Home Explore Help
Sign In
iProspective
/
dolibarr
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 075ee02901
Branches Tags
dolibarr
/
htdocs
/
societe
/
ajax
/
ajaxcompanies.php

ajaxcompanies.php 6.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179 
  1. <?php
    2. 

  2. /* Copyright (C) 2006      Andre Cianfarani     <acianfa@free.fr>
    3. 

  3.  * Copyright (C) 2005-2009 Regis Houssin        <regis.houssin@inodbox.com>
    4. 

  4.  * Copyright (C) 2007-2010 Laurent Destailleur  <eldy@users.sourceforge.net>
    5. 

  5.  * Copyright (C) 2010      Cyrille de Lambert   <info@auguria.net>
    6. 

  6.  *
    7. 

  7.  * This program is free software; you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU General Public License as published by
    9. 

  9.  * the Free Software Foundation; either version 3 of the License, or
    10. 

  10.  * (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU General Public License
    18. 

  18.  * along with this program. If not, see <https://www.gnu.org/licenses/>.
    19. 

  19.  */
    20. 

  20. 

  21. /**
    22. 

  22.  *       \file       htdocs/societe/ajax/ajaxcompanies.php
    23. 

  23.  *       \brief      File to return Ajax response on third parties request. Search is done on name|name_alias|code_client|code_fournisseur
    24. 

  24.  */
    25. 

  25. 

  26. if (!defined('NOTOKENRENEWAL')) {
    27. 

  27. 	define('NOTOKENRENEWAL', 1); // Disables token renewal
    28. 

  28. }
    29. 

  29. if (!defined('NOREQUIREMENU')) {
    30. 

  30. 	define('NOREQUIREMENU', '1');
    31. 

  31. }
    32. 

  32. if (!defined('NOREQUIREHTML')) {
    33. 

  33. 	define('NOREQUIREHTML', '1');
    34. 

  34. }
    35. 

  35. if (!defined('NOREQUIREAJAX')) {
    36. 

  36. 	define('NOREQUIREAJAX', '1');
    37. 

  37. }
    38. 

  38. if (!defined('NOREQUIRESOC')) {
    39. 

  39. 	define('NOREQUIRESOC', '1');
    40. 

  40. }
    41. 

  41. 

  42. // Load Dolibarr environment
    43. 

  43. require '../../main.inc.php';
    44. 

  44. require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
    45. 

  45. 

  46. $id = GETPOST('socid', 'int') || GETPOST('id_fourn', 'int');
    47. 

  47. 

  48. $object = new Societe($db);
    49. 

  49. if ($id > 0) {
    50. 

  50. 	$object->fetch($id);
    51. 

  51. }
    52. 

  52. 

  53. // Security check
    54. 

  54. if ($user->socid > 0) {
    55. 

  55. 	$socid = $user->socid;
    56. 

  56. 	if ($object->socid && $socid != $object->socid) {
    57. 

  57. 		accessforbidden('Not allowed to access thirdparty id '.$id.' with an external user on id '.$socid);
    58. 

  58. 	}
    59. 

  59. }
    60. 

  60. restrictedArea($user, 'societe', $object, '&societe');
    61. 

  61. 

  62. 

  63. /*
    64. 

  64.  * View
    65. 

  65.  */
    66. 

  66. 

  67. //top_htmlhead("", "", 1);  // Replaced with top_httphead. An ajax page does not need html header.
    68. 

  68. top_httphead('application/json');
    69. 

  69. 

  70. //print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
    71. 

  71. 

  72. 

  73. $return_arr = array();
    74. 

  74. 

  75. // Define filter on text typed
    76. 

  76. $socid = GETPOST('newcompany');
    77. 

  77. if (!$socid) {
    78. 

  78. 	$socid = GETPOST('socid', 'int');
    79. 

  79. }
    80. 

  80. if (!$socid) {
    81. 

  81. 	$socid = GETPOST('id_fourn', 'int');
    82. 

  82. }
    83. 

  83. 

  84. // Generate list of companies
    85. 

  85. if (! $socid) {
    86. 

  86. 	echo json_encode(array('nom'=>'ErrorBadParameter', 'label'=>'ErrorBadParameter', 'key'=>'ErrorBadParameter', 'value'=>'ErrorBadParameter'));
    87. 

  87. 	exit;
    88. 

  88. }
    89. 

  89. 

  90. $sql = "SELECT s.rowid, s.nom, s.name_alias, s.code_client, s.code_fournisseur, s.address, s.zip, s.town, s.email, s.siren, s.siret, s.ape, s.idprof4, s.idprof5, s.idprof6, s.client, s.fournisseur, s.datec, s.logo";
    91. 

  91. if (getDolGlobalString('COMPANY_SHOW_ADDRESS_SELECTLIST')) {
    92. 

  92. 	$sql .= ", dictp.code as country_code";
    93. 

  93. }
    94. 

  94. $sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
    95. 

  95. if (getDolGlobalString('COMPANY_SHOW_ADDRESS_SELECTLIST')) {
    96. 

  96. 	$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as dictp ON dictp.rowid = s.fk_pays";
    97. 

  97. }
    98. 

  98. $sql .= " WHERE s.entity IN (".getEntity('societe').")";
    99. 

  99. if ($socid) {
    100. 

  100. 	$sql .= " AND (";
    101. 

  101. 	// Add criteria on name/code
    102. 

  102. 	if (getDolGlobalString('COMPANY_DONOTSEARCH_ANYWHERE')) {   // Can use index
    103. 

  103. 		$sql .= "s.nom LIKE '".$db->escape($db->escapeforlike($socid))."%'";
    104. 

  104. 		$sql .= " OR s.name_alias LIKE '".$db->escape($db->escapeforlike($socid))."%'";
    105. 

  105. 		$sql .= " OR s.code_client LIKE '".$db->escape($db->escapeforlike($socid))."%'";
    106. 

  106. 		$sql .= " OR s.code_fournisseur LIKE '".$db->escape($db->escapeforlike($socid))."%'";
    107. 

  107. 	} else {
    108. 

  108. 		$sql .= "s.nom LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
    109. 

  109. 		$sql .= " OR s.name_alias LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
    110. 

  110. 		$sql .= " OR s.code_client LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
    111. 

  111. 		$sql .= " OR s.code_fournisseur LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
    112. 

  112. 	}
    113. 

  113. 	if (getDolGlobalString('SOCIETE_ALLOW_SEARCH_ON_ROWID')) {
    114. 

  114. 		$sql .= " OR s.rowid = ".((int) $socid);
    115. 

  115. 	}
    116. 

  116. 	$sql .= ")";
    117. 

  117. }
    118. 

  118. // Protection for external user access
    119. 

  119. if ($user->socid > 0) {
    120. 

  120. 	$sql .= " AND s.rowid = ".((int) $user->socid);
    121. 

  121. }
    122. 

  122. //if (GETPOST("filter")) $sql.= " AND (".GETPOST("filter", "alpha").")"; // Add other filters
    123. 

  123. $sql .= " ORDER BY s.nom ASC";
    124. 

  124. 

  125. //dol_syslog("ajaxcompanies", LOG_DEBUG);
    126. 

  126. $resql = $db->query($sql);
    127. 

  127. if ($resql) {
    128. 

  128. 	while ($row = $db->fetch_array($resql)) {
    129. 

  129. 		$label = '';
    130. 

  130. 		if (getDolGlobalString('SOCIETE_ADD_REF_IN_LIST')) {
    131. 

  131. 			if (($row['client']) && (!empty($row['code_client']))) {
    132. 

  132. 				$label = $row['code_client'].' - ';
    133. 

  133. 			}
    134. 

  134. 			if (($row['fournisseur']) && (!empty($row['code_fournisseur']))) {
    135. 

  135. 				$label .= $row['code_fournisseur'].' - ';
    136. 

  136. 			}
    137. 

  137. 		}
    138. 

  138. 

  139. 		$label .= $row['nom'];
    140. 

  140. 

  141. 		if (getDolGlobalString('COMPANY_SHOW_ADDRESS_SELECTLIST')) {
    142. 

  142. 			$label .= ($row['address'] ? ' - '.$row['address'] : '').($row['zip'] ? ' - '.$row['zip'] : '').($row['town'] ? ' '.$row['town'] : '');
    143. 

  143. 			if (!empty($row['country_code'])) {
    144. 

  144. 				$label .= ', '.$langs->trans('Country'.$row['country_code']);
    145. 

  145. 			}
    146. 

  146. 		}
    147. 

  147. 		if ($socid) {
    148. 

  148. 			$label = preg_replace('/('.preg_quote($socid, '/').')/i', '<strong>$1</strong>', $label, 1);
    149. 

  149. 		}
    150. 

  150. 		$row_array['label'] = $label;
    151. 

  151. 

  152. 		$row_array['value'] = $row['nom'];
    153. 

  153. 		$row_array['key'] = $row['rowid'];
    154. 

  154. 

  155. 		$row_array['name_alias'] = $row['name_alias'];
    156. 

  156. 		$row_array['client'] = $row['client'];
    157. 

  157. 		$row_array['fournisseur'] = $row['fournisseur'];
    158. 

  158. 		$row_array['code_client'] = $row['code_client'];
    159. 

  159. 		$row_array['code_fournisseur'] = $row['code_fournisseur'];
    160. 

  160. 		$row_array['address'] = $row['address'];
    161. 

  161. 		$row_array['zip'] = $row['zip'];
    162. 

  162. 		$row_array['town'] = $row['town'];
    163. 

  163. 		$row_array['email'] = $row['email'];
    164. 

  164. 		$row_array['siren'] = $row['siren'];
    165. 

  165. 		$row_array['siret'] = $row['siret'];
    166. 

  166. 		$row_array['ape'] = $row['ape'];
    167. 

  167. 		$row_array['idprof4'] = $row['idprof4'];
    168. 

  168. 		$row_array['idprof5'] = $row['idprof5'];
    169. 

  169. 		$row_array['idprof6'] = $row['idprof6'];
    170. 

  170. 		$row_array['datec'] = $row['datec'];
    171. 

  171. 		$row_array['logo'] = $row['logo'];
    172. 

  172. 

  173. 		array_push($return_arr, $row_array);
    174. 

  174. 	}
    175. 

  175. 

  176. 	echo json_encode($return_arr);
    177. 

  177. } else {
    178. 

  178. 	echo json_encode(array('nom'=>'Error', 'label'=>'Error', 'key'=>'Error', 'value'=>'Error'));
    179. 

  179. }
    180.