Correct rights & presentation

Dolibarr · Nov 1, 2014 · 4951fee · 4951fee
1 parent 24d0568
commit 4951fee
Show file tree

Hide file tree

Showing 12 changed files with 73 additions and 76 deletions.
diff --git a/htdocs/accountancy/admin/account.php b/htdocs/accountancy/admin/account.php
@@ -37,7 +37,6 @@
 $action = GETPOST('action');
 $id = GETPOST('id', 'int');
 $rowid = GETPOST('rowid', 'int');
-$search= GETPOST("search");
 $search_account = GETPOST("search_account");
 $search_label = GETPOST("search_label");
 $search_accountparent = GETPOST("search_accountparent");
@@ -91,7 +90,6 @@
 
 if (GETPOST("button_removefilter"))
 {
-    $search="";
 	$search_account="";
     $search_label="";
 	$search_accountparent="";
@@ -169,7 +167,7 @@
 	print '<td class="liste_titre">&nbsp;</td>';
 	print '<td align="right" colspan="2" class="liste_titre">';
 	print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
-	print '&nbsp; ';
+	print '&nbsp;';
 	print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'searchclear.png','','',1).'" name="button_removefilter" value="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'" title="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'">';
 	print '</td>';
 	print '</tr>';

diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php
@@ -35,8 +35,6 @@
 $id = GETPOST('id', 'int');
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 $action = GETPOST('action');
 $piece_num = GETPOST("piece_num");
@@ -238,7 +236,9 @@
 	print '<input type="submit" class="butAction" value="' . $langs->trans("Save") . '">';
 
 	print '</form>';
-} else {
+} 
+else
+{
 	$book = new BookKeeping($db);
 	$result = $book->fetch_per_mvt($piece_num);
 	if ($result < 0) {
@@ -309,31 +309,28 @@
 						print '<td><input type="text" size="6" name="credit" value="' . price($line->credit) . '"/></td>';
 						print '<td>' . $line->montant . '</td>';
 						print '<td>' . $line->sens . '</td>';
-
 						print '<td>';
-						if ($user->rights->accounting->access) {
-							print '<input type="submit" class="button" value="' . $langs->trans("Update") . '">';
-						}
+						print '<input type="submit" class="button" value="' . $langs->trans("Update") . '">';
 						print '</form>';
 						print '</td>';
-					} else {
+					}
+					else {
 						print '<td>' . $line->numero_compte . '</td>';
 						print '<td>' . $line->code_tiers . '</td>';
 						print '<td>' . $line->label_compte . '</td>';
 						print '<td>' . $line->debit . '</td>';
 						print '<td>' . $line->credit . '</td>';
 						print '<td>' . $line->montant . '</td>';
 						print '<td>' . $line->sens . '</td>';
-
+							
 						print '<td>';
-						if ($user->rights->accouting->access) {
-							print '<a href="./card.php?action=update&id=' . $line->id . '&piece_num=' . $line->piece_num . '">';
-							print img_edit();
-							print '</a>&nbsp;';
-							print '<a href="./card.php?action=delete&id=' . $line->id . '&piece_num=' . $line->piece_num . '">';
-							print img_delete();
-							print '</a>';
-						}
+						print '<a href="./card.php?action=update&id=' . $line->id . '&piece_num=' . $line->piece_num . '">';
+						print img_edit();
+						print '</a>&nbsp;';
+						print '<a href="./card.php?action=delete&id=' . $line->id . '&piece_num=' . $line->piece_num . '">';
+						print img_delete();
+						print '</a>';
+
 						print '</td>';
 					}
 					print "</tr>\n";
@@ -342,7 +339,7 @@
 				if ($action == "" || $action == 'add') {
 					$var = ! $var;
 					print "<tr $bc[$var]>";
-
+						
 					print '<form action="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $book->piece_num . '" method="post">';
 					print '<input type="hidden" name="action" value="add">' . "\n";
 					print '<input type="hidden" name="doc_date" value="' . $book->doc_date . '">' . "\n";
@@ -359,14 +356,13 @@
 					print '<td></td>';
 					print '<td></td>';
 					print '<td><input type="submit" class="button" value="' . $langs->trans("Save") . '"></td>';
-
 					print '</tr>';
 				}
-
 				print "</table>";
 			}
 		}
-	} else {
+	}
+	else {
 		print_fiche_titre($langs->trans("NoRecords"));
 	}
 }

diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php
@@ -36,6 +36,11 @@
 $sortorder = GETPOST("sortorder");
 $sortfield = GETPOST("sortfield");
 $action = GETPOST('action', 'alpha');
+$search_doc_type = GETPOST("search_doc_type");
+$search_doc_ref = GETPOST("search_doc_ref");
+$search_account = GETPOST("search_account");
+$search_thirdparty = GETPOST("search_thirdparty");
+$search_journal = GETPOST("search_journal");
 
 if ($sortorder == "")
 	$sortorder = "ASC";
@@ -46,6 +51,15 @@
 
 $formventilation = new FormVentilation($db);
 
+if (GETPOST("button_removefilter"))
+{
+	$search_doc_type="";
+    $search_doc_ref="";
+	$search_account="";
+	$search_thirdparty="";
+	$search_journal="";
+}
+
 /*
  * Action
  */
@@ -100,25 +114,25 @@
 	$sql = "SELECT bk.rowid, bk.doc_date, bk.doc_type, bk.doc_ref, bk.code_tiers, bk.numero_compte , bk.label_compte, bk.debit , bk.credit, bk.montant , bk.sens , bk.code_journal , bk.piece_num ";
 	$sql .= " FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping as bk";
 
-	if (dol_strlen(trim(GETPOST("search_doc_type")))) {
+	if (dol_strlen(trim($search_doc_type))) {
 
-		$sql .= " WHERE bk.doc_type LIKE '%" . GETPOST("search_doc_type") . "%'";
+		$sql .= " WHERE bk.doc_type LIKE '%" . $search_doc_type . "%'";
 
-		if (dol_strlen(trim(GETPOST("search_doc_ref")))) {
-			$sql .= " AND bk.doc_ref LIKE '%" . GETPOST("search_doc_ref") . "%'";
+		if (dol_strlen(trim($search_doc_ref))) {
+			$sql .= " AND bk.doc_ref LIKE '%" . $search_doc_ref . "%'";
 		}
 	}
-	if (dol_strlen(trim(GETPOST("search_doc_ref")))) {
-		$sql .= " WHERE bk.doc_ref LIKE '%" . GETPOST("search_doc_ref") . "%'";
+	if (dol_strlen(trim($search_doc_ref))) {
+		$sql .= " WHERE bk.doc_ref LIKE '%" . $search_doc_ref . "%'";
 	}
-	if (dol_strlen(trim(GETPOST("search_compte")))) {
-		$sql .= " WHERE bk.numero_compte LIKE '%" . GETPOST("search_compte") . "%'";
+	if (dol_strlen(trim($search_account))) {
+		$sql .= " WHERE bk.numero_compte LIKE '%" . $search_account . "%'";
 	}
-	if (dol_strlen(trim(GETPOST("search_tiers")))) {
-		$sql .= " WHERE bk.code_tiers LIKE '%" . GETPOST("search_tiers") . "%'";
+	if (dol_strlen(trim($search_thirdparty))) {
+		$sql .= " WHERE bk.code_tiers LIKE '%" . $search_thirdparty . "%'";
 	}
-	if (dol_strlen(trim(GETPOST("search_journal")))) {
-		$sql .= " WHERE bk.code_journal LIKE '%" . GETPOST("search_journal") . "%'";
+	if (dol_strlen(trim($search_journal))) {
+		$sql .= " WHERE bk.code_journal LIKE '%" . $search_journal . "%'";
 	}
 
 	$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit + 1, $offset);
@@ -149,37 +163,39 @@
 		print '<input type="submit" class="button" style="float: right;" value="Export CSV" />';
 		print '</form>';
 
-		print "<table class=\"noborder\" width=\"100%\">";
+		print '<table class="noborder" width="100%">';
 		print '<tr class="liste_titre">';
 		print_liste_field_titre($langs->trans("Doctype"), $_SERVER['PHP_SELF'], "bk.doc_type", "", "", "", $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Docdate"), $_SERVER['PHP_SELF'], "bk.doc_date", "", "", "", $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Docref"), $_SERVER['PHP_SELF'], "bk.doc_ref", "", "", "", $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Numerocompte"), $_SERVER['PHP_SELF'], "bk.numero_compte", "", "", "", $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Code_tiers"), $_SERVER['PHP_SELF'], "bk.code_tiers", "", "", "", $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Labelcompte"), $_SERVER['PHP_SELF'], "bk_label_compte", "", "", "", $sortfield, $sortorder);
-		print_liste_field_titre($langs->trans("Debit"), $_SERVER['PHP_SELF'], "bk.debit", "", "", "", $sortfield, $sortorder);
-		print_liste_field_titre($langs->trans("Credit"), $_SERVER['PHP_SELF'], "bk.credit", "", "", "", $sortfield, $sortorder);
-		print_liste_field_titre($langs->trans("Amount"), $_SERVER['PHP_SELF'], "bk.montant", "", "", "", $sortfield, $sortorder);
-		print_liste_field_titre($langs->trans("Sens"), $_SERVER['PHP_SELF'], "bk.sens", "", "", "", $sortfield, $sortorder);
+		print_liste_field_titre($langs->trans("Debit"), $_SERVER['PHP_SELF'], "bk.debit", "", "", 'align="center"', $sortfield, $sortorder);
+		print_liste_field_titre($langs->trans("Credit"), $_SERVER['PHP_SELF'], "bk.credit", "", "", 'align="center"', $sortfield, $sortorder);
+		print_liste_field_titre($langs->trans("Amount"), $_SERVER['PHP_SELF'], "bk.montant", "", "", 'align="center"', $sortfield, $sortorder);
+		print_liste_field_titre($langs->trans("Sens"), $_SERVER['PHP_SELF'], "bk.sens", "", "", 'align="center"', $sortfield, $sortorder);
 		print_liste_field_titre($langs->trans("Codejournal"), $_SERVER['PHP_SELF'], "bk.code_journal", "", "", "", $sortfield, $sortorder);
-		print_liste_field_titre("&nbsp;");
+		print_liste_field_titre($langs->trans("Action"),$_SERVER["PHP_SELF"],"",$param,"",'width="60" align="center"',$sortfield,$sortorder);
 		print "</tr>\n";
 
 		print '<tr class="liste_titre">';
 		print '<form action="'.$_SERVER["PHP_SELF"].'" method="GET">';
-		print '<td><input type="text" name="search_doc_type" value="' . $_GET["search_doc_type"] . '"></td>';
+		print '<td><input type="text" name="search_doc_type" size="8" value="' . $search_doc_type . '"></td>';
 		print '<td>&nbsp;</td>';
-		print '<td><input type="text" name="search_doc_ref" value="' . $_GET["search_doc_ref"] . '"></td>';
-		print '<td><input type="text" name="search_compte" value="' . $_GET["search_compte"] . '"></td>';
-		print '<td><input type="text" name="search_tiers" value="' . $_GET["search_tiers"] . '"></td>';
+		print '<td><input type="text" name="search_doc_ref" size="8" value="' . $search_doc_ref . '"></td>';
+		print '<td><input type="text" name="search_account" size="8" value="' . $search_account . '"></td>';
+		print '<td><input type="text" name="search_thirdparty" size="8" value="' . $search_thirdparty . '"></td>';
 		print '<td>&nbsp;</td>';
 		print '<td>&nbsp;</td>';
 		print '<td>&nbsp;</td>';
 		print '<td>&nbsp;</td>';
 		print '<td>&nbsp;</td>';
-		print '<td><input type="text" name="search_journal" size="3" value="' . $_GET["search_journal"] . '"></td>';
-		print '<td align="right">';
-		print '<input type="image" class="liste_titre" name="button_search" src="' . DOL_URL_ROOT . '/theme/' . $conf->theme . '/img/search.png" value="' . dol_escape_htmltag($langs->trans("Search")) . '" title="' . dol_escape_htmltag($langs->trans("Search")) . '">';
+		print '<td><input type="text" name="search_journal" size="3" value="' . $search_journal . '"></td>';
+		print '<td align="right" colspan="2" class="liste_titre">';
+		print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
+		print '&nbsp;';
+		print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'searchclear.png','','',1).'" name="button_removefilter" value="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'" title="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'">';
 		print '</td>';
 		print '</form>';
 		print '</tr>';
@@ -201,9 +217,9 @@
 			print '<td align="right">' . price($obj->debit) . '</td>';
 			print '<td align="right">' . price($obj->credit) . '</td>';
 			print '<td align="right">' . price($obj->montant) . '</td>';
-			print '<td>' . $obj->sens . '</td>';
+			print '<td align="center">' . $obj->sens . '</td>';
 			print '<td>' . $obj->code_journal . '</td>';
-			print '<td><a href="./card.php?piece_num=' . $obj->piece_num . '">' . img_edit() . '</a></td>';
+			print '<td align="center"><a href="./card.php?piece_num=' . $obj->piece_num . '">' . img_edit() . '</a></td>';
 			print "</tr>\n";
 			$i ++;
 		}

diff --git a/htdocs/accountancy/customer/card.php b/htdocs/accountancy/customer/card.php
@@ -40,14 +40,12 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 /*
  * Actions
  */
 
-if ($action == 'ventil' && $user->rights->accounting->access) 
+if ($action == 'ventil' && $user->rights->accounting->ventilation->dispatch) 
 {
 	if (! GETPOST('cancel', 'alpha'))
 	{
@@ -109,7 +107,7 @@
 			print '<input type="hidden" name="action" value="ventil">';
 
 			$linkback='<a href="'.DOL_URL_ROOT.'/accountancy/customer/lines.php">'.$langs->trans("Back").'</a>';
-			print_fiche_titre($langs->trans('AccountingVentilationCustomer'),$linkback,'setup');
+			print_fiche_titre($langs->trans('CustomersVentilation'),$linkback,'setup');
 
 			print '<table class="border" width="100%">';
 

diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php
@@ -93,8 +93,8 @@
  */
 llxHeader('', $langs->trans("CustomersVentilation"));
 
-$textprevyear = "<a href=\"index.php?year=" . ($year_current - 1) . "\">" . img_previous() . "</a>";
-$textnextyear = " <a href=\"index.php?year=" . ($year_current + 1) . "\">" . img_next() . "</a>";
+$textprevyear = '<a href="' . $_SERVER["PHP_SELF"] . '?year=' . ($year_current - 1) . '">' . img_previous() . '</a>';
+$textnextyear = ' <a href="' . $_SERVER["PHP_SELF"] . '?year=' . ($year_current + 1) . '">' . img_next() . '</a>';
 
 print_fiche_titre($langs->trans("CustomersVentilation") . " " . $textprevyear . " " . $langs->trans("Year") . " " . $year_start . " " . $textnextyear);
 
@@ -197,7 +197,7 @@
 
 print "<br>\n";
 print '<table class="noborder" width="100%">';
-print '<tr class="liste_titre"><td width="400" align="left">' . $langs->trans("TotalVente") . '</td>';
+print '<tr class="liste_titre"><td width="400" align="left">' . $langs->trans("Total") . '</td>';
 print '<td width="60" align="center">' . $langs->trans("JanuaryMin") . '</td>';
 print '<td width="60" align="center">' . $langs->trans("FebruaryMin") . '</td>';
 print '<td width="60" align="center">' . $langs->trans("MarchMin") . '</td>';
@@ -212,7 +212,7 @@
 print '<td width="60" align="center">' . $langs->trans("DecemberMin") . '</td>';
 print '<td width="60" align="center"><b>' . $langs->trans("Total") . '</b></td></tr>';
 
-$sql = "SELECT '" . $langs->trans("Vide") . "' AS 'Total',";
+$sql = "SELECT '" . $langs->trans("TotalVente") . "' AS 'Total',";
 $sql .= "  ROUND(SUM(IF(MONTH(f.datef)=1,fd.total_ht,0)),2) AS 'Janvier',";
 $sql .= "  ROUND(SUM(IF(MONTH(f.datef)=2,fd.total_ht,0)),2) AS 'Fevrier',";
 $sql .= "  ROUND(SUM(IF(MONTH(f.datef)=3,fd.total_ht,0)),2) AS 'Mars',";

diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php
@@ -68,8 +68,6 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 /*
  * View

diff --git a/htdocs/accountancy/journal/cashjournal.php b/htdocs/accountancy/journal/cashjournal.php
@@ -62,8 +62,6 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 $action = GETPOST('action');
 

diff --git a/htdocs/accountancy/journal/index.php b/htdocs/accountancy/journal/index.php
@@ -36,8 +36,6 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 llxHeader('', 'Journaux', '');
 

diff --git a/htdocs/accountancy/journal/purchasesjournal.php b/htdocs/accountancy/journal/purchasesjournal.php
@@ -55,8 +55,6 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 $action = GETPOST('action');
 

diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php
@@ -56,8 +56,6 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->access)
-	accessforbidden();
 
 $action = GETPOST('action');
 

diff --git a/htdocs/accountancy/supplier/card.php b/htdocs/accountancy/supplier/card.php
@@ -46,10 +46,9 @@
 // Security check
 if ($user->societe_id > 0)
 	accessforbidden();
-if (! $user->rights->accounting->ventilation->dispatch)
-	accessforbidden();
 
-if ($action == 'ventil' && $user->rights->accounting->access) {
+if ($action == 'ventil' && $user->rights->accounting->ventilation->dispatch)
+{
 	$sql = " UPDATE " . MAIN_DB_PREFIX . "facture_fourn_det";
 	$sql .= " SET fk_code_ventilation = " . $codeventil;
 	$sql .= " WHERE rowid = " . $id;
@@ -103,7 +102,7 @@
 			print '<input type="hidden" name="token" value="' . $_SESSION['newtoken'] . '">';
 			print '<input type="hidden" name="action" value="ventil">';
 
-			print_fiche_titre($langs->trans("Ventilation"));
+			print_fiche_titre($langs->trans("SuppliersVentilation"));
 
 			print '<table class="border" width="100%" cellspacing="0" cellpadding="4">';
 

diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php
@@ -92,10 +92,10 @@
 
 llxHeader('', $langs->trans("SuppliersVentilation"));
 
-$textprevyear = "<a href=\"index.php?year=" . ($year_current - 1) . "\">" . img_previous() . "</a>";
-$textnextyear = " <a href=\"index.php?year=" . ($year_current + 1) . "\">" . img_next() . "</a>";
+$textprevyear = '<a href="' . $_SERVER["PHP_SELF"] . '?year=' . ($year_current - 1) . '">' . img_previous() . '</a>';
+$textnextyear = ' <a href="' . $_SERVER["PHP_SELF"] . '?year=' . ($year_current + 1) . '">' . img_next() . '</a>';
 
-print_fiche_titre($langs->trans("AccountingVentilationSupplier") . " " . $textprevyear . " " . $langs->trans("Year") . " " . $year_start . " " . $textnextyear);
+print_fiche_titre($langs->trans("SuppliersVentilation") . " " . $textprevyear . " " . $langs->trans("Year") . " " . $year_start . " " . $textnextyear);
 
 print '<b>' . $langs->trans("DescVentilSupplier") . '</b>';
 print '<div class="inline-block divButAction"><a class="butAction" href="' . $_SERVER['PHP_SELF'] . '?action=validatehistory">' . $langs->trans("ValidateHistory") . '</a></div>';