0.2.0: securité (json_encode) + petite améliorations
This commit is contained in:
parent
1b7017a2ee
commit
e41129b0b7
@ -2,7 +2,7 @@ nom="Facturation"
|
||||
description="Permet d'éditer des factures et devis à ses membres et à une base de clients supplémentaire."
|
||||
auteur="zou"
|
||||
url="https://gitlab.com/ramoloss/garradin-plugin-facturation/"
|
||||
version="0.1.0"
|
||||
version="0.2.0"
|
||||
menu=1
|
||||
config=1
|
||||
min_version="0.9.2"
|
@ -55,39 +55,33 @@ class Facture
|
||||
throw new UserException("$k est de valeur non-attendue ($data).");
|
||||
}
|
||||
break;
|
||||
case 'receveur_id':
|
||||
if (!is_numeric($datas[$k]) || $datas[$k] < 0 )
|
||||
{
|
||||
case 'receveur_id':
|
||||
if (!is_numeric($datas[$k]) || $datas[$k] < 0) {
|
||||
throw new UserException("L'id du receveur est non-attendu ($data).");
|
||||
}
|
||||
break;
|
||||
case 'date_emission':
|
||||
if (!strtotime($datas[$k]))
|
||||
{
|
||||
case 'date_emission':
|
||||
if (!strtotime($datas[$k])) {
|
||||
throw new UserException("La date d'émission est non-attendue ($data).");
|
||||
}
|
||||
break;
|
||||
case 'date_echeance':
|
||||
if (!strtotime($datas[$k]))
|
||||
{
|
||||
case 'date_echeance':
|
||||
if (!strtotime($datas[$k])) {
|
||||
throw new UserException("La date d'émission est non-attendue ($data).");
|
||||
}
|
||||
if (isset($datas['date_emission']) && (strtotime($datas[$k]) <= strtotime($datas['date_emission']) ) )
|
||||
{
|
||||
if (isset($datas['date_emission']) && (strtotime($datas[$k]) <= strtotime($datas['date_emission']))) {
|
||||
throw new UserException("La date d'échéance est antérieure ou égale à la date d'émission ($data).");
|
||||
}
|
||||
break;
|
||||
case 'moyen_paiement':
|
||||
case 'moyen_paiement':
|
||||
$cats = new \Garradin\Compta\Categories;
|
||||
if(!array_key_exists($datas[$k], $cats->listMoyensPaiement()))
|
||||
{
|
||||
if (!array_key_exists($datas[$k], $cats->listMoyensPaiement())) {
|
||||
throw new UserException("Le moyen de paiement ne correspond pas à la liste interne ($data).");
|
||||
}
|
||||
unset($cats);
|
||||
break;
|
||||
case 'contenu':
|
||||
if(!is_array($datas[$k]) || empty($datas[$k]))
|
||||
{
|
||||
case 'contenu':
|
||||
if (!is_array($datas[$k]) || empty($datas[$k])) {
|
||||
throw new UserException("Le contenu du document est vide ($data).");
|
||||
}
|
||||
$total = 0;
|
||||
@ -108,11 +102,10 @@ case 'contenu':
|
||||
{
|
||||
throw new UserException("Toutes les désignations/prix sont vides.");
|
||||
}
|
||||
$datas[$k] = serialize($datas[$k]);
|
||||
$datas[$k] = json_encode($datas[$k]);
|
||||
break;
|
||||
case 'total':
|
||||
if(!isset($datas['contenu']))
|
||||
{
|
||||
case 'total':
|
||||
if (!isset($datas['contenu'])) {
|
||||
throw new UserException("Pas de contenu fourni pour vérifier le total.");
|
||||
}
|
||||
if ($total != $datas[$k])
|
||||
@ -151,7 +144,7 @@ case 'total':
|
||||
throw new UserException("Pas de facture retournée avec cet id.");
|
||||
}
|
||||
|
||||
$r->contenu = unserialize($r->contenu);
|
||||
$r->contenu = json_decode($r->contenu, true);
|
||||
|
||||
return $r;
|
||||
}
|
||||
@ -164,7 +157,7 @@ case 'total':
|
||||
|
||||
foreach ($r as $e)
|
||||
{
|
||||
$e->contenu = unserialize((string)$e->contenu);
|
||||
$e->contenu = json_decode((string)$e->contenu, true);
|
||||
}
|
||||
|
||||
return $r;
|
||||
@ -206,7 +199,7 @@ case 'total':
|
||||
|
||||
foreach ($r as $e)
|
||||
{
|
||||
$e->contenu = unserialize((string)$e->contenu);
|
||||
$e->contenu = json_decode((string)$e->contenu, true);
|
||||
}
|
||||
|
||||
return empty($r)?false:$r;
|
||||
|
@ -52,17 +52,17 @@
|
||||
<legend>Ajouter un client</legend>
|
||||
<dl>
|
||||
<dt><label for="f_nom">Nom</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="nom" name="nom" id="f_nom"/></dd>
|
||||
<dd><input type="nom" name="nom" id="f_nom" value="{form_field name="nom"}"/></dd>
|
||||
<dt><label for="f_adresse">Adresse</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="text" name="adresse" id="f_adresse"/></dd>
|
||||
<dd><input type="text" name="adresse" id="f_adresse" value="{form_field name="adresse"}"/></dd>
|
||||
<dt><label for="f_cp">Code postal</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="text" name="code_postal" id="f_cp"/></dd>
|
||||
<dd><input type="text" name="code_postal" id="f_cp" value="{form_field name="code_postal"}"/></dd>
|
||||
<dt><label for="f_ville">Ville</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="text" name="ville" id="f_ville"/></dd>
|
||||
<dd><input type="text" name="ville" id="f_ville" value="{form_field name="ville"}"/></dd>
|
||||
<dt><label for="f_tel">Téléphone</label></dt>
|
||||
<dd><input type="text" name="telephone" id="f_tel"/></dd>
|
||||
<dd><input type="text" name="telephone" id="f_tel" value="{form_field name="telephone"}"/></dd>
|
||||
<dt><label for="f_email">Adresse mail</label></dt>
|
||||
<dd><input type="text" name="email" id="f_email"/></dd>
|
||||
<dd><input type="text" name="email" id="f_email" value="{form_field name="email"}"/></dd>
|
||||
</dl>
|
||||
</fieldset>
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
|
||||
<form method="post" action="{$self_url}">
|
||||
<ul class="actions">
|
||||
<li><input type="radio" name="type" value="facture" {form_field name=type checked=facture default=facture} id="f_type_facture"{if $type !== "devis"} checked="checked"{/if}/><label for="f_type_facture">Facture</label></li>
|
||||
<li><input type="radio" name="type" value="devis" {form_field name=type checked=devis} id="f_type_devis" /><label for="f_type_devis"{if $type == "devis"} checked="checked"{/if}>Devis</label></li>
|
||||
<li><input type="radio" name="type" value="facture" {form_field name=type checked=facture default=facture} id="f_type_facture"/><label for="f_type_facture">Facture</label></li>
|
||||
<li><input type="radio" name="type" value="devis" {form_field name=type checked=devis} id="f_type_devis" /><label for="f_type_devis">Devis</label></li>
|
||||
</ul>
|
||||
|
||||
<fieldset>
|
||||
@ -25,18 +25,18 @@
|
||||
<dd><input type="radio" name="type" value="devis" {form_field name=type checked=devis} id="f_type_devis" /><label for="f_type_devis"> Devis</label></dt> *}
|
||||
|
||||
<dt><label for="f_numero_facture">Numéro facture</label> <b title="(Champ obligatoire et unique)">obligatoire et unique</b></dt>
|
||||
<dd><input type="numero" name="numero_facture" maxlength="12" id="f_numero_facture" value="{$numero_facture}"/></dd>
|
||||
<dd><input type="numero" name="numero_facture" maxlength="12" id="f_numero_facture" value="{form_field name=numero_facture}"/></dd>
|
||||
<p> Chaque facture doit comporter un numéro unique délivré chronologiquement et de façon continue.<br>Il faut que le système adopté par l'association garantisse que deux factures émises la même année ne peuvent pas porter le même numéro. </p>
|
||||
<br>
|
||||
|
||||
<dt><label for="f_date_emission">Date d'émission</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="date" name="date_emission" id="f_date_emission" size="10" required="required" value="{$date_emission}"/></dd>
|
||||
<dd><input type="date" name="date_emission" id="f_date_emission" size="10" required="required" value="{form_field name=date_emission}"/></dd>
|
||||
|
||||
<dt><label for="f_date_echeance">Date d'échéance</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
<dd><input type="date" name="date_echeance" id="f_date_echeance" size="10" required="required" value="{$date_echeance}"/></dd>
|
||||
<dd><input type="date" name="date_echeance" id="f_date_echeance" size="10" required="required" value="{form_field name=date_echeance}"/></dd>
|
||||
|
||||
<dt><label for="f_reglee">Réglée</label></dt>
|
||||
<dd><input type="checkbox" name="reglee" id="f_reglee"{if $reglee == "on"} checked="checked"{/if}></dd>
|
||||
<dd><input type="checkbox" name="reglee" id="f_reglee" {form_field name=reglee checked=on default=off}></dd>
|
||||
|
||||
<dt><label for="f_archivee">Archivée</label></dt>
|
||||
<dd><input type="checkbox" name="archivee" id="f_archivee" disabled></dd>
|
||||
@ -50,8 +50,8 @@
|
||||
<dl>
|
||||
<dt><label>Facture adressée à un·e :</label></dt>
|
||||
<dd>
|
||||
<input type="radio" name="base_receveur" value="membre" id="f_base_membre"{if $base_receveur == "membre"} checked="checked"{/if}/><label for="f_base_membre"> Membre</label>
|
||||
<input type="radio" name="base_receveur" value="client" id="f_base_client" {if $base_receveur !== "membre"} checked="checked"{/if}/><label for="f_base_client"> Client·e</label>
|
||||
<input type="radio" name="base_receveur" value="membre" id="f_base_membre" {form_field name=base_receveur checked=membre}/><label for="f_base_membre"> Membre</label>
|
||||
<input type="radio" name="base_receveur" value="client" id="f_base_client" {form_field name=base_receveur checked=client default=client}/><label for="f_base_client"> Client·e</label>
|
||||
</dd>
|
||||
|
||||
<dt><label>Client</label> <b title="(Champ obligatoire)">obligatoire</b></dt>
|
||||
|
@ -3,4 +3,4 @@ namespace Garradin;
|
||||
|
||||
$db = DB::getInstance();
|
||||
|
||||
$db->exec(file_get_contents(dirname(__FILE__) . "/data/schema_remove.sql"));
|
||||
$db->import(dirname(__FILE__) . "/data/schema_remove.sql");
|
||||
|
27
upgrade.php
27
upgrade.php
@ -2,7 +2,26 @@
|
||||
|
||||
namespace Garradin;
|
||||
|
||||
$db = DB::getInstance(true);
|
||||
$db->exec('BEGIN;');
|
||||
$db->exec(file_get_contents(dirname(__FILE__) . "/data/schema.sql"));
|
||||
$db->exec('END;');
|
||||
$db = DB::getInstance();
|
||||
$db->import(dirname(__FILE__) . "/data/schema.sql");
|
||||
|
||||
# plugins_facturations_factures
|
||||
# foreach(facture )
|
||||
# $tmp = unserialize(désignations)
|
||||
# $designation = json_encode($tmp)
|
||||
|
||||
|
||||
|
||||
// $r = (array) DB::getInstance()->get('SELECT *, strftime(\'%s\', date_emission) AS date_emission,
|
||||
// strftime(\'%s\', date_echeance) AS date_echeance
|
||||
// FROM plugin_facturation_factures');
|
||||
|
||||
$r = (array) DB::getInstance()->get('SELECT * FROM plugin_facturation_factures');
|
||||
|
||||
foreach ($r as $e) {
|
||||
$e->contenu =json_encode(unserialize((string) $e->contenu));
|
||||
$db->update('plugin_facturation_factures', $e, $db->where('id', (int)$e->id));
|
||||
}
|
||||
|
||||
// var_dump($db->update('plugin_facturation_factures', $r));
|
||||
|
||||
|
@ -91,14 +91,9 @@ if (f('add'))
|
||||
}
|
||||
|
||||
|
||||
$tpl->assign('type', f('type') ?: '');
|
||||
$tpl->assign('numero_facture', f('numero_facture') ?: '');
|
||||
$tpl->assign('date_emission', f('date_emission') ?: '');
|
||||
$tpl->assign('date_echeance', f('date_echeance') ?: '');
|
||||
$tpl->assign('reglee', f('reglee') ?: 'off');
|
||||
$tpl->assign('base_receveur', f('base_receveur') ?: '');
|
||||
$tpl->assign('client_id', f('client') ?: -1);
|
||||
$tpl->assign('membre_id', f('membre') ?: -1);
|
||||
|
||||
$designations = [];
|
||||
$prix = [];
|
||||
if (($d = f('designation')) && ($p = f('prix')))
|
||||
|
Loading…
Reference in New Issue
Block a user