[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpcompta-dev] r4598 - phpcompta/trunk/include
From: |
phpcompta-dev |
Subject: |
[Phpcompta-dev] r4598 - phpcompta/trunk/include |
Date: |
Sun, 11 Dec 2011 21:54:10 +0100 (CET) |
Author: danydb
Date: 2011-12-11 21:54:08 +0100 (Sun, 11 Dec 2011)
New Revision: 4598
Modified:
phpcompta/trunk/include/class_acc_ledger.php
phpcompta/trunk/include/compta_ach.inc.php
phpcompta/trunk/include/compta_ods.inc.php
phpcompta/trunk/include/compta_ven.inc.php
Log:
Security ; bug can't access ODS
Modified: phpcompta/trunk/include/class_acc_ledger.php
===================================================================
--- phpcompta/trunk/include/class_acc_ledger.php 2011-12-11 16:23:38 UTC
(rev 4597)
+++ phpcompta/trunk/include/class_acc_ledger.php 2011-12-11 20:54:08 UTC
(rev 4598)
@@ -2045,10 +2045,10 @@
*\param the type
*\return the j_id
*/
- public function get_first($p_type)
+ public function get_first($p_type,$p_access=3)
{
$user=new User($this->db);
- $all=$user->get_ledger($p_type);
+ $all=$user->get_ledger($p_type,$p_access);
return $all[0];
}
Modified: phpcompta/trunk/include/compta_ach.inc.php
===================================================================
--- phpcompta/trunk/include/compta_ach.inc.php 2011-12-11 16:23:38 UTC (rev
4597)
+++ phpcompta/trunk/include/compta_ach.inc.php 2011-12-11 20:54:08 UTC (rev
4598)
@@ -163,7 +163,11 @@
if (!isset($_REQUEST ['p_jrn']))
{
- $def_ledger = $Ledger->get_first('ach');
+ $def_ledger = $Ledger->get_first('ach',2);
+ if ( empty ($first_ledger))
+ {
+ exit('Pas de journal disponible');
+ }
$Ledger->id = $def_ledger['jrn_def_id'];
}
else
Modified: phpcompta/trunk/include/compta_ods.inc.php
===================================================================
--- phpcompta/trunk/include/compta_ods.inc.php 2011-12-11 16:23:38 UTC (rev
4597)
+++ phpcompta/trunk/include/compta_ods.inc.php 2011-12-11 20:54:08 UTC (rev
4598)
@@ -43,6 +43,10 @@
$id = (isset($_REQUEST['p_jrn_predef'])) ? $_REQUEST['p_jrn_predef'] : -1;
$ledger = new Acc_Ledger($cn, $id);
$first_ledger = $ledger->get_first('ODS');
+if ( empty ($first_ledger))
+{
+ exit('Pas de journal disponible');
+}
$ledger->id = ($ledger->id == -1) ? $first_ledger['jrn_def_id'] : $id;
/* !\brief show a form for quick_writing */
@@ -52,7 +56,7 @@
-if ($g_user->check_jrn($id) == 'X')
+if ($g_user->check_jrn($ledger->id) == 'X')
{
NoAccess();
exit - 1;
Modified: phpcompta/trunk/include/compta_ven.inc.php
===================================================================
--- phpcompta/trunk/include/compta_ven.inc.php 2011-12-11 16:23:38 UTC (rev
4597)
+++ phpcompta/trunk/include/compta_ven.inc.php 2011-12-11 20:54:08 UTC (rev
4598)
@@ -182,7 +182,11 @@
if ( !isset($_REQUEST ['p_jrn']) )
{
- $def_ledger=$Ledger->get_first('ven');
+ $def_ledger=$Ledger->get_first('ven',2);
+ if (empty($first_ledger))
+ {
+ exit('Pas de journal disponible');
+ }
$Ledger->id=$def_ledger['jrn_def_id'];
}
else
@@ -190,7 +194,7 @@
if (isset ($_REQUEST['p_jrn_predef'])){
$Ledger->id=$_REQUEST['p_jrn_predef'];
}
-
+
echo '<div id="predef_form">';
echo '<form style="display:inline" method="GET" >';
echo HtmlInput::hidden('ac',$_REQUEST['ac']);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpcompta-dev] r4598 - phpcompta/trunk/include,
phpcompta-dev <=