Skip to content
Snippets Groups Projects
Commit f5a530e5 authored by Laurent Destailleur's avatar Laurent Destailleur
Browse files

Fix: Bad permission. 

Fix: Bad transaction.
parent 1e2c452b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
htdocs/fourn/facture/fiche.php
+ 14
122
View file @ f5a530e5
......@@ -466,9 +466,10 @@ elseif ($action == 'add' && $user->rights->fournisseur->facture->creer)
}
}
// Modification d'une ligne
// Edit line
elseif ($action == 'update_line' && $user->rights->fournisseur->facture->creer)
{
// TODO Missing transaction
if (GETPOST('etat') == '1' && ! GETPOST('cancel')) // si on valide la modification
{
$object->fetch($id);
......@@ -516,6 +517,8 @@ elseif ($action == 'update_line' && $user->rights->fournisseur->facture->creer)
elseif ($action == 'addline' && $user->rights->fournisseur->facture->creer)
{
$db->begin();
$ret=$object->fetch($id);
if ($ret < 0)
{
......@@ -655,6 +658,8 @@ elseif ($action == 'addline' && $user->rights->fournisseur->facture->creer)
//print "xx".$tva_tx; exit;
if (! $error && $result > 0)
{
$db->commit();
// Define output language
$outputlangs = $langs;
$newlang=GETPOST('lang_id','alpha');
......@@ -704,9 +709,13 @@ elseif ($action == 'addline' && $user->rights->fournisseur->facture->creer)
unset($_POST['date_endmonth']);
unset($_POST['date_endyear']);
}
else if (empty($mesg))
{
$mesg='<div class="error">'.$object->error.'</div>';
else
{
$db->rollback();
if (empty($mesg))
{
$mesg='<div class="error">'.$object->error.'</div>';
}
}
$action = '';
......@@ -2056,24 +2065,9 @@ else
// Form to add new line
if ($object->statut == 0 && $action != 'edit_line')
{
/*print '<tr class="liste_titre">';
print '<td>';
print '<a name="add"></a>'; // ancre
print $langs->trans('AddNewLine').' - '.$langs->trans("FreeZone").'</td>';
print '<td align="right">'.$langs->trans('VAT').'</td>';
print '<td align="right">'.$langs->trans('PriceUHT').'</td>';
print '<td align="right">'.$langs->trans('PriceUTTC').'</td>';
print '<td align="right">'.$langs->trans('Qty').'</td>';
print '<td align="right">'.$langs->trans('ReductionShort').'</td>';
print '<td align="right">&nbsp;</td>';
print '<td align="right">&nbsp;</td>';
print '<td>&nbsp;</td>';
print '<td>&nbsp;</td>';
print '</tr>';*/
global $forceall, $senderissupplier, $dateSelector, $inputalsopricewithtax;
$forceall=1; $senderissupplier=1; $dateSelector=0; $inputalsopricewithtax=1;
if ($object->statut == 0 && $user->rights->propal->creer)
if ($object->statut == 0 && $user->rights->fournisseur->facture->creer)
{
if ($action != 'editline')
{
......@@ -2086,108 +2080,6 @@ else
$reshook = $hookmanager->executeHooks('formAddObjectLine', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
}
}
// Add free products/services form
/*
$var=true;
print '<tr '.$bc[$var].'>';
print '<td>';
$forceall=1; // For suppliers, we always show all types
print $form->select_type_of_lines(isset($_POST["type"])?$_POST["type"]:-1,'type',1,0,$forceall);
if ($forceall || (! empty($conf->product->enabled) && ! empty($conf->service->enabled))
|| (empty($conf->product->enabled) && empty($conf->service->enabled))) print '<br>';
if (is_object($hookmanager))
{
$parameters=array();
$reshook=$hookmanager->executeHooks('formCreateSupplierProductOptions',$parameters,$object,$action);
}
$nbrows=ROWS_2;
if (! empty($conf->global->MAIN_INPUT_DESC_HEIGHT)) $nbrows=$conf->global->MAIN_INPUT_DESC_HEIGHT;
$doleditor=new DolEditor('dp_desc',GETPOST("dp_desc"),'',100,'dolibarr_details','',false,true,$conf->global->FCKEDITOR_ENABLE_DETAILS,$nbrows,70);
$doleditor->Create();
print '</td>';
print '<td align="right">';
print $form->load_tva('tauxtva',(GETPOST('tauxtva')?GETPOST('tauxtva'):-1),$societe,$mysoc);
print '</td>';
print '<td align="right">';
print '<input size="4" name="amount" type="text" value="'.GETPOST("amount").'">';
print '</td>';
print '<td align="right">';
print '<input size="4" name="amountttc" type="text" value="'.GETPOST("amountttc").'">';
print '</td>';
print '<td align="right">';
print '<input size="1" name="qty" type="text" value="1" value="'.GETPOST("qty").'">';
print '</td>';
print '<td align="right" class="nowrap"><input size="1" name="remise_percent" type="text" value="'.(GETPOST('remise_percent')?GETPOST('remise_percent'):'0').'"><span class="hideonsmartphone">%</span></td>';
print '<td>&nbsp;</td>';
print '<td>&nbsp;</td>';
print '<td align="center" valign="middle" colspan="2"><input type="submit" class="button" value="'.$langs->trans('Add').'" name="addline_libre"></td></tr>';
// Ajout de produits/services predefinis
if (! empty($conf->product->enabled) || ! empty($conf->service->enabled))
{
print '<script type="text/javascript">
jQuery(document).ready(function() {
jQuery(\'#idprodfournprice\').change(function() {
if (jQuery(\'#idprodfournprice\').val() > 0) jQuery(\'#np_desc\').focus();
});
});
</script>';
print '<tr class="liste_titre">';
print '<td colspan="4">';
print $langs->trans("AddNewLine").' - ';
if (! empty($conf->service->enabled))
{
print $langs->trans('RecordedProductsAndServices');
}
else
{
print $langs->trans('RecordedProducts');
}
print '</td>';
print '<td align="right">'.$langs->trans('Qty').'</td>';
print '<td align="right">'.$langs->trans('ReductionShort').'</td>';
print '<td>&nbsp;</td>';
print '<td colspan="4">&nbsp;</td>';
print '</tr>';
$var=! $var;
print '<tr '.$bc[$var].'>';
print '<td colspan="4">';
$ajaxoptions=array(
'update' => array('qty_predef'=>'qty','remise_percent_predef' => 'discount'), // html id tag will be edited with which ajax json response key
'disabled' => 'addPredefinedProductButton', // html id to disable once select is done
'error' => $langs->trans("NoPriceDefinedForThisSupplier") // translation of an error saved into var 'error'
);
$form->select_produits_fournisseurs($object->socid, GETPOST('idprodfournprice'), 'idprodfournprice', '', '', $ajaxoptions);
if (empty($conf->global->PRODUIT_USE_SEARCH_TO_SELECT)) print '<br>';
if (is_object($hookmanager))
{
$parameters=array('htmlname'=>'idprodfournprice');
$reshook=$hookmanager->executeHooks('formCreateProductSupplierOptions',$parameters,$object,$action);
}
$nbrows=ROWS_2;
if (! empty($conf->global->MAIN_INPUT_DESC_HEIGHT)) $nbrows=$conf->global->MAIN_INPUT_DESC_HEIGHT;
$doleditor = new DolEditor('np_desc', GETPOST('np_desc'), '', 100, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_DETAILS, $nbrows, 70);
$doleditor->Create();
print '</td>';
print '<td align="right"><input type="text" id="qty_predef" name="qty_predef" value="1" size="1"></td>';
print '<td align="right" class="nowrap"><input size="1" id="remise_percent_predef" name="remise_percent_predef" type="text" value="'.(GETPOST('remise_percent_predef')?GETPOST('remise_percent_predef'):'0').'"><span class="hideonsmartphone">%</span></td>';
print '<td>&nbsp;</td>';
print '<td>&nbsp;</td>';
print '<td align="center" valign="middle" colspan="2"><input type="submit" id="addPredefinedProductButton" class="button" value="'.$langs->trans("Add").'" name="addline_predefined"></td>';
print '</tr>';
}*/
}
print '</table>';
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment