// Security check $id = isset($_GET["id"])?$_GET["id"]:''; if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'commande_fournisseur', $id,''); /* * Actions */ if ($_POST["action"] == 'updatenote' && $user->rights->fournisseur->commande->creer) { $commande = new CommandeFournisseur($db); $commande->fetch($_GET["id"]); $result = $commande->UpdateNote($user, $_POST["note"], $_POST["note_public"]); if ($result >= 0) { Header("Location: note.php?id=".$_GET["id"]); exit; } } /* * View */ llxHeader('',$langs->trans("OrderCard"),"CommandeFournisseur"); $html = new Form($db);