->num_rows(); + if ($num) { - $i = 0; - print '<table class="noborder" width="100%">'; - print '<tr class="liste_titre">'; - print '<td colspan="2">'.$langs->trans("OnProcessOrders").' ('.$num.')</td></tr>'; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object(); - print "<tr $bc[$var]><td width=\"30%\"><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrder"),"order").' '; - print $obj->ref.'</a></td>'; - print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.$obj->nom.'</a></td></tr>'; - $i++; - } - print "</table><br>"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object(); + print "<tr $bc[$var]><td width=\"30%\"><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrder"),"order").' '; + print $obj->ref.'</a></td>'; + print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.$obj->nom.'</a></td></tr>'; + $i++; + } } + print "</table><br>"; } /* @@ -163,34 +173,35 @@ $sql = "SELECT c.rowid, c.ref, s.nom, s.idp,"; $sql.= " ".$db->pdate("date_cloture")." as datec"; $sql.= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE c.fk_soc = s.idp and c.fk_statut > 2"; -if ($socidp) $sql .= " AND c.fk_soc = $socidp"; +if ($socidp) $sql .= " AND c.fk_soc = ".$socidp; $sql.= " ORDER BY c.tms DESC"; $sql.= $db->plimit($max, 0); $resql=$db->query($sql); if ($resql) { - $num = $db->num_rows($resql); - if ($num) + print '<table class="noborder" width="100%">'; + print '<tr class="liste_titre">'; + print '<td colspan="3">'.$langs->trans("LastClosedOrders",$max).'</td></tr>'; + + $num = $db->num_rows($resql); + if ($num) { - $i = 0; - print '<table class="noborder" width="100%">'; - print '<tr class="liste_titre">'; - print '<td colspan="3">'.$langs->trans("LastClosedOrders",$max).'</td></tr>'; - $var = True; - while ($i < $num) - { - $var=!$var; - $obj = $db->fetch_object($resql); - print "<tr $bc[$var]><td><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrders"),"order").' '; - print $obj->ref.'</a></td>'; - print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.'</a></td>'; - print '<td>'.dolibarr_print_date($obj->datec).'</td>'; - print '</tr>'; - $i++; - } - print "</table><br>"; + $i = 0; + $var = True; + while ($i < $num) + { + $var=!$var; + $obj = $db->fetch_object($resql); + print "<tr $bc[$var]><td><a href=\"fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowOrders"),"order").' '; + print $obj->ref.'</a></td>'; + print '<td><a href="'.DOL_URL_ROOT.'/comm/fiche.php?socid='.$obj->idp.'">'.img_object($langs->trans("ShowCompany"),"company").' '.$obj->nom.'</a></td>'; + print '<td>'.dolibarr_print_date($obj->datec).'</td>'; + print '</tr>'; + $i++; + } } + print "</table><br>"; } diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index b27e036e18704f7132c6271635c8888385fc679f..50ed834d7d918ffc717948be741136ea0e12af01 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -41,14 +41,14 @@ $sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"]; $page = isset($_GET["page"])?$_GET["page"]:$_POST["page"]; $statut=isset($_GET["statut"])?$_GET["statut"]:1; -$socid=$_GET["socid"]; - // S�curit� acc�s client +$socidp=''; +if ($_GET["socidp"]) { $socidp=$_GET["socidp"]; } if ($user->societe_id > 0) { $action = ''; - $socid = $user->societe_id; + $socidp = $user->societe_id; } print_fiche_titre($langs->trans("ContractsArea")); @@ -102,7 +102,7 @@ $sql.= " c.rowid as cid, c.datec, c.statut, s.nom, s.idp as sidp"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.idp "; -if ($socid > 0) $sql .= " AND s.idp = $socid"; +if ($socidp > 0) $sql .= " AND s.idp = ".$socidp; $sql.= " GROUP BY c.rowid, c.datec, c.statut, s.nom, s.idp"; $sql.= " ORDER BY c.datec DESC"; $sql.= " LIMIT $max"; @@ -163,7 +163,7 @@ $sql = "SELECT cd.rowid as cid, cd.statut, cd.label, cd.description as note, cd. $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE c.statut=1 AND cd.statut = 0"; $sql.= " AND cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; -if ($user->societe_id > 0) $sql.= " AND s.idp = ".$user->societe_id; +if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; if ( $db->query($sql) ) @@ -210,7 +210,7 @@ $max=5; $sql = "SELECT cd.rowid as cid, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; -if ($user->societe_id > 0) $sql.= " AND s.idp = ".$user->societe_id; +if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; if ( $db->query($sql) )