Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[5530] trunk
|
From: <te...@us...> - 2012-07-23 08:29:33
|
Revision: 5530
http://web-erp.svn.sourceforge.net/web-erp/?rev=5530&view=rev
Author: tehonu
Date: 2012-07-23 08:29:23 +0000 (Mon, 23 Jul 2012)
Log Message:
-----------
Ricard: Restrict internal departments to users as described in http://www.weberp.org/forum/showthread.php?tid=171&pid=1029#pid1029
Modified Paths:
--------------
trunk/InternalStockRequest.php
trunk/WWW_Users.php
trunk/includes/UserLogin.php
trunk/sql/mysql/upgrade4.08-4.09.sql
Modified: trunk/InternalStockRequest.php
===================================================================
--- trunk/InternalStockRequest.php 2012-07-23 06:50:11 UTC (rev 5529)
+++ trunk/InternalStockRequest.php 2012-07-23 08:29:23 UTC (rev 5530)
@@ -166,20 +166,27 @@
</tr>
<tr>
<td>' . _('Department') . ':</td>';
-
-$sql="SELECT departmentid,
- description
- FROM departments
- ORDER BY description";
-
+if($_SESSION['AllowedDepartment'] == 0){
+ // any internal department allowed
+ $sql="SELECT departmentid,
+ description
+ FROM departments
+ ORDER BY description";
+}else{
+ // just 1 internal department allowed
+ $sql="SELECT departmentid,
+ description
+ FROM departments
+ WHERE departmentid = '". $_SESSION['AllowedDepartment'] ."'
+ ORDER BY description";
+}
$result=DB_query($sql, $db);
-echo '<td><select name="Department">
- <option value="">' . _('Select your department') . '</option>';
+echo '<td><select name="Department">';
while ($myrow=DB_fetch_array($result)){
if (isset($_SESSION['Request']->Department) AND $_SESSION['Request']->Department==$myrow['departmentid']){
- echo '<option selected="True" value="' . $myrow['departmentid'] . '">' . $myrow['departmentid'].' - ' .htmlspecialchars($myrow['description'], ENT_QUOTES,'UTF-8') . '</option>';
+ echo '<option selected="True" value="' . $myrow['departmentid'] . '">' . htmlspecialchars($myrow['description'], ENT_QUOTES,'UTF-8') . '</option>';
} else {
- echo '<option value="' . $myrow['departmentid'] . '">' . $myrow['departmentid'].' - ' .htmlspecialchars($myrow['description'], ENT_QUOTES,'UTF-8') . '</option>';
+ echo '<option value="' . $myrow['departmentid'] . '">' . htmlspecialchars($myrow['description'], ENT_QUOTES,'UTF-8') . '</option>';
}
}
echo '</select></td>
Modified: trunk/WWW_Users.php
===================================================================
--- trunk/WWW_Users.php 2012-07-23 06:50:11 UTC (rev 5529)
+++ trunk/WWW_Users.php 2012-07-23 08:29:23 UTC (rev 5530)
@@ -156,7 +156,8 @@
defaultlocation='" . $_POST['DefaultLocation'] ."',
modulesallowed='" . $ModulesAllowed . "',
blocked='" . $_POST['Blocked'] . "',
- pdflanguage='" . $_POST['PDFLanguage'] . "'
+ pdflanguage='" . $_POST['PDFLanguage'] . "',
+ department='" . $_POST['Department'] . "'
WHERE userid = '". $SelectedUser . "'";
prnMsg( _('The selected user record has been updated'), 'success' );
@@ -179,7 +180,8 @@
displayrecordsmax,
theme,
language,
- pdflanguage)
+ pdflanguage,
+ department)
VALUES ('" . $_POST['UserID'] . "',
'" . $_POST['RealName'] ."',
'" . $_POST['Cust'] ."',
@@ -197,7 +199,8 @@
'" . $_SESSION['DefaultDisplayRecordsMax'] . "',
'" . $_POST['Theme'] . "',
'". $_POST['UserLanguage'] ."',
- '" . $_POST['PDFLanguage'] . "')";
+ '" . $_POST['PDFLanguage'] . "',
+ '" . $_POST['Department'] . "')";
prnMsg( _('A new user record has been inserted'), 'success' );
}
@@ -225,6 +228,7 @@
unset($_POST['Theme']);
unset($_POST['UserLanguage']);
unset($_POST['PDFLanguage']);
+ unset($_POST['Department']);
unset($SelectedUser);
}
@@ -376,7 +380,8 @@
blocked,
theme,
language,
- pdflanguage
+ pdflanguage,
+ department
FROM www_users
WHERE userid='" . $SelectedUser . "'";
@@ -400,6 +405,7 @@
$_POST['UserLanguage'] = $myrow['language'];
$_POST['Blocked'] = $myrow['blocked'];
$_POST['PDFLanguage'] = $myrow['pdflanguage'];
+ $_POST['Department'] = $myrow['department'];
echo '<input type="hidden" name="SelectedUser" value="' . $SelectedUser . '" />';
echo '<input type="hidden" name="UserID" value="' . $_POST['UserID'] . '" />';
@@ -680,7 +686,36 @@
echo '</select></td>
</tr>';
+/* Allowed Department for Internal Requests */
+
echo '<tr>
+ <td>' . _('Allowed Department for Internal Requests') . ':</td>';
+
+$sql="SELECT departmentid,
+ description
+ FROM departments
+ ORDER BY description";
+
+$result=DB_query($sql, $db);
+echo '<td><select name="Department">';
+if ((isset($_POST['Department']) AND $_POST['Department']=='0') OR !isset($_POST['Department'])){
+ echo '<option selected="selected" value="0">' . _('Any Internal Department') . '</option>';
+} else {
+ echo '<option value="">' . _('Any Internal Department') . '</option>';
+}
+while ($myrow=DB_fetch_array($result)){
+ if (isset($_POST['Department']) AND $myrow['departmentid'] == $_POST['Department']){
+ echo '<option selected="selected" value="' . $myrow['departmentid'] . '">' . $myrow['description'] . '</option>';
+ } else {
+ echo '<option value="' . $myrow['departmentid'] . '">' . $myrow['description'] . '</option>';
+ }
+}
+echo '</select></td>
+ </tr>';
+
+/* Account status */
+
+echo '<tr>
<td>' . _('Account Status') . ':</td>
<td><select name="Blocked">';
if ($_POST['Blocked']==0){
Modified: trunk/includes/UserLogin.php
===================================================================
--- trunk/includes/UserLogin.php 2012-07-23 06:50:11 UTC (rev 5529)
+++ trunk/includes/UserLogin.php 2012-07-23 08:29:23 UTC (rev 5530)
@@ -66,6 +66,8 @@
$_SESSION['Language'] = $myrow['language'];
$_SESSION['SalesmanLogin'] = $myrow['salesman'];
$_SESSION['CanCreateTender'] = $myrow['cancreatetender'];
+ $_SESSION['AllowedDepartment'] = $myrow['department'];
+
if (isset($myrow['pdflanguage'])) {
$_SESSION['PDFLanguage'] = $myrow['pdflanguage'];
} else {
Modified: trunk/sql/mysql/upgrade4.08-4.09.sql
===================================================================
--- trunk/sql/mysql/upgrade4.08-4.09.sql 2012-07-23 06:50:11 UTC (rev 5529)
+++ trunk/sql/mysql/upgrade4.08-4.09.sql 2012-07-23 08:29:23 UTC (rev 5530)
@@ -17,4 +17,6 @@
INSERT INTO scripts VALUES ('GLJournalInquiry.php','15','General Ledger Journal Inquiry');
INSERT INTO scripts VALUES ('PDFGLJournal.php','15','General Ledger Journal Print');
+ALTER TABLE `www_users` ADD `department` INT( 11 ) NOT NULL DEFAULT '0';
+
UPDATE config SET confvalue='4.08.2' WHERE confname='VersionNumber';
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
