From 1d4962cf812aafdaddb87b2f8d806cb6613c4d4a Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Wed, 5 Jun 2019 15:57:16 +0200 Subject: [PATCH] fix scrutinizer --- htdocs/projet/class/project.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index fc0a52e4f62d0..c9fc3e8e35ead 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -1738,7 +1738,7 @@ public function loadTimeSpent($datestart, $taskid = 0, $userid = 0) $sql.= " AND pt.fk_projet = ".$this->id; $sql.= " AND (ptt.task_date >= '".$this->db->idate($datestart)."' "; $sql.= " AND ptt.task_date <= '".$this->db->idate(dol_time_plus_duree($datestart, 1, 'w') - 1)."')"; - if ($task_id) $sql.= " AND ptt.fk_task=".$taskid; + if ($taskid) $sql.= " AND ptt.fk_task=".$taskid; if (is_numeric($userid)) $sql.= " AND ptt.fk_user=".$userid; //print $sql; @@ -1794,7 +1794,7 @@ public function load_board($user) // For external user, no check is done on company because readability is managed by public status of project and assignement. //$socid=$user->societe_id; - if (! $user->rights->projet->all->lire) $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1, $socid); + if (! $user->rights->projet->all->lire) $projectsListId = $this->getProjectsAuthorizedForUser($user, 0, 1); $sql = "SELECT p.rowid, p.fk_statut as status, p.fk_opp_status, p.datee as datee"; $sql.= " FROM (".MAIN_DB_PREFIX."projet as p"; @@ -1804,7 +1804,7 @@ public function load_board($user) //if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; $sql.= " WHERE p.fk_statut = 1"; $sql.= " AND p.entity IN (".getEntity('project').')'; - if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; + if (! empty($projectsListId)) $sql.= " AND p.rowid IN (".$projectsListId.")"; // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; // For external user, no check is done on company permission because readability is managed by public status of project and assignement.