[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 01/05: Task #1078 - Bug opération prédéfinie
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 01/05: Task #1078 - Bug opération prédéfinie pour les opérations diverses To fix the bug, we implement a safer way to get data from _POST, the function Pre_Op_Advance::get_post was not correct |
Date: |
Sat, 10 Jan 2015 12:00:07 +0000 |
sparkyx pushed a commit to branch master
in repository noalyss.
commit e7e409c5f110f84a2994029d74e92ecd98b8aa12
Author: Dany De Bontridder <address@hidden>
Date: Fri Jan 2 19:04:20 2015 +0100
Task #1078 - Bug opération prédéfinie pour les opérations diverses
To fix the bug, we implement a safer way to get data from _POST, the
function Pre_Op_Advance::get_post was not correct
if the name is already used than a new one is computed
---
include/ajax_mod_predf_op.php | 13 +++++++++----
include/ajax_save_predf_op.php | 18 +++++++++++++-----
include/class_pre_op_advanced.php | 23 +++++++++++++++++------
include/class_pre_operation.php | 3 +--
4 files changed, 40 insertions(+), 17 deletions(-)
diff --git a/include/ajax_mod_predf_op.php b/include/ajax_mod_predf_op.php
index 09ff488..db85438 100644
--- a/include/ajax_mod_predf_op.php
+++ b/include/ajax_mod_predf_op.php
@@ -57,11 +57,16 @@ echo HtmlInput::button('close', _('Annuler'),
'onclick="removeDiv(\'mod_predf_op
echo '</form>';
-$html = ob_get_contents();
+$html1 = ob_get_contents();
ob_end_clean();
-$html = escape_xml($html);
-//echo $html;exit();
-header('Content-type: text/xml; charset=UTF-8');
+$html = escape_xml($html1);
+if (headers_sent() )
+ {
+ echo $html1;
+ }
+else {
+ header('Content-type: text/xml; charset=UTF-8');
+}
echo <<<EOF
<?xml version="1.0" encoding="UTF-8"?>
<data>
diff --git a/include/ajax_save_predf_op.php b/include/ajax_save_predf_op.php
index df1693b..83a7479 100644
--- a/include/ajax_save_predf_op.php
+++ b/include/ajax_save_predf_op.php
@@ -25,14 +25,20 @@
*/
if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
if ($g_user->check_module('PREDOP') == 0) exit();
-if ( trim($_POST['opd_name']) != '')
+$name=HtmlInput::default_value_post("opd_name", "");
+if ( trim($name) != '')
{
+ $od_id=HtmlInput::default_value_post("od_id", -1);
+
+ if ( $od_id == -1 ||isNumber($od_id) == 0) return;
+
$cn->exec_sql('delete from op_predef where od_id=$1',
- array($_POST['od_id']));
+ array($od_id));
+
+ $cn->exec_sql("delete from op_predef_detail where od_id=$1",array($od_id));
- var_dump($_POST);
- $cn->exec_sql("delete from op_predef_detail where
od_id=$1",array($_POST['od_id']));
- switch ($_POST['jrn_type']) {
+ $jrn_type=HtmlInput::default_value_post("jrn_type", null);
+ switch ($jrn_type) {
case 'ACH':
$operation=new Pre_op_ach($cn);
break;
@@ -42,6 +48,8 @@ if ( trim($_POST['opd_name']) != '')
case 'ODS':
$operation=new Pre_Op_Advanced($cn);
break;
+ default :
+ throw new Exception(_('Type de journal invalide'));
}
$operation->get_post();
$operation->save();
diff --git a/include/class_pre_op_advanced.php
b/include/class_pre_op_advanced.php
index 58022dc..c28d15c 100644
--- a/include/class_pre_op_advanced.php
+++ b/include/class_pre_op_advanced.php
@@ -43,12 +43,21 @@ class Pre_Op_Advanced extends Pre_operation_detail
for ($i=0;$i<$this->operation->nb_item;$i++)
{
- if ( ! isset ($_POST['poste'.$i]) && ! isset ($_POST['qc_'.$i]))
- continue;
- if (isset ($this->{'poste'.$i}))
- $this->{'poste'.$i}=(trim($_POST['qc_'.$i]) != ""
)?$_POST['qc_'.$i]:$_POST['poste'.$i];
- if ( isset($this->{'qc'.$i}))
+ $poste=HtmlInput::default_value_post("poste".$i, null);
+ $qcode=HtmlInput::default_value_post("qc_".$i, null);
+
+ if ( $poste == null && $qcode == null ) continue;
+
+ if ($poste != null && trim ($poste) != "")
+ {
+ $this->{'poste'.$i}=$poste;
+ $this->{'isqc'.$i}='f';
+ }
+
+ if ( $qcode != null && trim ($qcode) != "") {
$this->{'isqc'.$i}=(trim($_POST['qc_'.$i]) != "")?'t':'f';
+ $this->{'poste'.$i}=trim ($qcode);
+ }
$this->{"amount".$i}=$_POST['amount'.$i];
$this->{"ck".$i}=(isset($_POST['ck'.$i]))?'t':'f';
@@ -62,9 +71,9 @@ class Pre_Op_Advanced extends Pre_operation_detail
{
try
{
- $this->db->start();
if ($this->operation->save() == false )
return;
+ $this->db->start();
// save the selling
for ($i=0;$i<$this->operation->nb_item;$i++)
{
@@ -85,6 +94,8 @@ class Pre_Op_Advanced extends Pre_operation_detail
$this->db->exec_sql($sql);
}
+ $this->db->commit();
+
}
catch (Exception $e)
{
diff --git a/include/class_pre_operation.php b/include/class_pre_operation.php
index 69e8e4c..3687c17 100644
--- a/include/class_pre_operation.php
+++ b/include/class_pre_operation.php
@@ -101,8 +101,7 @@ class Pre_operation
"and jrn_def_id=".$this->p_jrn)
!= 0 )
{
- echo "<span class=\"notice\"> Ce modèle d' opération a
déjà été sauvé</span>";
- return false;
+ $this->name="copy_".$this->name."_".microtime(true);
}
if ( $this->count() > MAX_PREDEFINED_OPERATION )
{
- [Noalyss-commit] [noalyss] branch master updated (d8e596d -> 37c6068), Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 01/05: Task #1078 - Bug opération prédéfinie pour les opérations diverses To fix the bug, we implement a safer way to get data from _POST, the function Pre_Op_Advance::get_post was not correct,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 04/05: Task #1079 - Bug : filtre pour client, fournisseur dans gestion Bug : quick filter on column name was broken, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 05/05: Merge rel6800-xmas, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 02/05: Traduction, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 03/05: security : check id, Dany De Bontridder, 2015/01/10