Example #1
0
 *   - cred card for the debit only if j is set
 *   - deb card for the debit only if j is set
 *   - filter card for debit and credit only if j OR type is set
 *   - list of fd_id
 *
 */
$jrn = !isset($_REQUEST['j']) ? -1 : $_REQUEST['j'];
$filter_card = "";
$cn = new Database(dossier::id());
$d = $_REQUEST['e'];
$filter_card = '';
require_once 'class_user.php';
global $g_user;
$g_user = new User($cn);
$g_user->check();
$g_user->check_dossier(dossier::id());
set_language();
if ($d == 'all') {
    $filter_card = '';
} else {
    if (strpos($d, 'sql]') == true) {
        $filter_card = str_replace('[sql]', " and ", $d);
    } else {
        $filter_card = "and fd_id in ({$d})";
    }
}
if ($jrn != -1) {
    switch ($d) {
        case 'cred':
            $filter_jrn = $cn->make_list("select jrn_def_fiche_cred from jrn_def where jrn_def_id=\$1", array($jrn));
            $filter_card = $filter_jrn != "" ? " and fd_id in ({$filter_jrn})" : ' and false ';
Example #2
0
 */
require_once '../include/constant.php';
require_once NOALYSS_INCLUDE . '/class_dossier.php';
include_once NOALYSS_INCLUDE . '/ac_common.php';
require_once NOALYSS_INCLUDE . '/class_acc_ledger.php';
html_page_start($_SESSION['g_theme']);
load_all_script();
$gDossier = dossier::id();
require_once NOALYSS_INCLUDE . '/class_database.php';
/* Admin. Dossier */
$cn = new Database($gDossier);
include_once NOALYSS_INCLUDE . '/class_user.php';
global $g_user;
$g_user = new User($cn);
$g_user->Check();
$act = $g_user->check_dossier($gDossier);
// AC CODE = SEARCH
if ($act == 'P') {
    redirect("extension.php?" . dossier::get(), 0);
    exit;
}
if ($act == 'X') {
    alert(_('Accès interdit'));
    exit;
}
// display a search box
$ledger = new Acc_Ledger($cn, 0);
$ledger->type = 'ALL';
$search_box = $ledger->search_form('ALL', 1);
echo '<div class="content">';
echo '<form method="GET">';
Example #3
0
 * for delete
 * - gDossier
 * - i id
 */
define('ALLOWED', 1);
require_once '../include/constant.php';
require_once NOALYSS_INCLUDE . '/class_dossier.php';
require_once NOALYSS_INCLUDE . '/class_todo_list.php';
require_once NOALYSS_INCLUDE . '/class_database.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
mb_internal_encoding("UTF-8");
$cn = Dossier::connect();
global $g_user;
$g_user = new User($cn);
$g_user->check(true);
$g_user->check_dossier(Dossier::id(), true);
set_language();
ajax_disconnected('add_todo_list');
////////////////////////////////////////////////////////////////////////////////
// Display the note
////////////////////////////////////////////////////////////////////////////////
if (isset($_REQUEST['show'])) {
    $cn = new Database(dossier::id());
    $todo = new Todo_list($cn);
    $todo->set_parameter('id', $_REQUEST['id']);
    $todo->load();
    $content = $todo->display();
    header('Content-type: text/xml; charset=UTF-8');
    $dom = new DOMDocument('1.0', 'UTF-8');
    $tl_id = $dom->createElement('tl_id', $todo->get_parameter('id'));
    $tl_content = $dom->createElement('tl_content', $content);
require_once NOALYSS_INCLUDE . '/class_dossier.php';
require_once NOALYSS_INCLUDE . '/ac_common.php';
require_once NOALYSS_INCLUDE . '/constant.php';
require_once NOALYSS_INCLUDE . '/function_javascript.php';
require_once NOALYSS_INCLUDE . '/class_extension.php';
require_once NOALYSS_INCLUDE . '/class_html_input.php';
require_once NOALYSS_INCLUDE . '/class_iselect.php';
require_once NOALYSS_INCLUDE . '/constant.security.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
echo '<div class="topmenu">';
@html_page_start($_SESSION['g_theme']);
$cn = new Database(dossier::id());
global $g_user;
$g_user = new User($cn);
$g_user->check();
$only_plugin = $g_user->check_dossier(dossier::id());
/* javascript file */
echo load_all_script();
/* show all the extension we can access */
$a = new ISelect('plugin_code');
$a->value = Extension::make_array($cn);
$a->selected = isset($_REQUEST['plugin_code']) ? strtoupper($_REQUEST['plugin_code']) : '';
/* no plugin available */
if (count($a->value) == 0) {
    alert(j(_("Aucune extension  disponible")));
    exit;
}
/* only one plugin available then we don't propose a choice*/
if (count($a->value) == 1) {
    $_REQUEST['plugin_code'] = $a->value[0]['value'];
}
Example #5
0
    $_SESSION['g_lang'] = $lang;
    $User->load();
    $User->save_email($p_email);
}
echo '<div class="welcome"> ';
/**
 *
 * If the user is NOT admin and can access only ONE folder,
 * so it will be directly redirected to this folder or to the plugins of this
 * folder if he's an "plugin user"
 */
if ($User->admin == 0) {
    // how many folder ?
    $folder = $User->get_available_folder();
    if ($folder != null && count($folder) == 1) {
        if ($User->check_dossier($folder[0]['dos_id']) == 'P') {
            redirect('extension.php?gDossier=' . $folder[0]['dos_id']);
            exit;
        } else {
            redirect('do.php?gDossier=' . $folder[0]['dos_id']);
            exit;
        }
    }
}
$result = "";
$result .= "<table border=\"0\">";
$result .= '<TR>';
if ($User->Admin() == 1) {
    $result .= "<TD  class=\"tool\" ><A class=\"cell\" HREF=\"admin_repo.php\"> Administration  </A></TD>";
}
$result .= '<TD class="tool">';
Example #6
0
 *
 *   NOALYSS is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with NOALYSS; if not, write to the Free Software
 *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
require_once '../include/constant.php';
require_once NOALYSS_INCLUDE . '/class_database.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
$cn = new Database($_GET['gDossier']);
global $g_user;
$g_user = new User($cn);
$g_user->Check();
$g_user->check_dossier($_GET['gDossier']);
$res = $cn->exec_sql("select distinct code,description from get_profile_menu(\$1) where code ~* \$2 or description ~* \$3 order by code limit 5  ", array($g_user->get_profile(), $_POST['acs'], $_POST['acs']));
$nb = Database::num_row($res);
echo "<ul>";
for ($i = 0; $i < $nb; $i++) {
    $row = Database::fetch_array($res, $i);
    echo "<li>";
    echo $row['code'];
    echo '<span class="informal"> ' . $row['description'] . '</span></li>';
}
echo "</ul>";
if ($nb == 0) {
    echo _('Aucune correspondance');
}
Example #7
0
 /**
 * @brief this function will create a sql stmt to use to create the list for
 * the ledger,
 * @param$p_array is usually the $_GET,
 * @param$p_order the order of the row
 * @param$p_where is the sql condition if not null then the $p_array will not be used
 * \note the p_action will be used to filter the ledger but gl means ALL
 * struct array $p_array
  \verbatim
  (
  [gDossier] => 13
  [p_jrn] => -1
  [date_start] =>
  [date_end] =>
  [amount_min] => 0
  [amount_max] => 0
  [desc] =>
  [search] => Rechercher
  [p_action] => ven
  [sa] => l
  )
  \endverbatim
 * \return an array with a valid sql statement, an the where clause => array[sql] array[where]
 * \see list_operation
 * \see display_search_form
 * \see search_form
 */
 public function build_search_sql($p_array, $p_order = "", $p_where = "")
 {
     $sql = "select jr_id\t,\n             jr_montant,\n             substr(jr_comment,1,60) as jr_comment,\n             to_char(jr_ech,'DD.MM.YY') as str_jr_ech,\n             to_char(jr_date,'DD.MM.YY') as str_jr_date,\n             jr_date as jr_date_order,\n             jr_grpt_id,\n             jr_rapt,\n             jr_internal,\n             jrn_def_id,\n             jrn_def_name,\n             jrn_def_ech,\n             jrn_def_type,\n             jr_valid,\n             jr_tech_per,\n             jr_pj_name,\n             p_closed,\n             jr_pj_number,\n             n_text,\n\t     case\n\t     when jrn_def_type='VEN' then\n\t\t (select ad_value from fiche_detail where ad_id=1\n\t\t and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'ACH' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'FIN' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t    end as name,\n\t   case\n\t     when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t    end as first_name,\n\t    case\n\t     when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t    when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t    end as quick_code,\n\t    case\n\t     when jrn_def_type='VEN' then\n\t\t     (select sum(qs_price)+sum(vat) from\n\t\t\t\t(select qs_internal,qs_price,case when qs_vat_sided<>0 then 0 else qs_vat end as vat from quant_sold where qs_internal=X.jr_internal) as ven_invoice\n\t\t\t  )\n\t    when jrn_def_type = 'ACH' then\n\t\t\t(\n\t\t\t\tselect sum(qp_price)+sum(vat)+sum(qp_nd_tva)+sum(qp_nd_tva_recup)\n\t\t\t\tfrom\n\t\t\t\t (select qp_internal,qp_price,qp_nd_tva,qp_nd_tva_recup,qp_vat-qp_vat_sided as vat from quant_purchase where qp_internal=X.jr_internal) as invoice_purchase\n\t\t\t)\n\t\telse null\n\t\tend as total_invoice,\n            jr_date_paid,\n            to_char(jr_date_paid,'DD.MM.YY') as str_jr_date_paid\n             from\n             jrn as X left join jrn_note using(jr_id)\n             join jrn_def on jrn_def_id=jr_def_id\n             join parm_periode on p_id=jr_tech_per";
     if (!empty($p_array)) {
         extract($p_array);
     }
     if (isset($op)) {
         $r_jrn = isset(${$op . "r_jrn"}) ? ${$op . "r_jrn"} : -1;
     } else {
         $r_jrn = isset($r_jrn) ? $r_jrn : -1;
     }
     /* if no variable are set then give them a default
      * value */
     if ($p_array == null || empty($p_array) || !isset($amount_min)) {
         $amount_min = 0;
         $amount_max = 0;
         $desc = '';
         $qcode = isset($qcode) ? $qcode : "";
         if (isset($qcodesearch_op)) {
             $qcode = $qcodesearch_op;
         }
         $accounting = isset($accounting) ? $accounting : "";
         $periode = new Periode($this->db);
         $g_user = new User($this->db);
         $p_id = $g_user->get_periode();
         if ($p_id != null) {
             list($date_start, $date_end) = $periode->get_date_limit($p_id);
         }
     }
     /* if p_jrn : 0 if means all ledgers, if -1 means all ledger of this
      *  type otherwise only one ledger */
     $fil_ledger = '';
     $fil_amount = '';
     $fil_date = '';
     $fil_desc = '';
     $fil_sec = '';
     $fil_qcode = '';
     $fil_account = '';
     $fil_paid = '';
     $fil_date_paid = '';
     $and = '';
     $g_user = new User($this->db);
     $p_action = $ledger_type;
     if ($p_action == '') {
         $p_action = 'ALL';
     }
     if ($r_jrn == -1) {
         /* from compta.php the p_action is quick_writing instead of ODS  */
         if ($p_action == 'quick_writing') {
             $p_action = 'ODS';
         }
         $fil_ledger = $g_user->get_ledger_sql($p_action, 3);
         $and = ' and ';
     } else {
         if ($p_action == 'quick_writing') {
             $p_action = 'ODS';
         }
         $aLedger = $g_user->get_ledger($p_action, 3);
         $fil_ledger = '';
         $sp = '';
         for ($i = 0; $i < count($r_jrn); $i++) {
             if (isset($r_jrn[$i])) {
                 $a = $r_jrn[$i];
                 $fil_ledger .= $sp . $a;
                 $sp = ',';
             }
         }
         $fil_ledger = ' jrn_def_id in (' . $fil_ledger . ')';
         $and = ' and ';
         /* no ledger selected */
         if ($sp == '') {
             $fil_ledger = '';
             $and = '';
         }
     }
     /* format the number */
     $amount_min = abs(toNumber($amount_min));
     $amount_max = abs(toNumber($amount_max));
     if ($amount_min > 0 && isNumber($amount_min)) {
         $fil_amount = $and . ' jr_montant >=' . $amount_min;
         $and = ' and ';
     }
     if ($amount_max > 0 && isNumber($amount_max)) {
         $fil_amount .= $and . ' jr_montant <=' . $amount_max;
         $and = ' and ';
     }
     /* -------------------------------------------------------------------------- *
      * if both amount are the same then we need to search into the detail
      * and we reset the fil_amount
      * -------------------------------------------------------------------------- */
     if (isNumber($amount_min) && isNumber($amount_max) && $amount_min > 0 && bccomp($amount_min, $amount_max, 2) == 0) {
         $fil_amount = $and . ' ( ';
         // Look in detail
         $fil_amount .= 'jr_grpt_id in ( select distinct j_grpt from jrnx where j_montant = ' . $amount_min . ') ';
         //and the total operation
         $fil_amount .= ' or ';
         $fil_amount .= ' jr_montant = ' . $amount_min;
         $fil_amount .= ')';
         $and = " and ";
     }
     // date
     if (isset($date_start) && isDate($date_start) != null) {
         $fil_date = $and . " jr_date >= to_date('" . $date_start . "','DD.MM.YYYY')";
         $and = " and ";
     }
     if (isset($date_end) && isDate($date_end) != null) {
         $fil_date .= $and . " jr_date <= to_date('" . $date_end . "','DD.MM.YYYY')";
         $and = " and ";
     }
     // date paiement
     if (isset($date_paid_start) && isDate($date_paid_start) != null) {
         $fil_date_paid = $and . " jr_date_paid >= to_date('" . $date_paid_start . "','DD.MM.YYYY')";
         $and = " and ";
     }
     if (isset($date_paid_end) && isDate($date_paid_end) != null) {
         $fil_date_paid .= $and . " jr_date_paid <= to_date('" . $date_paid_end . "','DD.MM.YYYY')";
         $and = " and ";
     }
     // comment
     if (isset($desc) && $desc != null) {
         $desc = sql_string($desc);
         $fil_desc = $and . " ( upper(jr_comment) like upper('%" . $desc . "%') or upper(jr_pj_number) like upper('%" . $desc . "%') " . " or upper(jr_internal)  like upper('%" . $desc . "%')\n                          or jr_grpt_id in (select j_grpt from jrnx where j_text ~* '" . $desc . "')\n                          or jr_id in (select jr_id from jrn_info where ji_value is not null and ji_value ~* '{$desc}')\n                          )";
         $and = " and ";
     }
     //    Poste
     if (isset($accounting) && $accounting != null) {
         $fil_account = $and . "  jr_grpt_id in (select j_grpt\n                         from jrnx where j_poste::text like '" . sql_string($accounting) . "%' )  ";
         $and = " and ";
     }
     // Quick Code
     if (isset($qcodesearch_op)) {
         $qcode = $qcodesearch_op;
     }
     if (isset($qcode) && $qcode != null) {
         $fil_qcode = $and . "  jr_grpt_id in ( select j_grpt from\n                       jrnx where trim(j_qcode) = upper(trim('" . sql_string($qcode) . "')))";
         $and = " and ";
     }
     // Only the unpaid
     if (isset($unpaid)) {
         $fil_paid = $and . SQL_LIST_UNPAID_INVOICE;
         $and = " and ";
     }
     $g_user = new User(new Database());
     $g_user->Check();
     $g_user->check_dossier(dossier::id());
     if ($g_user->admin == 0 && $g_user->is_local_admin() == 0) {
         $fil_sec = $and . " jr_def_id in ( select uj_jrn_id " . " from user_sec_jrn where " . " uj_login='******'g_user'] . "'" . " and uj_priv in ('R','W'))";
     }
     $where = $fil_ledger . $fil_amount . $fil_date . $fil_desc . $fil_sec . $fil_amount . $fil_qcode . $fil_paid . $fil_account . $fil_date_paid;
     $sql .= " where " . $where;
     return array($sql, $where);
 }
Example #8
0
require_once NOALYSS_INCLUDE . '/class_periode.php';
require_once NOALYSS_INCLUDE . '/class_html_input.php';
require_once NOALYSS_INCLUDE . '/class_acc_account.php';
require_once NOALYSS_INCLUDE . '/class_exercice.php';
$div = $_REQUEST['div'];
mb_internal_encoding("UTF-8");
/**
 *if $_SESSION['g_user'] is not set : echo a warning
 */
ajax_disconnected($div);
global $g_user, $cn;
$cn = new Database(dossier::id());
$g_user = new User($cn);
set_language();
/* security */
if ($g_user->check_dossier(dossier::id(), true) == 'X') {
    exit;
}
$from_div = isset($_REQUEST['ajax']) ? 1 : $_GET['l'];
if (LOGINPUT) {
    $file_loginput = fopen($_ENV['TMP'] . '/scenario-' . $_SERVER['REQUEST_TIME'] . '.php', 'a+');
    fwrite($file_loginput, "<?php \n");
    fwrite($file_loginput, "//@description:\n");
    fwrite($file_loginput, '$_GET=' . var_export($_GET, true));
    fwrite($file_loginput, ";\n");
    fwrite($file_loginput, '$_POST=' . var_export($_POST, true));
    fwrite($file_loginput, ";\n");
    fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
    fwrite($file_loginput, "\n");
    fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
    fwrite($file_loginput, "\n");
Example #9
0
}
extract($_REQUEST);
ajax_disconnected($ctl);
if ($cont != 0) {
    exit;
}
set_language();
/*
 *echo a warning if disconnected
 */
ajax_disconnected($_REQUEST['ctl']);
$cn = new Database($gDossier);
global $g_user;
$g_user = new User($cn);
$g_user->check(true);
$g_user->check_dossier($gDossier, true);
$html = var_export($_REQUEST, true);
if (LOGINPUT) {
    $file_loginput = fopen($_ENV['TMP'] . '/scenario-' . $_SERVER['REQUEST_TIME'] . '.php', 'a+');
    fwrite($file_loginput, "<?php \n");
    fwrite($file_loginput, '//@description:' . $op . "\n");
    fwrite($file_loginput, '$_GET=' . var_export($_GET, true));
    fwrite($file_loginput, ";\n");
    fwrite($file_loginput, '$_POST=' . var_export($_POST, true));
    fwrite($file_loginput, ";\n");
    fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
    fwrite($file_loginput, "\n");
    fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
    fwrite($file_loginput, "\n");
    fwrite($file_loginput, ' $_REQUEST=array_merge($_GET,$_POST);');
    fwrite($file_loginput, "\n");