* - cred card for the debit only if j is set * - deb card for the debit only if j is set * - filter card for debit and credit only if j OR type is set * - list of fd_id * */ $jrn = !isset($_REQUEST['j']) ? -1 : $_REQUEST['j']; $filter_card = ""; $cn = new Database(dossier::id()); $d = $_REQUEST['e']; $filter_card = ''; require_once 'class_user.php'; global $g_user; $g_user = new User($cn); $g_user->check(); $g_user->check_dossier(dossier::id()); set_language(); if ($d == 'all') { $filter_card = ''; } else { if (strpos($d, 'sql]') == true) { $filter_card = str_replace('[sql]', " and ", $d); } else { $filter_card = "and fd_id in ({$d})"; } } if ($jrn != -1) { switch ($d) { case 'cred': $filter_jrn = $cn->make_list("select jrn_def_fiche_cred from jrn_def where jrn_def_id=\$1", array($jrn)); $filter_card = $filter_jrn != "" ? " and fd_id in ({$filter_jrn})" : ' and false ';
*/ require_once '../include/constant.php'; require_once NOALYSS_INCLUDE . '/class_dossier.php'; include_once NOALYSS_INCLUDE . '/ac_common.php'; require_once NOALYSS_INCLUDE . '/class_acc_ledger.php'; html_page_start($_SESSION['g_theme']); load_all_script(); $gDossier = dossier::id(); require_once NOALYSS_INCLUDE . '/class_database.php'; /* Admin. Dossier */ $cn = new Database($gDossier); include_once NOALYSS_INCLUDE . '/class_user.php'; global $g_user; $g_user = new User($cn); $g_user->Check(); $act = $g_user->check_dossier($gDossier); // AC CODE = SEARCH if ($act == 'P') { redirect("extension.php?" . dossier::get(), 0); exit; } if ($act == 'X') { alert(_('Accès interdit')); exit; } // display a search box $ledger = new Acc_Ledger($cn, 0); $ledger->type = 'ALL'; $search_box = $ledger->search_form('ALL', 1); echo '<div class="content">'; echo '<form method="GET">';
* for delete * - gDossier * - i id */ define('ALLOWED', 1); require_once '../include/constant.php'; require_once NOALYSS_INCLUDE . '/class_dossier.php'; require_once NOALYSS_INCLUDE . '/class_todo_list.php'; require_once NOALYSS_INCLUDE . '/class_database.php'; require_once NOALYSS_INCLUDE . '/class_user.php'; mb_internal_encoding("UTF-8"); $cn = Dossier::connect(); global $g_user; $g_user = new User($cn); $g_user->check(true); $g_user->check_dossier(Dossier::id(), true); set_language(); ajax_disconnected('add_todo_list'); //////////////////////////////////////////////////////////////////////////////// // Display the note //////////////////////////////////////////////////////////////////////////////// if (isset($_REQUEST['show'])) { $cn = new Database(dossier::id()); $todo = new Todo_list($cn); $todo->set_parameter('id', $_REQUEST['id']); $todo->load(); $content = $todo->display(); header('Content-type: text/xml; charset=UTF-8'); $dom = new DOMDocument('1.0', 'UTF-8'); $tl_id = $dom->createElement('tl_id', $todo->get_parameter('id')); $tl_content = $dom->createElement('tl_content', $content);
require_once NOALYSS_INCLUDE . '/class_dossier.php'; require_once NOALYSS_INCLUDE . '/ac_common.php'; require_once NOALYSS_INCLUDE . '/constant.php'; require_once NOALYSS_INCLUDE . '/function_javascript.php'; require_once NOALYSS_INCLUDE . '/class_extension.php'; require_once NOALYSS_INCLUDE . '/class_html_input.php'; require_once NOALYSS_INCLUDE . '/class_iselect.php'; require_once NOALYSS_INCLUDE . '/constant.security.php'; require_once NOALYSS_INCLUDE . '/class_user.php'; echo '<div class="topmenu">'; @html_page_start($_SESSION['g_theme']); $cn = new Database(dossier::id()); global $g_user; $g_user = new User($cn); $g_user->check(); $only_plugin = $g_user->check_dossier(dossier::id()); /* javascript file */ echo load_all_script(); /* show all the extension we can access */ $a = new ISelect('plugin_code'); $a->value = Extension::make_array($cn); $a->selected = isset($_REQUEST['plugin_code']) ? strtoupper($_REQUEST['plugin_code']) : ''; /* no plugin available */ if (count($a->value) == 0) { alert(j(_("Aucune extension disponible"))); exit; } /* only one plugin available then we don't propose a choice*/ if (count($a->value) == 1) { $_REQUEST['plugin_code'] = $a->value[0]['value']; }
$_SESSION['g_lang'] = $lang; $User->load(); $User->save_email($p_email); } echo '<div class="welcome"> '; /** * * If the user is NOT admin and can access only ONE folder, * so it will be directly redirected to this folder or to the plugins of this * folder if he's an "plugin user" */ if ($User->admin == 0) { // how many folder ? $folder = $User->get_available_folder(); if ($folder != null && count($folder) == 1) { if ($User->check_dossier($folder[0]['dos_id']) == 'P') { redirect('extension.php?gDossier=' . $folder[0]['dos_id']); exit; } else { redirect('do.php?gDossier=' . $folder[0]['dos_id']); exit; } } } $result = ""; $result .= "<table border=\"0\">"; $result .= '<TR>'; if ($User->Admin() == 1) { $result .= "<TD class=\"tool\" ><A class=\"cell\" HREF=\"admin_repo.php\"> Administration </A></TD>"; } $result .= '<TD class="tool">';
* * NOALYSS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with NOALYSS; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ require_once '../include/constant.php'; require_once NOALYSS_INCLUDE . '/class_database.php'; require_once NOALYSS_INCLUDE . '/class_user.php'; $cn = new Database($_GET['gDossier']); global $g_user; $g_user = new User($cn); $g_user->Check(); $g_user->check_dossier($_GET['gDossier']); $res = $cn->exec_sql("select distinct code,description from get_profile_menu(\$1) where code ~* \$2 or description ~* \$3 order by code limit 5 ", array($g_user->get_profile(), $_POST['acs'], $_POST['acs'])); $nb = Database::num_row($res); echo "<ul>"; for ($i = 0; $i < $nb; $i++) { $row = Database::fetch_array($res, $i); echo "<li>"; echo $row['code']; echo '<span class="informal"> ' . $row['description'] . '</span></li>'; } echo "</ul>"; if ($nb == 0) { echo _('Aucune correspondance'); }
/** * @brief this function will create a sql stmt to use to create the list for * the ledger, * @param$p_array is usually the $_GET, * @param$p_order the order of the row * @param$p_where is the sql condition if not null then the $p_array will not be used * \note the p_action will be used to filter the ledger but gl means ALL * struct array $p_array \verbatim ( [gDossier] => 13 [p_jrn] => -1 [date_start] => [date_end] => [amount_min] => 0 [amount_max] => 0 [desc] => [search] => Rechercher [p_action] => ven [sa] => l ) \endverbatim * \return an array with a valid sql statement, an the where clause => array[sql] array[where] * \see list_operation * \see display_search_form * \see search_form */ public function build_search_sql($p_array, $p_order = "", $p_where = "") { $sql = "select jr_id\t,\n jr_montant,\n substr(jr_comment,1,60) as jr_comment,\n to_char(jr_ech,'DD.MM.YY') as str_jr_ech,\n to_char(jr_date,'DD.MM.YY') as str_jr_date,\n jr_date as jr_date_order,\n jr_grpt_id,\n jr_rapt,\n jr_internal,\n jrn_def_id,\n jrn_def_name,\n jrn_def_ech,\n jrn_def_type,\n jr_valid,\n jr_tech_per,\n jr_pj_name,\n p_closed,\n jr_pj_number,\n n_text,\n\t case\n\t when jrn_def_type='VEN' then\n\t\t (select ad_value from fiche_detail where ad_id=1\n\t\t and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as name,\n\t case\n\t when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as first_name,\n\t case\n\t when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as quick_code,\n\t case\n\t when jrn_def_type='VEN' then\n\t\t (select sum(qs_price)+sum(vat) from\n\t\t\t\t(select qs_internal,qs_price,case when qs_vat_sided<>0 then 0 else qs_vat end as vat from quant_sold where qs_internal=X.jr_internal) as ven_invoice\n\t\t\t )\n\t when jrn_def_type = 'ACH' then\n\t\t\t(\n\t\t\t\tselect sum(qp_price)+sum(vat)+sum(qp_nd_tva)+sum(qp_nd_tva_recup)\n\t\t\t\tfrom\n\t\t\t\t (select qp_internal,qp_price,qp_nd_tva,qp_nd_tva_recup,qp_vat-qp_vat_sided as vat from quant_purchase where qp_internal=X.jr_internal) as invoice_purchase\n\t\t\t)\n\t\telse null\n\t\tend as total_invoice,\n jr_date_paid,\n to_char(jr_date_paid,'DD.MM.YY') as str_jr_date_paid\n from\n jrn as X left join jrn_note using(jr_id)\n join jrn_def on jrn_def_id=jr_def_id\n join parm_periode on p_id=jr_tech_per"; if (!empty($p_array)) { extract($p_array); } if (isset($op)) { $r_jrn = isset(${$op . "r_jrn"}) ? ${$op . "r_jrn"} : -1; } else { $r_jrn = isset($r_jrn) ? $r_jrn : -1; } /* if no variable are set then give them a default * value */ if ($p_array == null || empty($p_array) || !isset($amount_min)) { $amount_min = 0; $amount_max = 0; $desc = ''; $qcode = isset($qcode) ? $qcode : ""; if (isset($qcodesearch_op)) { $qcode = $qcodesearch_op; } $accounting = isset($accounting) ? $accounting : ""; $periode = new Periode($this->db); $g_user = new User($this->db); $p_id = $g_user->get_periode(); if ($p_id != null) { list($date_start, $date_end) = $periode->get_date_limit($p_id); } } /* if p_jrn : 0 if means all ledgers, if -1 means all ledger of this * type otherwise only one ledger */ $fil_ledger = ''; $fil_amount = ''; $fil_date = ''; $fil_desc = ''; $fil_sec = ''; $fil_qcode = ''; $fil_account = ''; $fil_paid = ''; $fil_date_paid = ''; $and = ''; $g_user = new User($this->db); $p_action = $ledger_type; if ($p_action == '') { $p_action = 'ALL'; } if ($r_jrn == -1) { /* from compta.php the p_action is quick_writing instead of ODS */ if ($p_action == 'quick_writing') { $p_action = 'ODS'; } $fil_ledger = $g_user->get_ledger_sql($p_action, 3); $and = ' and '; } else { if ($p_action == 'quick_writing') { $p_action = 'ODS'; } $aLedger = $g_user->get_ledger($p_action, 3); $fil_ledger = ''; $sp = ''; for ($i = 0; $i < count($r_jrn); $i++) { if (isset($r_jrn[$i])) { $a = $r_jrn[$i]; $fil_ledger .= $sp . $a; $sp = ','; } } $fil_ledger = ' jrn_def_id in (' . $fil_ledger . ')'; $and = ' and '; /* no ledger selected */ if ($sp == '') { $fil_ledger = ''; $and = ''; } } /* format the number */ $amount_min = abs(toNumber($amount_min)); $amount_max = abs(toNumber($amount_max)); if ($amount_min > 0 && isNumber($amount_min)) { $fil_amount = $and . ' jr_montant >=' . $amount_min; $and = ' and '; } if ($amount_max > 0 && isNumber($amount_max)) { $fil_amount .= $and . ' jr_montant <=' . $amount_max; $and = ' and '; } /* -------------------------------------------------------------------------- * * if both amount are the same then we need to search into the detail * and we reset the fil_amount * -------------------------------------------------------------------------- */ if (isNumber($amount_min) && isNumber($amount_max) && $amount_min > 0 && bccomp($amount_min, $amount_max, 2) == 0) { $fil_amount = $and . ' ( '; // Look in detail $fil_amount .= 'jr_grpt_id in ( select distinct j_grpt from jrnx where j_montant = ' . $amount_min . ') '; //and the total operation $fil_amount .= ' or '; $fil_amount .= ' jr_montant = ' . $amount_min; $fil_amount .= ')'; $and = " and "; } // date if (isset($date_start) && isDate($date_start) != null) { $fil_date = $and . " jr_date >= to_date('" . $date_start . "','DD.MM.YYYY')"; $and = " and "; } if (isset($date_end) && isDate($date_end) != null) { $fil_date .= $and . " jr_date <= to_date('" . $date_end . "','DD.MM.YYYY')"; $and = " and "; } // date paiement if (isset($date_paid_start) && isDate($date_paid_start) != null) { $fil_date_paid = $and . " jr_date_paid >= to_date('" . $date_paid_start . "','DD.MM.YYYY')"; $and = " and "; } if (isset($date_paid_end) && isDate($date_paid_end) != null) { $fil_date_paid .= $and . " jr_date_paid <= to_date('" . $date_paid_end . "','DD.MM.YYYY')"; $and = " and "; } // comment if (isset($desc) && $desc != null) { $desc = sql_string($desc); $fil_desc = $and . " ( upper(jr_comment) like upper('%" . $desc . "%') or upper(jr_pj_number) like upper('%" . $desc . "%') " . " or upper(jr_internal) like upper('%" . $desc . "%')\n or jr_grpt_id in (select j_grpt from jrnx where j_text ~* '" . $desc . "')\n or jr_id in (select jr_id from jrn_info where ji_value is not null and ji_value ~* '{$desc}')\n )"; $and = " and "; } // Poste if (isset($accounting) && $accounting != null) { $fil_account = $and . " jr_grpt_id in (select j_grpt\n from jrnx where j_poste::text like '" . sql_string($accounting) . "%' ) "; $and = " and "; } // Quick Code if (isset($qcodesearch_op)) { $qcode = $qcodesearch_op; } if (isset($qcode) && $qcode != null) { $fil_qcode = $and . " jr_grpt_id in ( select j_grpt from\n jrnx where trim(j_qcode) = upper(trim('" . sql_string($qcode) . "')))"; $and = " and "; } // Only the unpaid if (isset($unpaid)) { $fil_paid = $and . SQL_LIST_UNPAID_INVOICE; $and = " and "; } $g_user = new User(new Database()); $g_user->Check(); $g_user->check_dossier(dossier::id()); if ($g_user->admin == 0 && $g_user->is_local_admin() == 0) { $fil_sec = $and . " jr_def_id in ( select uj_jrn_id " . " from user_sec_jrn where " . " uj_login='******'g_user'] . "'" . " and uj_priv in ('R','W'))"; } $where = $fil_ledger . $fil_amount . $fil_date . $fil_desc . $fil_sec . $fil_amount . $fil_qcode . $fil_paid . $fil_account . $fil_date_paid; $sql .= " where " . $where; return array($sql, $where); }
require_once NOALYSS_INCLUDE . '/class_periode.php'; require_once NOALYSS_INCLUDE . '/class_html_input.php'; require_once NOALYSS_INCLUDE . '/class_acc_account.php'; require_once NOALYSS_INCLUDE . '/class_exercice.php'; $div = $_REQUEST['div']; mb_internal_encoding("UTF-8"); /** *if $_SESSION['g_user'] is not set : echo a warning */ ajax_disconnected($div); global $g_user, $cn; $cn = new Database(dossier::id()); $g_user = new User($cn); set_language(); /* security */ if ($g_user->check_dossier(dossier::id(), true) == 'X') { exit; } $from_div = isset($_REQUEST['ajax']) ? 1 : $_GET['l']; if (LOGINPUT) { $file_loginput = fopen($_ENV['TMP'] . '/scenario-' . $_SERVER['REQUEST_TIME'] . '.php', 'a+'); fwrite($file_loginput, "<?php \n"); fwrite($file_loginput, "//@description:\n"); fwrite($file_loginput, '$_GET=' . var_export($_GET, true)); fwrite($file_loginput, ";\n"); fwrite($file_loginput, '$_POST=' . var_export($_POST, true)); fwrite($file_loginput, ";\n"); fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;'); fwrite($file_loginput, "\n"); fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;'); fwrite($file_loginput, "\n");
} extract($_REQUEST); ajax_disconnected($ctl); if ($cont != 0) { exit; } set_language(); /* *echo a warning if disconnected */ ajax_disconnected($_REQUEST['ctl']); $cn = new Database($gDossier); global $g_user; $g_user = new User($cn); $g_user->check(true); $g_user->check_dossier($gDossier, true); $html = var_export($_REQUEST, true); if (LOGINPUT) { $file_loginput = fopen($_ENV['TMP'] . '/scenario-' . $_SERVER['REQUEST_TIME'] . '.php', 'a+'); fwrite($file_loginput, "<?php \n"); fwrite($file_loginput, '//@description:' . $op . "\n"); fwrite($file_loginput, '$_GET=' . var_export($_GET, true)); fwrite($file_loginput, ";\n"); fwrite($file_loginput, '$_POST=' . var_export($_POST, true)); fwrite($file_loginput, ";\n"); fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;'); fwrite($file_loginput, "\n"); fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;'); fwrite($file_loginput, "\n"); fwrite($file_loginput, ' $_REQUEST=array_merge($_GET,$_POST);'); fwrite($file_loginput, "\n");