/**
 * Get produt or service
 *
 * @param	array		$authentication		Array of authentication information
 * @param	int			$id					Id of object
 * @param	string		$ref				Ref of object
 * @param	ref_ext		$ref_ext			Ref external of object
 * @return	mixed
 */
function getSkeleton($authentication, $id, $ref = '', $ref_ext = '')
{
    global $db, $conf, $langs;
    dol_syslog("Function: getSkeleton login="******" id=" . $id . " ref=" . $ref . " ref_ext=" . $ref_ext);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    // Init and check authentication
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    // Check parameters
    if (!$error && ($id && $ref || $id && $ref_ext || $ref && $ref_ext)) {
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter id, ref and ref_ext can't be both provided. You must choose one or other but not both.";
    }
    if (!$error) {
        $fuser->getrights();
        if ($fuser->rights->skeleton->read) {
            $skeleton = new Skeleton($db);
            $result = $skeleton->fetch($id, $ref, $ref_ext);
            if ($result > 0) {
                // Create
                $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'skeleton' => array('prop1' => $skeleton->prop1, 'prop2' => $skeleton->prop2));
            } else {
                $error++;
                $errorcode = 'NOT_FOUND';
                $errorlabel = 'Object not found for id=' . $id . ' nor ref=' . $ref . ' nor ref_ext=' . $ref_ext;
            }
        } else {
            $error++;
            $errorcode = 'PERMISSION_DENIED';
            $errorlabel = 'User does not have permission for this request';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
 function FieldToEntityTable($entity_table_name = '', $fields = array(), $user_netID = '')
 {
     // set master admin site id
     $this->ma_site_id = id_of('master_admin');
     $this->field_id = id_of('field');
     $this->field_to_entity_table_rel_id = relationship_id_of('field_to_entity_table');
     if (empty($user_netID)) {
         $user_netID = check_authentication();
     }
     $this->user_id = get_user_id($user_netID);
     if (empty($this->user_id)) {
         trigger_error('The FieldToEntityTable Class cannot get a user_id for user ' . $user_netID, HIGH);
     }
     if (!empty($entity_table_name)) {
         $this->set_entity_table($entity_table_name);
     }
     foreach ($fields as $k => $v) {
         $this->add_field($k, $v);
     }
 }
Пример #3
0
/**
 * Get list of products for a category
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$id					Category id
 * @param	$lang		$lang				Force lang
 * @return	array							Array result
 */
function getProductsForCategory($authentication, $id, $lang = '')
{
    global $db, $conf, $langs;
    $langcode = $lang ? $lang : (empty($conf->global->MAIN_LANG_DEFAULT) ? 'auto' : $conf->global->MAIN_LANG_DEFAULT);
    $langs->setDefaultLang($langcode);
    dol_syslog("Function: getProductsForCategory login="******" id=" . $id);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    if (!$error && !$id) {
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter id must be provided.";
    }
    if (!$error) {
        $langcode = $lang ? $lang : (empty($conf->global->MAIN_LANG_DEFAULT) ? 'auto' : $conf->global->MAIN_LANG_DEFAULT);
        $langs->setDefaultLang($langcode);
        $fuser->getrights();
        if ($fuser->rights->produit->lire) {
            $categorie = new Categorie($db);
            $result = $categorie->fetch($id);
            if ($result > 0) {
                $table = "product";
                $field = "product";
                $sql = "SELECT fk_" . $field . " FROM " . MAIN_DB_PREFIX . "categorie_" . $table;
                $sql .= " WHERE fk_categorie = " . $id;
                $sql .= " ORDER BY fk_" . $field . " ASC";
                dol_syslog("getProductsForCategory get id of product into category", LOG_DEBUG);
                $res = $db->query($sql);
                if ($res) {
                    while ($rec = $db->fetch_array($res)) {
                        $obj = new Product($db);
                        $obj->fetch($rec['fk_' . $field]);
                        $iProduct = 0;
                        if ($obj->status > 0) {
                            $dir = !empty($conf->product->dir_output) ? $conf->product->dir_output : $conf->service->dir_output;
                            $pdir = get_exdir($obj->id, 2) . $obj->id . "/photos/";
                            $dir = $dir . '/' . $pdir;
                            $products[] = array('id' => $obj->id, 'ref' => $obj->ref, 'ref_ext' => $obj->ref_ext, 'label' => !empty($obj->multilangs[$langs->defaultlang]["label"]) ? $obj->multilangs[$langs->defaultlang]["label"] : $obj->label, 'description' => !empty($obj->multilangs[$langs->defaultlang]["description"]) ? $obj->multilangs[$langs->defaultlang]["description"] : $obj->description, 'date_creation' => dol_print_date($obj->date_creation, 'dayhourrfc'), 'date_modification' => dol_print_date($obj->date_modification, 'dayhourrfc'), 'note' => !empty($obj->multilangs[$langs->defaultlang]["note"]) ? $obj->multilangs[$langs->defaultlang]["note"] : $obj->note, 'status_tosell' => $obj->status, 'status_tobuy' => $obj->status_buy, 'type' => $obj->type, 'barcode' => $obj->barcode, 'barcode_type' => $obj->barcode_type, 'country_id' => $obj->country_id > 0 ? $obj->country_id : '', 'country_code' => $obj->country_code, 'custom_code' => $obj->customcode, 'price_net' => $obj->price, 'price' => $obj->price_ttc, 'vat_rate' => $obj->tva_tx, 'price_base_type' => $obj->price_base_type, 'stock_real' => $obj->stock_reel, 'stock_alert' => $obj->seuil_stock_alerte, 'pmp' => $obj->pmp, 'import_key' => $obj->import_key, 'dir' => $pdir, 'images' => $obj->liste_photos($dir, $nbmax = 10));
                            //Retreive all extrafield for thirdsparty
                            // fetch optionals attributes and labels
                            $extrafields = new ExtraFields($db);
                            $extralabels = $extrafields->fetch_name_optionals_label('product', true);
                            //Get extrafield values
                            $product->fetch_optionals($obj->id, $extralabels);
                            foreach ($extrafields->attribute_label as $key => $label) {
                                $products[$iProduct] = array_merge($products[$iProduct], array('options_' . $key => $product->array_options['options_' . $key]));
                            }
                            $iProduct++;
                        }
                    }
                    // Retour
                    $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'products' => $products);
                } else {
                    $errorcode = 'NORECORDS_FOR_ASSOCIATION';
                    $errorlabel = 'No products associated' . $sql;
                    $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
                    dol_syslog("getProductsForCategory:: " . $c->error, LOG_DEBUG);
                }
            } else {
                $error++;
                $errorcode = 'NOT_FOUND';
                $errorlabel = 'Object not found for id=' . $id;
            }
        } else {
            $error++;
            $errorcode = 'PERMISSION_DENIED';
            $errorlabel = 'User does not have permission for this request';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
/**
 * Create ActionComm
 *
 * @param	array		$authentication		Array of authentication information
 * @param	ActionComm	$actioncomm		    $actioncomm
 * @return	array							Array result
 */
function updateActionComm($authentication, $actioncomm)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: updateActionComm login="******"Actioncomm id is mandatory.";
    }
    if (!$error) {
        $objectfound = false;
        $object = new ActionComm($db);
        $result = $object->fetch($actioncomm['id']);
        if (!empty($object->id)) {
            $objectfound = true;
            $object->datep = $actioncomm['datep'];
            $object->datef = $actioncomm['datef'];
            $object->type_code = $actioncomm['type_code'];
            $object->societe->id = $actioncomm['socid'];
            $object->fk_project = $actioncomm['projectid'];
            $object->note = $actioncomm['note'];
            $object->contact->id = $actioncomm['contactid'];
            $object->usertodo->id = $actioncomm['usertodo'];
            $object->userdone->id = $actioncomm['userdone'];
            $object->label = $actioncomm['label'];
            $object->percentage = $actioncomm['percentage'];
            $object->priority = $actioncomm['priority'];
            $object->fulldayevent = $actioncomm['fulldayevent'];
            $object->location = $actioncomm['location'];
            $object->fk_element = $actioncomm['fk_element'];
            $object->elementtype = $actioncomm['elementtype'];
            //Retreive all extrafield for actioncomm
            // fetch optionals attributes and labels
            $extrafields = new ExtraFields($db);
            $extralabels = $extrafields->fetch_name_optionals_label('actioncomm', true);
            foreach ($extrafields->attribute_label as $key => $label) {
                $key = 'options_' . $key;
                $object->array_options[$key] = $actioncomm[$key];
            }
            $db->begin();
            $result = $object->update($fuser);
            if ($result <= 0) {
                $error++;
            }
        }
        if (!$error && $objectfound) {
            $db->commit();
            $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'id' => $object->id);
        } elseif ($objectfound) {
            $db->rollback();
            $error++;
            $errorcode = 'KO';
            $errorlabel = $object->error;
        } else {
            $error++;
            $errorcode = 'NOT_FOUND';
            $errorlabel = 'Actioncomm id=' . $actioncomm['id'] . ' cannot be found';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #5
0
 /**
  * Check if session ID authenticated
  *
  * @static
  * @param _array $session
  * @param array $session['sessionid']
  * @return boolean 
  */
 public static function checkAuth($session)
 {
     return check_authentication($session['sessionid']);
 }
// create_created_by.php adds the created_by field to the entity table, and tries to intelligently determine
// an accurate initial value for all existant entities. this is accomplished by looking at each entities
// archive, and consulting the last_modified value of the oldest archived entity associated with a pending,
// deleted, or live entity.
//
// author nwhite
// 12-23-2006
// try to increase limits in case user chooses a really big chunk
set_time_limit(1800);
ini_set('max_execution_time', 1800);
ini_set('mysql_connect_timeout', 1200);
$output = '';
$field_exists = false;
$root_user_id = get_user_id('root');
force_secure_if_available();
$user_netID = check_authentication();
$reason_user_id = get_user_id($user_netID);
if (empty($reason_user_id)) {
    die('valid Reason user required');
}
if (!reason_user_has_privs($reason_user_id, 'upgrade')) {
    die('You must have upgrade privileges to run this script');
}
echo '<h2>Reason Entity Updater - add the created_by field</h2>';
if (!isset($_POST['verify'])) {
    echo '<p>This script creates a new field in the entity table (if needed) called created_by which holds the userid of the person
		 who first creates an entity. After creating the field, it attempts to populate the field for all existant entities by
		 considering the archive.</p>';
    echo '<p><strong>A mature reason instance without the created_by field may require this script to be run multiple times.</strong></p>';
    echo '<p>Considering bunches of 20000 entities at a time seems to be reliable. Higher numbers could result in problems with memory';
    echo ' use or script execution time. Adjust the number as you see fit. On a copy of Carleton\'s production database, it required';
Пример #7
0
/**
 * Get category infos and children
 *
 * @param	array		$authentication		Array of authentication information
 * @param	int			$id					Id of object
 * @return	mixed
 */
function getCategory($authentication, $id)
{
    global $db, $conf, $langs;
    dol_syslog("Function: getCategory login="******" id=" . $id);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    if (!$error && !$id) {
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter id must be provided.";
    }
    if (!$error) {
        $fuser->getrights();
        if ($fuser->rights->categorie->lire) {
            $categorie = new Categorie($db);
            $result = $categorie->fetch($id);
            if ($result > 0) {
                $dir = !empty($conf->categorie->dir_output) ? $conf->categorie->dir_output : $conf->service->dir_output;
                $pdir = get_exdir($categorie->id, 2, 0, 0, $categorie, 'category') . $categorie->id . "/photos/";
                $dir = $dir . '/' . $pdir;
                $cat = array('id' => $categorie->id, 'id_mere' => $categorie->id_mere, 'label' => $categorie->label, 'description' => $categorie->description, 'socid' => $categorie->socid, 'type' => $categorie->type, 'dir' => $pdir, 'photos' => $categorie->liste_photos($dir, $nbmax = 10));
                $cats = $categorie->get_filles();
                if (count($cats) > 0) {
                    foreach ($cats as $fille) {
                        $dir = !empty($conf->categorie->dir_output) ? $conf->categorie->dir_output : $conf->service->dir_output;
                        $pdir = get_exdir($fille->id, 2, 0, 0, $categorie, 'category') . $fille->id . "/photos/";
                        $dir = $dir . '/' . $pdir;
                        $cat['filles'][] = array('id' => $fille->id, 'id_mere' => $categorie->id_mere, 'label' => $fille->label, 'description' => $fille->description, 'socid' => $fille->socid, 'type' => $fille->type, 'dir' => $pdir, 'photos' => $fille->liste_photos($dir, $nbmax = 10));
                    }
                }
                // Create
                $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'categorie' => $cat);
            } else {
                $error++;
                $errorcode = 'NOT_FOUND';
                $errorlabel = 'Object not found for id=' . $id;
            }
        } else {
            $error++;
            $errorcode = 'PERMISSION_DENIED';
            $errorlabel = 'User does not have permission for this request';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #8
0
/**
 * Delete a thirdparty
 *
 * @param	array		$authentication		Array of authentication information
 * @param	string		$id		    		internal id
 * @param	string		$ref		    	internal reference
 * @param	string		$ref_ext	   		external reference
 * @return	array							Array result
 */
function deleteThirdParty($authentication, $id = '', $ref = '', $ref_ext = '')
{
    global $db, $conf, $langs;
    dol_syslog("Function: deleteThirdParty login="******" id=" . $id . " ref=" . $ref . " ref_ext=" . $ref_ext);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    // Init and check authentication
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    // Check parameters
    if (!$error && ($id && $ref || $id && $ref_ext || $ref && $ref_ext)) {
        dol_syslog("Function: deleteThirdParty checkparam");
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter id, ref and ref_ext can't be both provided. You must choose one or other but not both.";
    }
    dol_syslog("Function: deleteThirdParty 1");
    if (!$error) {
        $fuser->getrights();
        if ($fuser->rights->societe->lire && $fuser->rights->societe->supprimer) {
            $thirdparty = new Societe($db);
            $result = $thirdparty->fetch($id, $ref, $ref_ext);
            if ($result > 0) {
                $db->begin();
                $result = $thirdparty->delete($thirdparty->id, $fuser);
                if ($result > 0) {
                    $db->commit();
                    $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''));
                } else {
                    $db->rollback();
                    $error++;
                    $errorcode = 'KO';
                    $errorlabel = $thirdparty->error;
                    dol_syslog("Function: deleteThirdParty cant delete");
                }
            } else {
                $error++;
                $errorcode = 'NOT_FOUND';
                $errorlabel = 'Object not found for id=' . $id . ' nor ref=' . $ref . ' nor ref_ext=' . $ref_ext;
            }
        } else {
            $error++;
            $errorcode = 'PERMISSION_DENIED';
            $errorlabel = 'User does not have permission for this request';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
/**
 * Create Skeleton
 *
 * @param	array		$authentication		Array of authentication information
 * @param	Skeleton	$skeleton		    $skeleton
 * @return	array							Array result
 */
function createSkeleton($authentication, $skeleton)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: createSkeleton login=" . $authentication['login']);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    // Init and check authentication
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    // Check parameters
    if (!$error) {
        $newobject = new Skeleton($db);
        $newobject->prop1 = $skeleton->prop1;
        $newobject->prop2 = $skeleton->prop2;
        //...
        $db->begin();
        $result = $newobject->create($fuser);
        if ($result <= 0) {
            $error++;
        }
        if (!$error) {
            $db->commit();
            $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'id' => $newobject->id, 'ref' => $newobject->ref);
        } else {
            $db->rollback();
            $error++;
            $errorcode = 'KO';
            $errorlabel = $newobject->error;
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #10
0
 function init()
 {
     $user_netid = check_authentication();
     $this->user = new entity(get_user_id($user_netid));
 }
Пример #11
0
    global $MY_GLOBAL;
    $me = false;
    if (isset($_SESSION['me']) === false) {
        if (isset($MY_GLOBAL['username']) && isset($MY_GLOBAL['password'])) {
            $me = $MY_GLOBAL['db']->authenticate($MY_GLOBAL['username'], $MY_GLOBAL['password']);
            if ($me) {
                $_SESSION['me'] = $me;
            }
        }
    } else {
        $me = $_SESSION['me'];
    }
    return $me;
}
$MY_GLOBAL['db'] = new Database($MY_GLOBAL['DB_DSN'], $MY_GLOBAL['DB_USER'], $MY_GLOBAL['DB_PASS']);
$MY_GLOBAL['me'] = check_authentication();
if (isset($_GET['action'])) {
    header('Content-Type: application/json; charset=utf8');
    $obj = new stdClass();
    switch ($MY_GLOBAL['action']) {
        case 'create_user':
            try {
                $MY_GLOBAL['db']->addUser($MY_GLOBAL['username'], $MY_GLOBAL['password']);
                $obj->success = true;
            } catch (Exception $e) {
                $obj->success = false;
                $obj->error = $e->getMessage();
            }
            break;
        case 'login':
            $obj->success = $MY_GLOBAL['me'] !== false;
Пример #12
0
function getThirdParty($authentication,$id='',$ref='',$ref_ext='')
{
	global $db,$conf,$langs;

	dol_syslog("Function: getThirdParty login="******" id=".$id." ref=".$ref." ref_ext=".$ref_ext);

	if ($authentication['entity']) $conf->entity=$authentication['entity'];

    // Init and check authentication
    $objectresp=array();
    $errorcode='';$errorlabel='';
    $error=0;
    $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
    // Check parameters
	if (! $error && (($id && $ref) || ($id && $ref_ext) || ($ref && $ref_ext)))
	{
		$error++;
		$errorcode='BAD_PARAMETERS'; $errorlabel="Parameter id, ref and ref_ext can't be both provided. You must choose one or other but not both.";
	}

	if (! $error)
	{
		$fuser->getrights();

		if ($fuser->rights->societe->lire)
		{
			$thirdparty=new Societe($db);
			$result=$thirdparty->fetch($id,$ref,$ref_ext);
			if ($result > 0)
			{
			    // Create
			    $objectresp = array(
			    	'result'=>array('result_code'=>'OK', 'result_label'=>''),
			        'thirdparty'=>array(
				    	'id' => $thirdparty->id,
			   			'ref' => $thirdparty->name,
			   			'ref_ext' => $thirdparty->ref_ext,
			    		'fk_user_author' => $thirdparty->fk_user_author,
//			    		'date_creation' => $thirdparty->
//			    		'date_modification' => $thirdparty->
			            'address' => $thirdparty->address,
				        'zip' => $thirdparty->cp,
				        'town' => $thirdparty->ville,
				        'province_id' => $thirdparty->departement_id,
				        'country_id' => $thirdparty->pays_id,
				        'country_code' => $thirdparty->pays_code,
				        'country' => $thirdparty->country,
			            'phone' => $thirdparty->tel,
				        'fax' => $thirdparty->fax,
				        'email' => $thirdparty->email,
				        'url' => $thirdparty->url,
				        'profid1' => $thirdparty->siren,
				        'profid2' => $thirdparty->siret,
				        'profid3' => $thirdparty->ape,
				        'profid4' => $thirdparty->idprof4,
				        'prefix' => $thirdparty->prefix_comm,
				        'vat_used' => $thirdparty->tva_assuj,
				        'vat_number' => $thirdparty->tva_intra
			    ));
			}
			else
			{
				$error++;
				$errorcode='NOT_FOUND'; $errorlabel='Object not found for id='.$id.' nor ref='.$ref.' nor ref_ext='.$ref_ext;
			}
		}
		else
		{
			$error++;
			$errorcode='PERMISSION_DENIED'; $errorlabel='User does not have permission for this request';
		}
	}

	if ($error)
	{
		$objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
	}

	return $objectresp;
}
Пример #13
0
/**
 * Get list of invoices for third party
 */
function createInvoice($authentication,$invoice)
{
    global $db,$conf,$langs;

    $now=dol_now();

    dol_syslog("Function: createInvoiceForThirdParty login="******" idthirdparty=".$idthirdparty);

    if ($authentication['entity']) $conf->entity=$authentication['entity'];

    // Init and check authentication
    $objectresp=array();
    $errorcode='';$errorlabel='';
    $error=0;
    $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
    // Check parameters

    if (! $error)
    {
        $newinvoice=new Facture($db);
        $newinvoice->socid=$invoice['thirdparty_id'];
        $newinvoice->type=$invoice['type'];
        $newinvoice->ref_ext=$invoice['ref_ext'];
        $newinvoice->date=$invoice['date'];
        $newinvoice->date_lim_reglement=$invoice['date_due'];
        $newinvoice->note=$invoice['note'];
        $newinvoice->note_public=$invoice['note_public'];
        $newinvoice->statut=$invoice['status'];
        $newinvoice->fk_project=$invoice['project_id'];
        $newinvoice->date_creation=$now;
        foreach($invoice['lines'] as $line)
        {
            $newline=new FactureLigne($db);
            $newline->type=$line['type'];
            $newline->desc=$line['desc'];
            $newline->fk_product=$line['fk_product'];
            $newline->total_ht=$line['total_net'];
            $newline->total_vat=$line['total_vat'];
            $newline->total_ttc=$line['total'];
            $newline->vat=$line['vat_rate'];
            $newline->qty=$line['qty'];
            $newline->fk_product=$line['product_id'];
        }
        //var_dump($invoice['ref_ext']);
        //var_dump($invoice['lines'][0]['type']);

        $db->begin();

        $result=$newinvoice->create($user,0,0);
        if ($result < 0)
        {
            $error++;
        }

        if ($newinvoice->statut == 1)   // We want invoice validated
        {
            $newinvoice->validate($user);
        }

        $result=$newinvoice->create($user,0,0);
        if ($result < 0)
        {
            $error++;
        }


        if (! $error)
        {
            $db->commit();
            $objectresp=array('result'=>array('result_code'=>'OK', 'result_label'=>''),'id'=>$newinvoice->id,'ref'=>$newinvoice->ref);
        }
        else
        {
            $db->rollback();
            $error++;
            $errorcode='KO';
            $errorlabel=$newinvoice->error;
        }

    }

    if ($error)
    {
        $objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }

    return $objectresp;
}
Пример #14
0
/**
 * Get produt or service
 *
 * @param	array		$authentication		Array of authentication information
 * @param	int			$id					Id of object
 * @param	string		$ref				Ref of object
 * @param	ref_ext		$ref_ext			Ref external of object
 * @return	mixed
 */
function getUser($authentication,$id,$ref='',$ref_ext='')
{
    global $db,$conf,$langs;

    dol_syslog("Function: getUser login="******" id=".$id." ref=".$ref." ref_ext=".$ref_ext);

    if ($authentication['entity']) $conf->entity=$authentication['entity'];

    // Init and check authentication
    $objectresp=array();
    $errorcode='';$errorlabel='';
    $error=0;
    $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
    // Check parameters
    if (! $error && (($id && $ref) || ($id && $ref_ext) || ($ref && $ref_ext)))
    {
        $error++;
        $errorcode='BAD_PARAMETERS'; $errorlabel="Parameter id, ref and ref_ext can't be both provided. You must choose one or other but not both.";
    }

    if (! $error)
    {
        $fuser->getrights();

        if ($fuser->rights->user->user->lire)
        {
            $user=new User($db);
            $result=$user->fetch($id,$ref,$ref_ext);
            if ($result > 0)
            {
                // Create
                $objectresp = array(
			    	'result'=>array('result_code'=>'OK', 'result_label'=>''),
			        'user'=>array(
'id' => $user->id,
'lastname' => $user->lastname,
'firstname' => $user->firstname,
'note' => $user->note,
'email' => $user->email,
'signature' => $user->signature,
'office_phone' => $user->office_phone,
'office_fax' => $user->office_fax,
'user_mobile' => $user->user_mobile,
'admin' => $user->admin,
'login' => $user->login,
'entity' => $user->entity,
'pass_indatabase' => $user->pass_indatabase,
'pass_indatabase_crypted' => $user->pass_indatabase_crypted,
'datec' => dol_print_date($user->datec,'dayhourrfc'),
'datem' => dol_print_date($user->datem,'dayhourrfc'),
'societe_id' => $user->societe_id,
'fk_member' => $user->fk_member,
'webcal_login' => $user->webcal_login,
'phenix_login' => $user->phenix_login,
'phenix_pass' => $user->phenix_pass,
'phenix_pass_crypted' => $user->phenix_pass_crypted,
'datelastlogin' => dol_print_date($user->datelastlogin,'dayhourrfc'),
'datepreviouslogin' => dol_print_date($user->datepreviouslogin,'dayhourrfc'),
'statut' => $user->statut,
'photo' => $user->photo,
'lang' => $user->lang,
'entrepots' => $user->entrepots,
//'rights' => $user->rights,
'canvas' => $user->canvas
                    )
                );
            }
            else
            {
                $error++;
                $errorcode='NOT_FOUND'; $errorlabel='Object not found for id='.$id.' nor ref='.$ref.' nor ref_ext='.$ref_ext;
            }
        }
        else
        {
            $error++;
            $errorcode='PERMISSION_DENIED'; $errorlabel='User does not have permission for this request';
        }
    }

    if ($error)
    {
        $objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }

    return $objectresp;
}
Пример #15
0
function getVersions($authentication)
{
	global $db,$conf,$langs;

	dol_syslog("Function: getVersions login=".$authentication['login']);

	if ($authentication['entity']) $conf->entity=$authentication['entity'];

    // Init and check authentication
    $objectresp=array();
    $errorcode='';$errorlabel='';
    $error=0;
    $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
    // Check parameters


    if (! $error)
	{
		$objectresp['result']=array('result_code'=>'OK', 'result_label'=>'');
		$objectresp['dolibarr']=version_dolibarr();
		$objectresp['os']=version_os();
		$objectresp['php']=version_php();
		$objectresp['webserver']=version_webserver();
	}

	if ($error)
	{
		$objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
	}

	return $objectresp;
}
Пример #16
0
<?php

session_start();
include 'function.php';
require 'db_connection/db_connection.php';
include 'procedure.php';
$start_date = "";
$end_date = "";
if (!empty(check_authentication())) {
    header("Location:Log_in.php");
} else {
    /**************
    		##	decrypt session id
    		**************/
    $ID = decrypt($_SESSION['id'], $key);
    /**************
    		##	decrypt session token_Number
    		**************/
    $TK = decrypt($_SESSION['tk_number'], $key);
    /**************
    		##	this check_userAuthentication_query() function check a valid user
    		**************/
    list($rslt) = check_userAuthentication_query($ID);
    foreach ($rslt as $row) {
        if ($row['token'] != $TK || $row['user_id'] != $ID) {
            header("Location:Log_in.php");
        }
    }
}
require 'header/profile_header.html';
?>
/**
 * Create an invoice
 *
 * @param	array		$authentication		Array of authentication information
 * @param	Facture		$invoice			Invoice
 * @return	array							Array result
 */
function createInvoice($authentication, $invoice)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: createInvoiceForThirdParty login=" . $authentication['login']);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    // Init and check authentication
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    if (!$error) {
        $newobject = new Facture($db);
        $newobject->socid = $invoice['thirdparty_id'];
        $newobject->type = $invoice['type'];
        $newobject->ref_ext = $invoice['ref_ext'];
        $newobject->date = dol_stringtotime($invoice['date'], 'dayrfc');
        $newobject->note_private = $invoice['note_private'];
        $newobject->note_public = $invoice['note_public'];
        $newobject->statut = 0;
        // We start with status draft
        $newobject->fk_project = $invoice['project_id'];
        $newobject->date_creation = $now;
        // Trick because nusoap does not store data with same structure if there is one or several lines
        $arrayoflines = array();
        if (isset($invoice['lines']['line'][0])) {
            $arrayoflines = $invoice['lines']['line'];
        } else {
            $arrayoflines = $invoice['lines'];
        }
        foreach ($arrayoflines as $key => $line) {
            // $key can be 'line' or '0','1',...
            $newline = new FactureLigne($db);
            $newline->product_type = $line['type'];
            $newline->desc = $line['desc'];
            $newline->fk_product = $line['fk_product'];
            $newline->tva_tx = $line['vat_rate'];
            $newline->qty = $line['qty'];
            $newline->subprice = $line['unitprice'];
            $newline->total_ht = $line['total_net'];
            $newline->total_tva = $line['total_vat'];
            $newline->total_ttc = $line['total'];
            $newline->date_start = dol_stringtotime($line['date_start']);
            $newline->date_end = dol_stringtotime($line['date_end']);
            $newline->fk_product = $line['product_id'];
            $newobject->lines[] = $newline;
        }
        //var_dump($newobject->date_lim_reglement); exit;
        //var_dump($invoice['lines'][0]['type']);
        $db->begin();
        $result = $newobject->create($fuser, 0, dol_stringtotime($invoice['date_due'], 'dayrfc'));
        if ($result < 0) {
            $error++;
        }
        if ($invoice['status'] == 1) {
            $result = $newobject->validate($fuser);
            if ($result < 0) {
                $error++;
            }
        }
        if (!$error) {
            $db->commit();
            $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'id' => $newobject->id, 'ref' => $newobject->ref);
        } else {
            $db->rollback();
            $error++;
            $errorcode = 'KO';
            $errorlabel = $newobject->error;
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #18
0
/**
 * Update an order
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$order				Order info
 * @return	array							Array result
 */
function updateOrder($authentication, $order)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: updateOrder login="******"Order id or ref or ref_ext is mandatory.";
    }
    if (!$error) {
        $objectfound = false;
        include_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php';
        $object = new Commande($db);
        $result = $object->fetch($order['id'], empty($order['id']) ? $order['ref'] : '', empty($order['id']) && empty($order['ref']) ? $order['ref_ext'] : '');
        if (!empty($object->id)) {
            $objectfound = true;
            $db->begin();
            if (isset($order['status'])) {
                if ($order['status'] == -1) {
                    $result = $object->cancel($fuser);
                }
                if ($order['status'] == 1) {
                    $result = $object->valid($fuser);
                }
                if ($order['status'] == 0) {
                    $result = $object->set_reopen($fuser);
                }
                if ($order['status'] == 3) {
                    $result = $object->cloture($fuser);
                }
            }
            if (isset($order['billed'])) {
                if ($order['billed']) {
                    $result = $object->classifyBilled($fuser);
                }
                if (!$order['billed']) {
                    $result = $object->classifyBilled($fuser);
                }
            }
            //Retreive all extrafield for object
            // fetch optionals attributes and labels
            $extrafields = new ExtraFields($db);
            $extralabels = $extrafields->fetch_name_optionals_label('commande', true);
            foreach ($extrafields->attribute_label as $key => $label) {
                $key = 'options_' . $key;
                if (isset($order[$key])) {
                    $result = $object->setValueFrom($key, $order[$key], 'commande_extrafields');
                }
            }
            if ($result <= 0) {
                $error++;
            }
        }
        if (!$error && $objectfound) {
            $db->commit();
            $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'id' => $object->id);
        } elseif ($objectfound) {
            $db->rollback();
            $error++;
            $errorcode = 'KO';
            $errorlabel = $object->error;
        } else {
            $error++;
            $errorcode = 'NOT_FOUND';
            $errorlabel = 'Order id=' . $order['id'] . ' ref=' . $order['ref'] . ' ref_ext=' . $order['ref_ext'] . ' cannot be found';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #19
0
/**
 * Update a contact
 *
 * @param	array		$authentication		Array of authentication information
 * @param	Contact		$contact		    Contact
 * @return	array							Array result
 */
function updateContact($authentication, $contact)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: updateContact login="******"Contact id is mandatory.";
    }
    if (!$error) {
        $objectfound = false;
        include_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php';
        $object = new Contact($db);
        $result = $object->fetch($contact['id']);
        if (!empty($object->id)) {
            $objectfound = true;
            $object->firstname = $contact['firstname'];
            $object->lastname = $contact['lastname'];
            $object->address = $contact['address'];
            $object->zip = $contact['zip'];
            $object->town = $contact['town'];
            $object->country_id = $contact['country_id'];
            if ($contact['country_code']) {
                $object->country_id = getCountry($contact['country_code'], 3);
            }
            $object->province_id = $contact['province_id'];
            $object->phone_pro = $contact['phone_pro'];
            $object->phone_perso = $contact['phone_perso'];
            $object->phone_mobile = $contact['phone_mobile'];
            $object->fax = $contact['fax'];
            $object->email = $contact['email'];
            $object->civility_id = $contact['civility_id'];
            $object->poste = $contact['poste'];
            $object->statut = $contact['statut'];
            //Retreive all extrafield for contact
            // fetch optionals attributes and labels
            $extrafields = new ExtraFields($db);
            $extralabels = $extrafields->fetch_name_optionals_label('socpeople', true);
            foreach ($extrafields->attribute_label as $key => $label) {
                $key = 'options_' . $key;
                $object->array_options[$key] = $contact[$key];
            }
            $db->begin();
            $result = $object->update($contact['id'], $fuser);
            if ($result <= 0) {
                $error++;
            }
        }
        if (!$error && $objectfound) {
            $db->commit();
            $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'id' => $object->id);
        } elseif ($objectfound) {
            $db->rollback();
            $error++;
            $errorcode = 'KO';
            $errorlabel = $object->error;
        } else {
            $error++;
            $errorcode = 'NOT_FOUND';
            $errorlabel = 'Contact id=' . $contact['id'] . ' cannot be found';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #20
0
/**
 * Method to get a document by webservice
 *
 * @param 	array	$authentication		Array with permissions
 * @param 	string	$modulepart		 	Properties of document
 * @param	string	$file				Relative path
 * @param	string	$refname			Ref of object to check permission for external users (autodetect if not provided)
 * @return	void
 */
function getDocument($authentication, $modulepart, $file, $refname = '')
{
    global $db, $conf, $langs, $mysoc;
    dol_syslog("Function: getDocument login="******"/";
    //$relativepath = $relativefilepath . $ref.'.pdf';
    $accessallowed = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    if ($fuser->societe_id) {
        $socid = $fuser->societe_id;
    }
    // Check parameters
    if (!$error && (!$file || !$modulepart)) {
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter file and modulepart must be both provided.";
    }
    if (!$error) {
        $fuser->getrights();
        // Suppression de la chaine de caractere ../ dans $original_file
        $original_file = str_replace("../", "/", $original_file);
        // find the subdirectory name as the reference
        if (empty($refname)) {
            $refname = basename(dirname($original_file) . "/");
        }
        // Security check
        $check_access = dol_check_secure_access_document($modulepart, $original_file, $conf->entity, $fuser, $refname);
        $accessallowed = $check_access['accessallowed'];
        $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
        $original_file = $check_access['original_file'];
        // Basic protection (against external users only)
        if ($fuser->societe_id > 0) {
            if ($sqlprotectagainstexternals) {
                $resql = $db->query($sqlprotectagainstexternals);
                if ($resql) {
                    $num = $db->num_rows($resql);
                    $i = 0;
                    while ($i < $num) {
                        $obj = $db->fetch_object($resql);
                        if ($fuser->societe_id != $obj->fk_soc) {
                            $accessallowed = 0;
                            break;
                        }
                        $i++;
                    }
                }
            }
        }
        // Security:
        // Limite acces si droits non corrects
        if (!$accessallowed) {
            $errorcode = 'NOT_PERMITTED';
            $errorlabel = 'Access not allowed';
            $error++;
        }
        // Security:
        // On interdit les remontees de repertoire ainsi que les pipe dans
        // les noms de fichiers.
        if (preg_match('/\\.\\./', $original_file) || preg_match('/[<>|]/', $original_file)) {
            dol_syslog("Refused to deliver file " . $original_file);
            $errorcode = 'REFUSED';
            $errorlabel = '';
            $error++;
        }
        clearstatcache();
        if (!$error) {
            if (file_exists($original_file)) {
                dol_syslog("Function: getDocument {$original_file} {$filename} content-type={$type}");
                $file = $fileparams['fullname'];
                $filename = basename($file);
                $f = fopen($original_file, 'r');
                $content_file = fread($f, filesize($original_file));
                $objectret = array('filename' => basename($original_file), 'mimetype' => dol_mimetype($original_file), 'content' => base64_encode($content_file), 'length' => filesize($original_file));
                // Create return object
                $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'document' => $objectret);
            } else {
                dol_syslog("File doesn't exist " . $original_file);
                $errorcode = 'NOT_FOUND';
                $errorlabel = '';
                $error++;
            }
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #21
0
 * - All Deleted, Pending, and Archived entities
 *
 * @package reason
 * @subpackage scripts
 */
/**
 * This script may take a long time, so extend the time limit to infinity
 */
set_time_limit(0);
include_once 'reason_header.php';
reason_include_once('classes/entity_selector.php');
reason_include_once('function_libraries/admin_actions.php');
reason_include_once('function_libraries/user_functions.php');
// make sure user is authenticated, is a member of master admin, AND has the admin role.
force_secure_if_available();
$authenticated_user_netid = check_authentication();
auth_site_to_user(id_of('master_admin'), $authenticated_user_netid);
$user_id = get_user_id($authenticated_user_netid);
if (!reason_user_has_privs($user_id, 'minimize_db')) {
    die('you must have minimize_db privileges to view this page. NOTE: For security reasons, admin users DO NOT have minimize_db privileges. If you are an admin user, you must add minimize_db privs to the admin role in this Reason instance, or set up a minimize-db-specific role and assume it.');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Minimize the Reason DB - Step 2</title>
</head>
<style type="text/css">
h2,h3 {
	display:inline;
Пример #22
0
/**
 * getListOfProductsOrServices
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$filterproduct		Filter fields
 * @return	array							Array result
 */
function getListOfProductsOrServices($authentication,$filterproduct)
{
    global $db,$conf,$langs;

    $now=dol_now();

    dol_syslog("Function: getListOfProductsOrServices login="******"SELECT rowid, ref, ref_ext";
        $sql.=" FROM ".MAIN_DB_PREFIX."product";
        $sql.=" WHERE entity=".$conf->entity;
        foreach($filterproduct as $key => $val)
        {
        	if ($key == 'type' && $val >= 0)   	$sql.=" AND fk_product_type = ".$db->escape($val);
        	if ($key == 'tosell') 				$sql.=" AND to_sell = ".$db->escape($val);
        	if ($key == 'tobuy')  				$sql.=" AND to_buy = ".$db->escape($val);
        }
		$resql=$db->query($sql);
        if ($resql)
        {
         	$num=$db->num_rows($resql);

         	$i=0;
         	while ($i < $num)
         	{
         		$obj=$db->fetch_object($resql);
         		$arrayproducts[]=array('id'=>$obj->rowid,'ref'=>$obj->ref,'ref_ext'=>$obj->ref_ext);
         		$i++;
         	}
        }
        else
        {
            $error++;
            $errorcode=$db->lasterrno();
            $errorlabel=$db->lasterror();
        }
    }

    if ($error)
    {
        $objectresp = array(
			'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel),
        	'products'=>$arrayproducts
        );
    }
    else
    {
        $objectresp = array(
			'result'=>array('result_code' => 'OK', 'result_label' => ''),
        	'products'=>$arrayproducts
        );
    }

    return $objectresp;
}
Пример #23
0
/**
 * Get list of invoices for third party
 *
 * @param	array		$authentication		Array of authentication information
 * @param	int			$idthirdparty		Id thirdparty
 * @return	array							Array result
 *
 */
function getSupplierInvoicesForThirdParty($authentication,$idthirdparty)
{
	global $db,$conf,$langs;

	dol_syslog("Function: getSupplierInvoicesForThirdParty login="******" idthirdparty=".$idthirdparty);

	if ($authentication['entity']) $conf->entity=$authentication['entity'];

    // Init and check authentication
    $objectresp=array();
    $errorcode='';$errorlabel='';
    $error=0;
    $fuser=check_authentication($authentication,$error,$errorcode,$errorlabel);
    // Check parameters
	if (! $error && empty($idthirdparty))
	{
		$error++;
		$errorcode='BAD_PARAMETERS'; $errorlabel='Parameter id is not provided';
	}

	if (! $error)
	{
		$linesinvoice=array();

		$sql.='SELECT f.rowid as facid';
		$sql.=' FROM '.MAIN_DB_PREFIX.'facture_fourn as f';
		//$sql.=', '.MAIN_DB_PREFIX.'societe as s';
		//$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON pt.fk_product = p.rowid';
		//$sql.=" WHERE f.fk_soc = s.rowid AND nom = '".$db->escape($idthirdparty)."'";
		//$sql.=" WHERE f.fk_soc = s.rowid AND nom = '".$db->escape($idthirdparty)."'";
        $sql.=" WHERE f.entity = ".$conf->entity;
		if ($idthirdparty != 'all') $sql.=" AND f.fk_soc = ".$db->escape($idthirdparty);

		$resql=$db->query($sql);
		if ($resql)
		{
			$num=$db->num_rows($resql);
			$i=0;
			while ($i < $num)
			{
                // En attendant remplissage par boucle
			    $obj=$db->fetch_object($resql);

			    $invoice=new FactureFournisseur($db);
			    $invoice->fetch($obj->facid);

				// Define lines of invoice
				$linesresp=array();
				foreach($invoice->lines as $line)
				{
   				    $linesresp[]=array(
    					'id'=>$line->rowid,
    					'type'=>$line->product_type,
                        'desc'=>dol_htmlcleanlastbr($line->description),
    					'total_net'=>$line->total_ht,
    					'total_vat'=>$line->total_tva,
    					'total'=>$line->total_ttc,
                        'vat_rate'=>$line->tva_tx,
                        'qty'=>$line->qty,
   				        'product_ref'=>$line->product_ref,
                        'product_label'=>$line->product_label,
                        'product_desc'=>$line->product_desc,
   				    );
				}

				// Now define invoice
				$linesinvoice[]=array(
					'id'=>$invoice->id,
				    'ref'=>$invoice->ref,
				    'ref_supplier'=>$invoice->ref_supplier,
				    'ref_ext'=>$invoice->ref_ext,
                    'fk_user_author' => $invoice->fk_user_author,
                    'fk_user_valid' => $invoice->fk_user_valid,
                    'fk_thirdparty' => $invoice->fk_soc,
				    'type'=>$invoice->type,
                    'status'=>$invoice->statut,
				    'total_net'=>$invoice->total_ht,
					'total_vat'=>$invoice->total_tva,
					'total'=>$invoice->total_ttc,
                    'date_creation'=>dol_print_date($invoice->datec,'dayhourrfc'),
                    'date_modification'=>dol_print_date($invoice->tms,'dayhourrfc'),
                    'date_invoice'=>dol_print_date($invoice->date,'dayhourrfc'),
                    'date_term'=>dol_print_date($invoice->date_echeance,'dayhourrfc'),
                    'label'=>$invoice->libelle,
                    'paid'=>$invoice->paye,
                    'note'=>$invoice->note,
                    'note_public'=>$invoice->note_public,
                    'close_code'=>$invoice->close_code,
                    'close_note'=>$invoice->close_note,

				    'lines' => $linesresp
				);

				$i++;
			}

			$objectresp=array(
		    	'result'=>array('result_code'=>'OK', 'result_label'=>''),
		        'invoices'=>$linesinvoice

			);
		}
		else
		{
			$error++;
			$errorcode=$db->lasterrno(); $errorlabel=$db->lasterror();
		}
	}

	if ($error)
	{
		$objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
	}

	return $objectresp;
}
/**
 * Set password of an user
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$shortuser			Array of login/password info
 * @return	mixed
 */
function setUserPassword($authentication, $shortuser)
{
    global $db, $conf, $langs;
    dol_syslog("Function: setUserPassword login="******" id=" . $id . " ref=" . $ref . " ref_ext=" . $ref_ext);
    if ($authentication['entity']) {
        $conf->entity = $authentication['entity'];
    }
    $objectresp = array();
    $errorcode = '';
    $errorlabel = '';
    $error = 0;
    $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
    if ($fuser->societe_id) {
        $socid = $fuser->societe_id;
    }
    if (!$error && !$shortuser) {
        $error++;
        $errorcode = 'BAD_PARAMETERS';
        $errorlabel = "Parameter shortuser must be provided.";
    }
    if (!$error) {
        $fuser->getrights();
        if ($fuser->rights->user->user->password || $fuser->rights->user->self->password) {
            $userstat = new User($db);
            $res = $userstat->fetch('', $shortuser['login']);
            if ($res) {
                $res = $userstat->setPassword($userstat, $shortuser['password']);
                if ($res) {
                    $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'groups' => $arraygroups);
                } else {
                    $error++;
                    $errorcode = 'NOT_MODIFIED';
                    $errorlabel = 'Error when changing password';
                }
            } else {
                $error++;
                $errorcode = 'NOT_FOUND';
                $errorlabel = 'User not found';
            }
        } else {
            $error++;
            $errorcode = 'PERMISSION_DENIED';
            $errorlabel = 'User does not have permission for this request';
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel));
    }
    return $objectresp;
}
Пример #25
0
/**
 * getListOfThirdParties
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$filterthirdparty	Filter fields (key=>value to filer on. For example 'client'=>2, 'supplier'=>1, 'category'=>idcateg, 'name'=>'searchstring', ...)
 * @return	array							Array result
 */
function getListOfThirdParties($authentication, $filterthirdparty)
{
    global $db, $conf, $langs;
    $now = dol_now();
    dol_syslog("Function: getListOfThirdParties login="******"SELECT s.rowid as socRowid, s.nom as ref, s.ref_ext, s.address, s.zip, s.town, c.label as country, s.phone, s.fax, s.url, extra.*";
        $sql .= " FROM " . MAIN_DB_PREFIX . "societe as s";
        $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "c_country as c ON s.fk_pays = c.rowid";
        $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_extrafields as extra ON s.rowid=fk_object";
        $sql .= " WHERE entity=" . $conf->entity;
        foreach ($filterthirdparty as $key => $val) {
            if ($key == 'name' && $val != '') {
                $sql .= " AND s.name LIKE '%" . $db->escape($val) . "%'";
            }
            if ($key == 'client' && $val != '') {
                $sql .= " AND s.client = " . $db->escape($val);
            }
            if ($key == 'supplier' && $val != '') {
                $sql .= " AND s.fournisseur = " . $db->escape($val);
            }
            if ($key == 'category' && $val != '') {
                $sql .= " AND s.rowid IN (SELECT fk_societe FROM " . MAIN_DB_PREFIX . "categorie_societe WHERE fk_categorie=" . $db->escape($val) . ") ";
            }
        }
        dol_syslog("Function: getListOfThirdParties", LOG_DEBUG);
        $extrafields = new ExtraFields($db);
        $extralabels = $extrafields->fetch_name_optionals_label('societe', true);
        $resql = $db->query($sql);
        if ($resql) {
            $num = $db->num_rows($resql);
            $i = 0;
            while ($i < $num) {
                $extrafieldsOptions = array();
                $obj = $db->fetch_object($resql);
                foreach ($extrafields->attribute_label as $key => $label) {
                    $extrafieldsOptions['options_' . $key] = $obj->{$key};
                }
                $arraythirdparties[] = array('id' => $obj->socRowid, 'ref' => $obj->ref, 'ref_ext' => $obj->ref_ext, 'adress' => $obj->adress, 'zip' => $obj->zip, 'town' => $obj->town, 'country' => $obj->country, 'phone' => $obj->phone, 'fax' => $obj->fax, 'url' => $obj->url);
                $arraythirdparties[$i] = array_merge($arraythirdparties[$i], $extrafieldsOptions);
                $i++;
            }
        } else {
            $error++;
            $errorcode = $db->lasterrno();
            $errorlabel = $db->lasterror();
        }
    }
    if ($error) {
        $objectresp = array('result' => array('result_code' => $errorcode, 'result_label' => $errorlabel), 'thirdparties' => $arraythirdparties);
    } else {
        $objectresp = array('result' => array('result_code' => 'OK', 'result_label' => ''), 'thirdparties' => $arraythirdparties);
    }
    return $objectresp;
}
Пример #26
0
 function logoff()
 {
     $_SESSION['user'] = null;
     flash_notice('You have been logged out.');
     check_authentication();
 }
Пример #27
0
<html><head><title>Reason Stats</title>
<?php 
if (defined('UNIVERSAL_CSS_PATH') && UNIVERSAL_CSS_PATH != '') {
    echo '<link rel="stylesheet" type="text/css" href="' . UNIVERSAL_CSS_PATH . '" />' . "\n";
}
?>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="robots" content="none" />
</head>
<body>

<h3>Reason Stats</h3>
<?php 
reason_include_once('function_libraries/user_functions.php');
force_secure_if_available();
$current_user = check_authentication();
if (!reason_user_has_privs(get_user_id($current_user), 'view_sensitive_data')) {
    die('<p>You do not have permission to view Reason stats.</p><p>Only Reason users who have sensitive data viewing privileges may do that.</p></body></html>');
}
if (!THIS_IS_A_DEVELOPMENT_REASON_INSTANCE && (!isset($_REQUEST['run_anyway']) || $_REQUEST['run_anyway'] != 1)) {
    echo '<h4>Before we do this...</h4><p>This script is really intensive, and should really only be run on a development instance so that it doesn\'t disrupt a production instance of Reason.</p>';
    echo '<p>If your Reason database is large, you should import your database to a development instance of Reason and run the script there. If your instance of Reason ';
    echo 'is small, it is probably safe to ignore this warning.</p>';
    echo '<a href="?run_anyway=1">Run this script despite the warning.</a></p>';
    die;
}
connectDB(REASON_DB);
// counts of things
$single_res_queries = array(array('q' => 'SELECT MAX(id) AS max_id FROM entity', 'name' => 'Entity Auto Increment ID', 'var' => 'max_id'), array('q' => 'SELECT COUNT(*) AS count FROM entity', 'name' => 'Number of Entities', 'var' => 'count'), array('q' => 'SELECT MAX(id) AS max_id FROM relationship', 'name' => 'Relationship Auto Increment ID', 'var' => 'max_id'), array('q' => 'SELECT COUNT(*) AS count FROM relationship', 'name' => 'Number of Relationships', 'var' => 'count'));
$num = isset($_REQUEST['num']) ? $_REQUEST['num'] : 5;
reset($single_res_queries);
Пример #28
0
/**
 * getListOfThirdParties
 *
 * @param	array		$authentication		Array of authentication information
 * @param	array		$filterthirdparty	Filter fields
 * @return	array							Array result
 */
function getListOfThirdParties($authentication,$filterthirdparty)
{
    global $db,$conf,$langs;

    $now=dol_now();

    dol_syslog("Function: getListOfThirdParties login="******"SELECT rowid, nom as ref, ref_ext";
        $sql.=" FROM ".MAIN_DB_PREFIX."societe";
        $sql.=" WHERE entity=".$conf->entity;
        foreach($filterthirdparty as $key => $val)
        {
            if ($key == 'client'   && $val != '')  $sql.=" AND client = ".$db->escape($val);
            if ($key == 'supplier' && $val != '')  $sql.=" AND fournisseur = ".$db->escape($val);
        }
        $resql=$db->query($sql);
        if ($resql)
        {
            $num=$db->num_rows($resql);

            $i=0;
            while ($i < $num)
            {
                $obj=$db->fetch_object($resql);
                $arraythirdparties[]=array('id'=>$obj->rowid,'ref'=>$obj->ref,'ref_ext'=>$obj->ref_ext);
                $i++;
            }
        }
        else
        {
            $error++;
            $errorcode=$db->lasterrno();
            $errorlabel=$db->lasterror();
        }
    }

    if ($error)
    {
        $objectresp = array(
            'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel),
            'thirdparties'=>$arraythirdparties
        );
    }
    else
    {
        $objectresp = array(
            'result'=>array('result_code' => 'OK', 'result_label' => ''),
            'thirdparties'=>$arraythirdparties
        );
    }

    return $objectresp;
}
Пример #29
0
}
require PANTHER_ROOT . 'include/common_admin.php';
$action = isset($_GET['action']) ? $_GET['action'] : null;
$id = isset($_GET['id']) ? intval($_GET['id']) : '0';
$page = !isset($_GET['p']) || $_GET['p'] <= '1' ? '1' : intval($_GET['p']);
if (!$panther_user['is_admin']) {
    message($lang_common['No permission'], false, '403 Forbidden');
}
if ($panther_user['id'] != '2') {
    if (!is_null($admins[$panther_user['id']]['admin_moderate'])) {
        if ($admins[$panther_user['id']]['admin_moderate'] == '0') {
            message($lang_common['No permission'], false, '403 Forbidden');
        }
    }
}
check_authentication();
// Load the admin_moderate.php language file
require PANTHER_ROOT . 'lang/' . $admin_language . '/admin_moderate.php';
if (isset($_POST['form_sent'])) {
    confirm_referrer(PANTHER_ADMIN_DIR . '/moderate.php');
    if ($action == 'add') {
        $message = isset($_POST['message']) ? panther_trim($_POST['message']) : null;
        $title = isset($_POST['title']) ? panther_trim($_POST['title']) : null;
        $add_start = isset($_POST['add_start']) ? utf8_ltrim($_POST['add_start']) : null;
        $add_end = isset($_POST['add_end']) ? utf8_rtrim($_POST['add_end']) : null;
        $increment = isset($_POST['increment']) ? intval($_POST['increment']) : '0';
        $send_email = isset($_POST['send_email']) ? intval($_POST['send_email']) : '0';
        if (strlen($title) > 50) {
            message($lang_admin_moderate['title too long']);
        }
        if (strlen($add_start) > 50 || strlen($add_end) > 50) {
Пример #30
0
{
    return key(name_es($name));
}
function name_exists($name)
{
    return count(name_es($name)) != 0;
}
function create_type($site, $type, $user, $name, $array)
{
    $ret = reason_create_entity($site, $type, $user, $name, $array);
    id_of('type', false);
    //clear cache
    create_default_rels_for_new_type($ret, $array['unique_name']);
    return $ret;
}
$user = get_user_id(check_authentication());
if (empty($user)) {
    die('valid Reason user required');
}
if (!reason_user_has_privs($user, 'upgrade')) {
    die('You must have Reason upgrade rights');
}
$admin_site = id_of('master_admin');
if (empty($_GET['go'])) {
    echo '<a href="?go=go">Upgrade DB with the classified type</a>';
} else {
    echo 'Installing...<br/>';
    echo 'Checking for classified type... ';
    if (reason_unique_name_exists('classified_type')) {
        echo 'Classified type already exists. Proceeding.<br/>';
        $classified = id_of('classified_type');