diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index ab39df1d0f4ee59077584de97abf5fd1d213868e..aa15fbea86ba66f534c2cf83cbaf06a9393fdd69 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2102,7 +2102,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->rights->contrat->lire && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 67c4d4dbfcc465f070843a20a4177ed372a67e52..d33365002633492e203b5c2e0ad4c308544d34ef 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -78,8 +78,9 @@ class box_factures_imp extends ModeleBoxes $sql.= " f.total_ttc,"; $sql.= " f.paye, f.fk_statut, f.rowid as facid"; $sql.= ", sum(pf.amount) as am"; - $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= ", ".MAIN_DB_PREFIX."facture as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture "; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.entity = ".$conf->entity; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index c5181edf0bccbc5069c45668dde3fbebf8301fef..dd45222fa42d0678d3e36a6d2e4aece9fb865314 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -577,9 +577,10 @@ if (! defined('NOLOGIN')) { // We are already into an authenticated session $login=$_SESSION["dol_login"]; - dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG); + $entity=$_SESSION["dol_entity"]; + dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); - $resultFetchUser=$user->fetch('',$login); + $resultFetchUser=$user->fetch('',$login,'',1,($entity > 0 ? $entity : -1)); if ($resultFetchUser <= 0) { // Account has been removed after login diff --git a/htdocs/product/admin/price_rules.php b/htdocs/product/admin/price_rules.php index e284572e7e7ad3174946c12055fba265fb5780b7..224acd9c04b6339087bd448d152b37ba3eae897a 100644 --- a/htdocs/product/admin/price_rules.php +++ b/htdocs/product/admin/price_rules.php @@ -155,7 +155,6 @@ $genPriceOptions = function($level) use ($price_options) { return $return; }; - ?> <table class="noborder"> @@ -173,7 +172,8 @@ $genPriceOptions = function($level) use ($price_options) { <td class="fieldrequired" style="text-align: center"><?php echo $langs->trans('SellingPrice').' '.$i; // Label of price - if (! empty($conf->global->{"PRODUIT_MULTIPRICES_LABEL$i"})) { + $keyforlabel='PRODUIT_MULTIPRICES_LABEL'.$i; + if (! empty($conf->global->$keyforlabel)) { print ' - '.$langs->trans($conf->global->$keyforlabel); } ?> diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index e34e7c2cfcec38d4eb139208d0a6acef7ba064ba..48badb5623eb151fa1d459e84df4cf4cdae305c9 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -12,7 +12,7 @@ * Copyright (C) 2014 Henry Florian <florian.henry@open-concept.pro> * Copyright (C) 2014-2016 Philippe Grand <philippe.grand@atoo-net.com> * Copyright (C) 2014 Ion agorria <ion@agorria.com> - * Copyright (C) 2016 Ferran Marcet <fmarcet@2byte.es> + * Copyright (C) 2016-2017 Ferran Marcet <fmarcet@2byte.es> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -816,7 +816,7 @@ class Product extends CommonObject // End call triggers } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->product->dir_output) diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index fc1eb7410e35f37a4f311b0eedfd8cd085c53686..416c0fd5dcc81f144f0d4b6b5e9f776f98ffc32c 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -3,7 +3,8 @@ * Copyright (C) 2005-2016 Laurent Destailleur <eldy@users.sourceforge.net> * Copyright (C) 2005-2010 Regis Houssin <regis.houssin@capnetworks.com> * Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro> - * Copyright (C) 2014-2015 Marcos García <marcosgdf@gmail.com> + * Copyright (C) 2014-2017 Marcos García <marcosgdf@gmail.com> + * Copyright (C) 2017 Ferran Marcet <fmarcet@2byte.es> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -301,7 +302,7 @@ class Project extends CommonObject } } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->projet->dir_output) @@ -1736,16 +1737,19 @@ class Project extends CommonObject */ function load_state_board() { - global $conf; + global $user; $this->nb=array(); - $sql = "SELECT count(u.rowid) as nb"; - $sql.= " FROM ".MAIN_DB_PREFIX."projet as u"; + $sql = "SELECT count(p.rowid) as nb"; + $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql.= " WHERE"; - //$sql.= " WHERE u.fk_statut > 0"; - //$sql.= " AND employee != 0"; - $sql.= " u.entity IN (".getEntity('projet', 1).")"; + $sql.= " p.entity IN (".getEntity('projet', 1).")"; + if (! $user->rights->projet->all->lire) + { + $projectsListId = $this->getProjectsAuthorizedForUser($user,0,1); + $sql .= "AND p.rowid IN (".$projectsListId.")"; + } $resql=$this->db->query($sql); if ($resql) diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index a39c05c8999b558738ee638288ed6a8a25aaf4ae..fea4093e175d12fdd6bff72af20362ec8cc39e88 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -680,7 +680,9 @@ foreach ($listofreferent as $key => $value) { $addform.='<div class="inline-block valignmiddle">'; if ($testnew) $addform.='<a class="buttonxxx" href="'.$urlnew.'">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>'; - else $addform.='<a class="buttonxxx buttonRefused" disabled="disabled" href="#">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>'; + elseif (empty($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED)) { + $addform.='<a class="buttonxxx buttonRefused" disabled="disabled" href="#">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>'; + } $addform.='<div>'; } @@ -1041,7 +1043,7 @@ foreach ($listofreferent as $key => $value) print '<td align="right">'; if (empty($value['disableamount'])) { - if (! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); } print '</td>'; //if (empty($value['disableamount']) && ! in_array($tablename, array('projet_task'))) print '<td align="right" width="100">'.$langs->trans("TotalTTC").' : '.price($total_ttc).'</td>'; @@ -1049,8 +1051,7 @@ foreach ($listofreferent as $key => $value) print '<td align="right">'; if (empty($value['disableamount'])) { - - if (! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); } print '</td>'; print '<td> </td>';