// Load object //include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Can't use generic include because when creating a project, ref is defined and we dont want error if fetch fails from ref. if ($id > 0 || !empty($ref)) { $ret = $object->fetch($id, $ref); // If we create project, ref may be defined into POST but record does not yet exists into database if ($ret > 0) { $object->fetch_thirdparty(); $id = $object->id; } } // Security check $socid = GETPOST('socid'); if ($user->societe_id > 0) { $socid = $user->societe_id; } $result = restrictedArea($user, 'projet', $object->id); // fetch optionals attributes and labels $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); $date_start = dol_mktime(0, 0, 0, GETPOST('projectstartmonth', 'int'), GETPOST('projectstartday', 'int'), GETPOST('projectstartyear', 'int')); $date_end = dol_mktime(0, 0, 0, GETPOST('projectendmonth', 'int'), GETPOST('projectendday', 'int'), GETPOST('projectendyear', 'int')); /* * Actions */ $parameters = array('id' => $socid, 'objcanvas' => $objcanvas); $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } if (empty($reshook)) { // Cancel
$langs->load("products"); $langs->load("stocks"); $langs->load("companies"); $action = GETPOST('action'); $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $id = GETPOST("id", 'int'); if (!$sortfield) { $sortfield = "p.ref"; } if (!$sortorder) { $sortorder = "DESC"; } $mesg = ''; // Security check $result = restrictedArea($user, 'stock'); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('warehousecard')); /* * Actions */ // Ajout entrepot if ($action == 'add' && $user->rights->stock->creer) { $object = new Entrepot($db); $object->ref = $_POST["ref"]; $object->libelle = $_POST["libelle"]; $object->description = $_POST["desc"]; $object->statut = $_POST["statut"]; $object->lieu = $_POST["lieu"]; $object->address = $_POST["address"]; $object->zip = $_POST["zipcode"];
* You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ /** * \file htdocs/loan/note.php * \brief Tab for notes on loan * \ingroup loan */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/loan/class/loan.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/loan.lib.php'; $action = GETPOST('action'); $langs->load('loan'); // Security check $id = GETPOST('id', 'int'); $result = restrictedArea($user, 'loan', $id, '&loan'); $object = new Loan($db); if ($id > 0) { $object->fetch($id); } $permissionnote = $user->rights->loan->write; // Used by the include of actions_setnotes.inc.php /* * Actions */ include DOL_DOCUMENT_ROOT . '/core/actions_setnotes.inc.php'; // Must be include, not include_once /* * View */ $form = new Form($db);
*/ /** * \file htdocs/societe/note.php * \brief Tab for notes on third party * \ingroup societe */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php'; $action = GETPOST('action'); $langs->load("companies"); // Security check $id = GETPOST('id') ? GETPOST('id', 'int') : GETPOST('socid', 'int'); if ($user->societe_id) { $id = $user->societe_id; } $result = restrictedArea($user, 'societe', $id, '&societe'); $object = new Societe($db); if ($id > 0) { $object->fetch($id); } $permissionnote = $user->rights->societe->creer; // Used by the include of actions_setnotes.inc.php /* * Actions */ include DOL_DOCUMENT_ROOT . '/core/actions_setnotes.inc.php'; // Must be include, not includ_once /* * View */ $form = new Form($db);
} // Define modetax (0 or 1) // 0=normal, 1=option vat for services is on debit $modetax = $conf->global->TAX_MODE; if (isset($_REQUEST["modetax"])) { $modetax = $_REQUEST["modetax"]; } if (empty($modetax)) { $modetax = 0; } // Security check $socid = GETPOST('socid', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'tax', '', '', 'charges'); /* * View */ $morequerystring = ''; $listofparams = array('date_startmonth', 'date_startyear', 'date_startday', 'date_endmonth', 'date_endyear', 'date_endday'); foreach ($listofparams as $param) { if (GETPOST($param) != '') { $morequerystring .= ($morequerystring ? '&' : '') . $param . '=' . GETPOST($param); } } llxHeader('', '', '', '', 0, 0, '', '', $morequerystring); $form = new Form($db); $company_static = new Societe($db); $invoice_customer = new Facture($db); $invoice_supplier = new FactureFournisseur($db);
$socid = GETPOST('socid', 'int'); // Category $selected_cat = (int) GETPOST('search_categ', 'int'); $subcat = false; if (GETPOST('subcat', 'alpha') === 'yes') { $subcat = true; } // Security check if ($user->societe_id > 0) { $socid = $user->societe_id; } if (!empty($conf->comptabilite->enabled)) { $result = restrictedArea($user, 'compta', '', '', 'resultat'); } if (!empty($conf->accounting->enabled)) { $result = restrictedArea($user, 'accounting', '', '', 'comptarapport'); } // Date range $year = GETPOST("year"); $month = GETPOST("month"); $date_startyear = GETPOST("date_startyear"); $date_startmonth = GETPOST("date_startmonth"); $date_startday = GETPOST("date_startday"); $date_endyear = GETPOST("date_endyear"); $date_endmonth = GETPOST("date_endmonth"); $date_endday = GETPOST("date_endday"); if (empty($year)) { $year_current = strftime("%Y", dol_now()); $month_current = strftime("%m", dol_now()); $year_start = $year_current; } else {
// Get object canvas (By default, this is not defined, so standard usage of dolibarr) $canvas = GETPOST("canvas"); $objcanvas = null; if (!empty($canvas)) { require_once DOL_DOCUMENT_ROOT . '/core/class/canvas.class.php'; $objcanvas = new Canvas($db, $action); $objcanvas->getCanvas('product', 'list', $canvas); } // Security check if ($type == '0') { $result = restrictedArea($user, 'produit', '', '', '', '', '', $objcanvas); } else { if ($type == '1') { $result = restrictedArea($user, 'service', '', '', '', '', '', $objcanvas); } else { $result = restrictedArea($user, 'produit|service', '', '', '', '', '', $objcanvas); } } // List of fields to search into when doing a "search in all" $fieldstosearchall = array('p.ref' => "Ref", 'pfp.ref_fourn' => "RefSupplier", 'p.label' => "ProductLabel", 'p.description' => "Description", "p.note" => "Note"); // multilang if (!empty($conf->global->MAIN_MULTILANGS)) { $fieldstosearchall['pl.label'] = 'ProductLabelTranslated'; $fieldstosearchall['pl.description'] = 'ProductDescriptionTranslated'; $fieldstosearchall['pl.note'] = 'ProductNoteTranslated'; } if (!empty($conf->barcode->enabled)) { $fieldstosearchall['p.barcode'] = 'Gencod'; } // Definition of fields for lists $arrayfields = array('p.ref' => array('label' => $langs->trans("Ref"), 'checked' => 1), 'p.label' => array('label' => $langs->trans("Label"), 'checked' => 1), 'p.barcode' => array('label' => $langs->trans("Gencod"), 'checked' => $contextpage != 'servicelist', 'enabled' => !empty($conf->barcode->enabled)), 'p.duration' => array('label' => $langs->trans("Duration"), 'checked' => $contextpage != 'productlist', 'enabled' => !empty($conf->service->enabled)), 'p.sellprice' => array('label' => $titlesellprice, 'checked' => 1, 'enabled' => empty($conf->global->PRODUIT_MULTIPRICES)), 'p.minbuyprice' => array('label' => $langs->trans("BuyingPriceMinShort"), 'checked' => 1, 'enabled' => !empty($user->rights->fournisseur->lire)), 'p.desiredstock' => array('label' => $langs->trans("DesiredStock"), 'checked' => 1, 'enabled' => !empty($conf->stock->enabled) && $user->rights->stock->lire && $contextpage != 'service'), 'p.tobatch' => array('label' => $langs->trans("ManageLotSerial"), 'checked' => 0, 'enabled' => !empty($conf->productbatch->enabled)), 'p.stock' => array('label' => $langs->trans("PhysicalStock"), 'checked' => 1, 'enabled' => !empty($conf->stock->enabled) && $user->rights->stock->lire && $contextpage != 'service'), 'p.accountancy_code_sell' => array('label' => $langs->trans("ProductAccountancySellCode"), 'checked' => 0), 'p.accountancy_code_buy' => array('label' => $langs->trans("ProductAccountancyBuyCode"), 'checked' => 0), 'p.datec' => array('label' => $langs->trans("DateCreation"), 'checked' => 0, 'position' => 500), 'p.tms' => array('label' => $langs->trans("DateModificationShort"), 'checked' => 0, 'position' => 500), 'p.tosell' => array('label' => $langs->trans("Status") . ' (' . $langs->trans("Sell") . ')', 'checked' => 1, 'position' => 1000), 'p.tobuy' => array('label' => $langs->trans("Status") . ' (' . $langs->trans("Purchases") . ')', 'checked' => 1, 'position' => 1000));
$search_societe = GETPOST('search_societe', 'alpha'); $search_montant_ht = GETPOST('search_montant_ht', 'alpha'); $search_montant_ttc = GETPOST('search_montant_ttc', 'alpha'); $origin = GETPOST('origin', 'alpha'); $originid = GETPOST('originid', 'int') ? GETPOST('originid', 'int') : GETPOST('origin_id', 'int'); // For backward compatibility // PDF $hidedetails = GETPOST('hidedetails', 'int') ? GETPOST('hidedetails', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0); $hidedesc = GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0); $hideref = GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0); // Security check $fieldid = !empty($ref) ? 'facnumber' : 'rowid'; if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'facture', $id, '', '', 'fk_soc', $fieldid); // Nombre de ligne pour choix de produit/service predefinis $NBLINES = 4; $usehm = !empty($conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE) ? $conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE : 0; $object = new Facture($db); $extrafields = new ExtraFields($db); // Load object if ($id > 0 || !empty($ref)) { $ret = $object->fetch($id, $ref); } // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('invoicecard', 'globalcard')); $permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php $permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php
* along with this program. If not, see <http://www.gnu.org/licenses/>. */ /** * \file htdocs/societe/index.php * \ingroup societe * \brief Home page for third parties area */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/societe/class/societe.class.php'; $langs->load("companies"); $socid = GETPOST('socid', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } // Security check $result = restrictedArea($user, 'societe', 0, '', '', '', ''); $thirdparty_static = new Societe($db); /* * View */ $transAreaType = $langs->trans("ThirdPartiesArea"); $helpurl = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Módulo_Terceros'; llxHeader("", $langs->trans("ThirdParties"), $helpurl); $linkback = ''; print load_fiche_titre($transAreaType, $linkback, 'title_companies.png'); //print '<table border="0" width="100%" class="notopnoleftnoright">'; //print '<tr><td valign="top" width="30%" class="notopnoleft">'; print '<div class="fichecenter"><div class="fichethirdleft">'; // Search thirdparty if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { $listofsearchfields['search_thirdparty'] = array('text' => 'ThirdParty');
* \ingroup compta * \brief Page list of cheque deposits */ require '../../../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/compta/paiement/cheque/class/remisecheque.class.php'; require_once DOL_DOCUMENT_ROOT . '/compta/bank/class/account.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formother.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/date.lib.php'; $langs->load("banks"); $langs->load("categories"); $langs->load("bills"); // Security check if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'banque', '', ''); $search_ref = GETPOST('search_ref', 'int'); $search_account = GETPOST('search_account', 'int'); $search_amount = GETPOST('search_amount', 'alpha'); $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $page = GETPOST("page", 'int'); if ($page == -1) { $page = 0; } $offset = $conf->liste_limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; $limit = $conf->liste_limit; if (!$sortorder) { $sortorder = "DESC";
$contactid = GETPOST('contactid', 'int'); $origin = GETPOST('origin', 'alpha'); $originid = GETPOST('originid', 'int'); $confirm = GETPOST('confirm', 'alpha'); $fulldayevent = GETPOST('fullday'); $datep = dol_mktime($fulldayevent ? '00' : GETPOST("aphour"), $fulldayevent ? '00' : GETPOST("apmin"), 0, GETPOST("apmonth"), GETPOST("apday"), GETPOST("apyear")); $datef = dol_mktime($fulldayevent ? '23' : GETPOST("p2hour"), $fulldayevent ? '59' : GETPOST("p2min"), $fulldayevent ? '59' : '0', GETPOST("p2month"), GETPOST("p2day"), GETPOST("p2year")); // Security check $socid = GETPOST('socid', 'int'); $id = GETPOST('id', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); if ($user->societe_id && $socid) { $result = restrictedArea($user, 'societe', $socid); } $error = GETPOST("error"); $donotclearsession = GETPOST('donotclearsession') ? GETPOST('donotclearsession') : 0; $cactioncomm = new CActionComm($db); $object = new ActionComm($db); $contact = new Contact($db); $extrafields = new ExtraFields($db); $formfile = new FormFile($db); $form = new Form($db); $formfile = new FormFile($db); $formactions = new FormActions($db); // fetch optionals attributes and labels $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); //var_dump($_POST); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
* \brief Page to show a trip card */ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/trip.lib.php'; require_once DOL_DOCUMENT_ROOT . '/compta/deplacement/class/deplacement.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; if (!empty($conf->projet->enabled)) { require_once DOL_DOCUMENT_ROOT . '/projet/class/project.class.php'; } $langs->load("trips"); // Security check $id = GETPOST('id', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'deplacement', $id, ''); $action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); $object = new Deplacement($db); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('tripsandexpensescard', 'globalcard')); $permissionnote = $user->rights->deplacement->creer; // Used by the include of actions_setnotes.inc.php /* * Actions */ include DOL_DOCUMENT_ROOT . '/core/actions_setnotes.inc.php'; // Must be include, not includ_once if ($action == 'validate' && $user->rights->deplacement->creer) { $object->fetch($id); if ($object->statut == 0) {
$HEIGHT = DolGraph::getDefaultGraphSizeForStats('height'); $userid = GETPOST('userid', 'int'); $socid = GETPOST('socid', 'int'); if ($socid < 0) { $socid = 0; } $id = GETPOST('id', 'int'); // Security check if ($user->societe_id > 0) { $action = ''; $socid = $user->societe_id; } if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'expensereport', $id, ''); $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ? GETPOST('year') : $nowyear; //$startyear=$year-2; $startyear = $year - 1; $endyear = $year; $mode = GETPOST("mode") ? GETPOST("mode") : 'customer'; /* * View */ $form = new Form($db); llxHeader(); $title = $langs->trans("TripsAndExpensesStatistics"); $dir = $conf->expensereport->dir_temp; print load_fiche_titre($title, $mesg); dol_mkdir($dir);
require_once DOL_DOCUMENT_ROOT . '/compta/salaries/class/paymentsalary.class.php'; require_once DOL_DOCUMENT_ROOT . '/compta/bank/class/account.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/salaries.lib.php'; $langs->load("compta"); $langs->load("banks"); $langs->load("bills"); $langs->load("users"); $langs->load("salaries"); $id = GETPOST("id", 'int'); $action = GETPOST('action'); // Security check $socid = GETPOST("socid", "int"); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'salaries', '', '', ''); $object = new PaymentSalary($db); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('salarycard', 'globalcard')); /** * Actions */ if ($_POST["cancel"] == $langs->trans("Cancel")) { header("Location: index.php"); exit; } if ($action == 'add' && $_POST["cancel"] != $langs->trans("Cancel")) { $error = 0; $datep = dol_mktime(12, 0, 0, $_POST["datepmonth"], $_POST["datepday"], $_POST["datepyear"]); $datev = dol_mktime(12, 0, 0, $_POST["datevmonth"], $_POST["datevday"], $_POST["datevyear"]); $datesp = dol_mktime(12, 0, 0, $_POST["datespmonth"], $_POST["datespday"], $_POST["datespyear"]);
$month = GETPOST("month"); // Nombre de ligne pour choix de produit/service predefinis $NBLINES = 4; // Security check $module = 'propal'; $dbtable = ''; $objectid = ''; if (!empty($user->societe_id)) { $socid = $user->societe_id; } if (!empty($socid)) { $objectid = $socid; $module = 'societe'; $dbtable = '&societe'; } $result = restrictedArea($user, $module, $objectid, $dbtable); if (GETPOST("button_removefilter") || GETPOST("button_removefilter_x")) { $search_categ = ''; $search_user = ''; $search_sale = ''; $search_ref = ''; $search_refcustomer = ''; $search_societe = ''; $search_montant_ht = ''; $search_author = ''; $search_product_category = ''; $search_town = ''; $year = ''; $month = ''; $viewstatut = ''; $object_statut = '';
$statut = GETPOST('statut') ? GETPOST('statut') : 1; $socid = GETPOST('socid', 'int'); $op1month = GETPOST('op1month'); $op1day = GETPOST('op1day'); $op1year = GETPOST('op1year'); $filter_op1 = GETPOST('filter_op1'); $op2month = GETPOST('op2month'); $op2day = GETPOST('op2day'); $op2year = GETPOST('op2year'); $filter_op2 = GETPOST('filter_op2'); // Security check $contratid = GETPOST('id', 'int'); if (!empty($user->societe_id)) { $socid = $user->societe_id; } $result = restrictedArea($user, 'contrat', $contratid); if ($search_status != '') { $tmp = explode('&', $search_status); $mode = $tmp[0]; if (empty($tmp[1])) { $filter = ''; } else { if ($tmp[1] == 'filter=notexpired') { $filter = 'notexpired'; } if ($tmp[1] == 'filter=expired') { $filter = 'expired'; } } } else { $search_status = $mode;
*/ /** * \file htdocs/contact/exportimport.php * \ingroup societe * \brief Onglet exports-imports d'un contact */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/contact.lib.php'; $langs->load("companies"); // Security check $id = GETPOST('id', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'contact', $id, 'socpeople&societe'); /* * View */ $title = !empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("Contacts") : $langs->trans("ContactsAddresses"); llxHeader('', $title, 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Módulo_Empresas'); $form = new Form($db); $contact = new Contact($db); $contact->fetch($id, $user); $head = contact_prepare_head($contact); dol_fiche_head($head, 'exportimport', $title, 0, 'contact'); /* * Fiche en mode visu */ print '<table class="border" width="100%">'; $linkback = '<a href="' . DOL_URL_ROOT . '/contact/list.php">' . $langs->trans("BackToList") . '</a>';
$fuser = new User($db); $fuser->fetch($id); // If user is not user read and no permission to read other users, we stop if (($fuser->id != $user->id) && (! $user->rights->user->user->lire)) accessforbidden(); // Security check $socid=0; if ($user->societe_id > 0) $socid = $user->societe_id; $feature2 = (($socid && $user->rights->user->self->creer)?'':'user'); if ($user->id == $_GET["id"]) // A user can always read its own card { $feature2=''; } $result = restrictedArea($user, 'user', $_GET["id"], '', $feature2); /******************************************************************************/ /* Actions */ /******************************************************************************/ if ($_POST["action"] == 'update' && $user->rights->user->user->creer && ! $_POST["cancel"]) { $db->begin(); $res=$fuser->update_note($_POST["note"],$user); if ($res < 0) { $mesg='<div class="error">'.$adh->error.'</div>';
require_once DOL_DOCUMENT_ROOT . '/core/lib/product.lib.php'; require_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; $langs->load("products"); $langs->load("bills"); $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); // Security check $fieldvalue = !empty($id) ? $id : (!empty($ref) ? $ref : ''); $fieldtype = !empty($ref) ? 'ref' : 'rowid'; if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $mesg = ''; $object = new Product($db); if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); $dir = !empty($conf->product->multidir_output[$object->entity]) ? $conf->product->multidir_output[$object->entity] : $conf->service->multidir_output[$object->entity]; } /* * Actions */ if (isset($_FILES['userfile']) && $_FILES['userfile']['size'] > 0 && GETPOST('sendit') && !empty($conf->global->MAIN_UPLOAD_DOC)) { if ($object->id) { $result = $object->add_photo($dir, $_FILES['userfile']); } } if ($action == 'confirm_delete' && $_GET["file"] && $confirm == 'yes' && ($user->rights->produit->creer || $user->rights->service->creer)) {
require_once DOL_DOCUMENT_ROOT . '/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formother.class.php'; $langs->load("categories"); $id = GETPOST('id', 'int'); $ref = GETPOST('ref'); $type = GETPOST('type'); $action = GETPOST('action'); $confirm = GETPOST('confirm'); $removeelem = GETPOST('removeelem', 'int'); $elemid = GETPOST('elemid'); if ($id == "") { dol_print_error('', 'Missing parameter id'); exit; } // Security check $result = restrictedArea($user, 'categorie', $id, '&category'); $object = new Categorie($db); $result = $object->fetch($id); $object->fetch_optionals($id, $extralabels); if ($result <= 0) { dol_print_error($db, $object->error); exit; } $type = $object->type; $extrafields = new ExtraFields($db); $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); // Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('categorycard')); /* * Actions */
* \file htdocs/comm/propal/index.php * \ingroup propal * \brief Home page of proposal area */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT . '/supplier_proposal/class/supplier_proposal.class.php'; $langs->load("supplier_proposal"); $langs->load("companies"); // Security check $socid = GETPOST('socid', 'int'); if (isset($user->societe_id) && $user->societe_id > 0) { $action = ''; $socid = $user->societe_id; } $result = restrictedArea($user, 'supplier_proposal'); /* * View */ $now = dol_now(); $supplier_proposalstatic = new SupplierProposal($db); $companystatic = new Societe($db); $form = new Form($db); $formfile = new FormFile($db); $help_url = "EN:Module_Ask_Price_Supplier|FR:Module_Demande_de_prix_fournisseur"; llxHeader("", $langs->trans("SupplierProposalArea"), $help_url); print load_fiche_titre($langs->trans("SupplierProposalArea")); print '<div class="fichecenter"><div class="fichethirdleft">'; /* * Search form */
$object = new Societe($db); $extrafields = new ExtraFields($db); // Get object canvas (By default, this is not defined, so standard usage of dolibarr) $object->getCanvas($socid); $canvas = $object->canvas?$object->canvas:GETPOST("canvas"); if (! empty($canvas)) { require_once(DOL_DOCUMENT_ROOT."/core/class/canvas.class.php"); $objcanvas = new Canvas($db, $action); $objcanvas->getCanvas('thirdparty', 'card', $canvas); } // Security check $result = restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', $objcanvas); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'); $hookmanager=new HookManager($db); $hookmanager->initHooks(array('thirdpartycard')); /* * Actions */ $parameters=array('id'=>$socid, 'objcanvas'=>$objcanvas); $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks $error=$hookmanager->error; $errors=array_merge($errors, (array) $hookmanager->errors);
/** * \file htdocs/don/info.php * \ingroup donations * \brief Page to show a donation information */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/donation.lib.php'; require_once DOL_DOCUMENT_ROOT . '/core/lib/functions2.lib.php'; require_once DOL_DOCUMENT_ROOT . '/don/class/don.class.php'; $langs->load("donations"); // Security check $id = GETPOST('id', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'don', $id, ''); /* * View */ llxHeader(); if ($id) { $object = new Don($db); $object->fetch($id); $object->info($id); $head = donation_prepare_head($object); dol_fiche_head($head, 'info', $langs->trans("Donation"), 0, 'generic'); print '<table width="100%"><tr><td>'; dol_print_object_info($object); print '</td></tr></table>'; print '</div>'; }
*/ /** * \file htdocs/fourn/commande/index.php * \ingroup commande fournisseur * \brief Home page of supplier's orders area */ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.commande.class.php'; require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; // Security check $orderid = GETPOST('orderid'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'fournisseur', $orderid, '', 'commande'); $langs->load("suppliers"); $langs->load("orders"); /* * View */ llxHeader('', $langs->trans("SuppliersOrdersArea")); $commandestatic = new CommandeFournisseur($db); $userstatic = new User($db); $formfile = new FormFile($db); print load_fiche_titre($langs->trans("SuppliersOrdersArea")); print '<table class="notopnoleftnoright" width="100%">'; print '<tr valign="top"><td class="notopnoleft" width="30%">'; /* * Search form */
require_once(DOL_DOCUMENT_ROOT."/core/class/html.formfile.class.php"); require_once(DOL_DOCUMENT_ROOT."/lib/sendings.lib.php"); if ($conf->product->enabled || $conf->service->enabled) require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php"); if ($conf->expedition_bon->enabled) require_once(DOL_DOCUMENT_ROOT."/expedition/class/expedition.class.php"); if ($conf->stock->enabled) require_once(DOL_DOCUMENT_ROOT."/product/stock/class/entrepot.class.php"); if (!$user->rights->expedition->livraison->lire) accessforbidden(); $langs->load("sendings"); $langs->load("bills"); $langs->load('deliveries'); // Security check $id = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; $result=restrictedArea($user,'expedition',$id,'livraison','livraison'); /* * Actions */ if ($_POST["action"] == 'add') { $db->begin(); // Creation de l'objet livraison $delivery = new Livraison($db); $delivery->date_livraison = time();
$original_file = isset($_REQUEST["file"]) ? urldecode($_REQUEST["file"]) : ''; $backtourl = GETPOST('backtourl'); $cancel = GETPOST("cancel"); // Security check if (empty($modulepart)) { accessforbidden('Bad value for modulepart'); } $accessallowed = 0; if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'service' || $modulepart == 'produit|service') { $result = restrictedArea($user, 'produit|service', $id, 'product&product'); if ($modulepart == 'produit|service' && (!$user->rights->produit->lire && !$user->rights->service->lire)) { accessforbidden(); } $accessallowed = 1; } elseif ($modulepart == 'holiday') { $result = restrictedArea($user, 'holiday', $id, 'holiday'); if ($modulepart == 'holiday' && !$user->rights->holiday->read) { accessforbidden(); } $accessallowed = 1; } // Security: // Limit access if permissions are wrong if (!$accessallowed) { accessforbidden(); } // Define dir according to modulepart if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'service' || $modulepart == 'produit|service') { require_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php'; $object = new Product($db); if ($id > 0) {
* \file htdocs/compta/prelevement/bons.php * \ingroup prelevement * \brief Page liste des bons de prelevements */ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT . '/compta/prelevement/class/bonprelevement.class.php'; require_once DOL_DOCUMENT_ROOT . '/compta/bank/class/account.class.php'; $langs->load("banks"); $langs->load("categories"); $langs->load("widthdrawals"); // Security check $socid = GETPOST('socid', 'int'); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'prelevement', '', '', 'bons'); // Get supervariables $page = GETPOST('page', 'int'); $sortorder = GETPOST('sortorder', 'alpha') == "" ? "DESC" : GETPOST('sortorder', 'alpha'); $sortfield = GETPOST('sortfield', 'alpha') == "" ? "p.datec" : GETPOST('sortfield', 'alpha'); $statut = GETPOST('statut', 'int'); $search_line = GETPOST('search_ligne', 'int'); llxHeader('', $langs->trans("WithdrawalsReceipts")); $bon = new BonPrelevement($db, ""); if ($page == -1) { $page = 0; } $offset = $conf->liste_limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; /*
require_once DOL_DOCUMENT_ROOT . '/core/lib/treeview.lib.php'; require_once DOL_DOCUMENT_ROOT . '/ecm/class/ecmdirectory.class.php'; // Load traductions files $langs->load("ecm"); $langs->load("companies"); $langs->load("other"); $langs->load("users"); $langs->load("orders"); $langs->load("propal"); $langs->load("bills"); $langs->load("contracts"); // Security check if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'ecm', 0); // Get parameters $socid = GETPOST('socid', 'int'); $action = GETPOST("action"); $section = GETPOST("section") ? GETPOST("section", "int") : GETPOST("section_id", "int"); $module = GETPOST("module"); if (!$section) { $section = 0; } $section_dir = GETPOST('section_dir'); $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $page = GETPOST("page", 'int'); if ($page == -1) { $page = 0; }
$action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); $mesg = ''; if (isset($_SESSION['DolMessage'])) { $mesg = $_SESSION['DolMessage']; unset($_SESSION['DolMessage']); } // Security check if ($user->societe_id) { $action = ''; $socid = $user->societe_id; } if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype); // Get parameters $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $page = GETPOST("page", 'int'); if ($page == -1) { $page = 0; } $offset = $conf->liste_limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; if (!$sortorder) { $sortorder = "ASC"; } if (!$sortfield) { $sortfield = "name";
$page = 0; } $limit = $conf->liste_limit; $offset = $limit * $page; if (!$sortorder) { $sortorder = "ASC"; } if (!$sortfield) { $sortfield = "a.datec"; } // Security check $socid = GETPOST("socid", "int"); if ($user->societe_id) { $socid = $user->societe_id; } $result = restrictedArea($user, 'agenda', 0, '', 'myactions'); if ($socid < 0) { $socid = ''; } $canedit = 1; if (!$user->rights->agenda->myactions->read) { accessforbidden(); } if (!$user->rights->agenda->allactions->read) { $canedit = 0; } if (!$user->rights->agenda->allactions->read || $filter == 'mine') { $filtert = $user->id; } //$action=GETPOST('action','alpha'); $action = 'show_peruser';