10 年前 · 8f32e8ace8
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,7 @@ FIX: Not showing delivery date on rouget pdf
 
				 FIX: Not showing task extrafields when creating from left menu
			
 
				 FIX [ bug #3288 ] Tasks box is not properly drawn
			
 
				 FIX [ bug #3211 ] Outstading bill amount of a client showed wrong amounts
			
 
				+FIX [ bug #3321 ] Users with certain permissions were shown a "forbidden access" page even if they had the rights
			
 
				 
			
 
				 NEW: Created new ContratLigne::insert function
			
 
				 
			
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -451,7 +451,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
 
				                 	if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
			
 
				                    
			
 
				 
			
 
				-				    $sql = "SELECT dbt.id";
			
 
				+				    $sql = "SELECT dbt.$dbt_select";
			
 
				                     $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
			
 
				                     $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON (dbt.".$dbt_keyfield." = s.rowid)";
			
 
				                     $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON (sc.fk_soc = dbt.".$dbt_keyfield.")";
			
--- a/htdocs/product/stock/mouvement.php
+++ b/htdocs/product/stock/mouvement.php
@@ -414,6 +414,10 @@ if ($resql)
 
				     if ($id) print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,'',$num,0,'');
			
 
				     else print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,'',$num);
			
 
				 
			
 
				+
			
 
				+    print '<form method="get" action="'.$_SERVER["PHP_SELF"].'">';
			
 
				+    if ($id) print '<input type="hidden" name="id" value="'.$id.'">';
			
 
				+
			
 
				     print '<table class="noborder" width="100%">';
			
 
				     print "<tr class=\"liste_titre\">";
			
 
				     //print_liste_field_titre($langs->trans("Id"),$_SERVER["PHP_SELF"], "m.rowid","",$param,"",$sortfield,$sortorder);
			
@@ -428,9 +432,6 @@ if ($resql)
 
				     print "</tr>\n";
			
 
				 
			
 
				     // Lignes des champs de filtre
			
 
				-    print '<form method="get" action="'.$_SERVER["PHP_SELF"].'">';
			
 
				-    if ($id) print '<input type="hidden" name="id" value="'.$id.'">';
			
 
				-
			
 
				     print '<tr class="liste_titre">';
			
 
				     print '<td class="liste_titre" valign="right">';
			
 
				     print $langs->trans('Month').': <input class="flat" type="text" size="2" maxlength="2" name="month" value="'.$month.'">';
			
@@ -465,7 +466,6 @@ if ($resql)
 
				     print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'searchclear.png','','',1).'" name="button_removefilter" value="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'" title="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'">';
			
 
				     print '</td>';
			
 
				     print "</tr>\n";
			
 
				-    print '</form>';
			
 
				 
			
 
				     $arrayofuniqueproduct=array();
			
 
				 
			
@@ -526,7 +526,7 @@ if ($resql)
 
				     }
			
 
				     $db->free($resql);
			
 
				 
			
 
				-    print "</table><br>";
			
 
				+    print "</table></form><br>";
			
 
				 
			
 
				     // Add number of product when there is a filter on period
			
 
				     if (count($arrayofuniqueproduct) == 1 && is_numeric($year))