From: Sven Schöling Date: Wed, 25 Mar 2015 14:05:37 +0000 (+0100) Subject: login nicht aus $::form nehmen. Teil 1 X-Git-Tag: release-3.2.1~27 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=4bd1e2f8b588972f10f92728301feacefd5ee4dd;p=kivitendo-erp.git login nicht aus $::form nehmen. Teil 1 --- diff --git a/SL/AM.pm b/SL/AM.pm index d5c38ae50..7306640b8 100644 --- a/SL/AM.pm +++ b/SL/AM.pm @@ -829,10 +829,10 @@ sub save_preferences { my ($self, $form) = @_; - my $employee = SL::DB::Manager::Employee->find_by(login => $form->{login}); + my $employee = SL::DB::Manager::Employee->find_by(login => $::myconfig{login}); $employee->update_attributes(name => $form->{name}); - my $user = SL::DB::Manager::AuthUser->find_by(login => $form->{login}); + my $user = SL::DB::Manager::AuthUser->find_by(login => $::myconfig{login}); $user->update_attributes( config_values => { %{ $user->config_values }, diff --git a/SL/AP.pm b/SL/AP.pm index 2bce62962..8de1c3ca7 100644 --- a/SL/AP.pm +++ b/SL/AP.pm @@ -126,7 +126,7 @@ sub post_transaction { qq|INSERT INTO ap (id, invnumber, employee_id,currency_id, taxzone_id) | . qq|VALUES (?, ?, (SELECT e.id FROM employee e WHERE e.login = ?), (SELECT id FROM currencies WHERE name = ?), (SELECT taxzone_id FROM vendor WHERE id = ?) )|; - do_query($form, $dbh, $query, $form->{id}, $form->{invnumber}, $form->{login}, $form->{currency}, $form->{vendor_id}); + do_query($form, $dbh, $query, $form->{id}, $form->{invnumber}, $::myconfig{login}, $form->{currency}, $form->{vendor_id}); } diff --git a/SL/AR.pm b/SL/AR.pm index 692967fae..65ab4ce01 100644 --- a/SL/AR.pm +++ b/SL/AR.pm @@ -561,7 +561,7 @@ sub ar_transactions { if (!$main::auth->assert('sales_all_edit', 1)) { # only show own invoices $where .= " AND a.employee_id = (select id from employee where login= ?)"; - push (@values, $form->{login}); + push (@values, $::myconfig{login}); } else { if ($form->{employee_id}) { $where .= " AND a.employee_id = ?"; diff --git a/SL/CT.pm b/SL/CT.pm index ab931c04c..44adb406c 100644 --- a/SL/CT.pm +++ b/SL/CT.pm @@ -180,7 +180,7 @@ sub search { # Gilt nicht für Lieferanten if ($cv eq 'customer' && !$main::auth->assert('customer_vendor_all_edit', 1)) { $where .= qq| AND ct.salesman_id = (select em.id from employee em where em.login = ?)|; - push(@values, $form->{login}); + push(@values, $::myconfig{login}); } my ($cvar_where, @cvar_values) = CVar->build_filter_query('module' => 'CT', diff --git a/SL/Controller/Inventory.pm b/SL/Controller/Inventory.pm index 0a41f0b7d..8e5a445de 100644 --- a/SL/Controller/Inventory.pm +++ b/SL/Controller/Inventory.pm @@ -243,7 +243,7 @@ sub show_no_warehouses_error { my $msg = t8('No warehouse has been created yet or the quantity of the bins is not configured yet.') . ' '; - if ($::auth->check_right($::form->{login}, 'config')) { # TODO wut? + if ($::auth->check_right($::myconfig{login}, 'config')) { # TODO wut? $msg .= t8('You can create warehouses and bins via the menu "System -> Warehouses".'); } else { $msg .= t8('Please ask your administrator to create warehouses and bins.'); diff --git a/SL/DB/Manager/Employee.pm b/SL/DB/Manager/Employee.pm index 410a04af3..796b05654 100644 --- a/SL/DB/Manager/Employee.pm +++ b/SL/DB/Manager/Employee.pm @@ -21,8 +21,8 @@ sub _sort_spec { } sub current { - return undef unless $::form && $::form->{login}; - return shift->find_by(login => $::form->{login}); + return undef unless $::myconfig{login}; + return shift->find_by(login => $::myconfig{login}); } sub update_entries_for_authorized_users { diff --git a/SL/DN.pm b/SL/DN.pm index 39ea64b0e..c9289e46f 100644 --- a/SL/DN.pm +++ b/SL/DN.pm @@ -244,7 +244,7 @@ sub create_invoice_for_fees { $dunning_id, # duedate $curr, # default currency sprintf($main::locale->text('Automatically created invoice for fee and interest for dunning %s'), $dunning_id), # notes - $form->{login}); # employee_id + $::myconfig{login}); # employee_id do_query($form, $dbh, $query, @values); $query = @@ -926,7 +926,7 @@ sub print_invoice_for_fees { map { $form->{$_} = $ref->{$_} } keys %{ $ref }; $query = qq|SELECT * FROM employee WHERE login = ?|; - $ref = selectfirst_hashref_query($form, $dbh, $query, $form->{login}); + $ref = selectfirst_hashref_query($form, $dbh, $query, $::myconfig{login}); map { $form->{"employee_${_}"} = $ref->{$_} } keys %{ $ref }; $query = qq|SELECT * FROM acc_trans WHERE trans_id = ? ORDER BY acc_trans_id ASC|; diff --git a/SL/DO.pm b/SL/DO.pm index 3b6981931..80b1ae352 100644 --- a/SL/DO.pm +++ b/SL/DO.pm @@ -119,7 +119,7 @@ sub transactions { } if (!$main::auth->assert('sales_all_edit', 1)) { push @where, qq|dord.employee_id = (select id from employee where login= ?)|; - push @values, $form->{login}; + push @values, $::myconfig{login}; } foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) { diff --git a/SL/Drafts.pm b/SL/Drafts.pm index bf19e52d3..e5242aa4d 100644 --- a/SL/Drafts.pm +++ b/SL/Drafts.pm @@ -74,7 +74,7 @@ sub save { qq| (SELECT id FROM employee WHERE login = ?) | . qq|WHERE id = ?|; - do_query($form, $dbh, $query, $draft_description, $dumped, $form->{login}, $draft_id); + do_query($form, $dbh, $query, $draft_description, $dumped, $::myconfig{login}, $draft_id); $dbh->commit(); diff --git a/SL/FU.pm b/SL/FU.pm index d87ad8e13..55f58f0e5 100644 --- a/SL/FU.pm +++ b/SL/FU.pm @@ -28,7 +28,7 @@ sub save { $query = qq|INSERT INTO follow_ups (created_by, done, note_id, follow_up_date, created_for_user, id) VALUES ((SELECT id FROM employee WHERE login = ?), ?, ?, ?, ?, ?)|; - push @values, $form->{login}; + push @values, $::myconfig{login}; } else { $query = qq|UPDATE follow_ups SET done = ?, note_id = ?, follow_up_date = ?, created_for_user = ? WHERE id = ?|; @@ -119,7 +119,7 @@ sub retrieve { my $dbh = $form->get_standard_dbh($myconfig); my ($query, @values); - my ($employee_id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $form->{login}); + my ($employee_id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $::myconfig{login}); $query = qq|SELECT fu.*, n.subject, n.body, n.created_by FROM follow_ups fu LEFT JOIN notes n ON (fu.note_id = n.id) @@ -183,7 +183,7 @@ sub follow_ups { my $dbh = $form->get_standard_dbh($myconfig); my ($query, $where, $where_user); - my ($employee_id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $form->{login}); + my ($employee_id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $::myconfig{login}); my @values = (); my @values_user = (); @@ -424,7 +424,7 @@ sub save_access_rights { my $dbh = $form->get_standard_dbh($myconfig); - my ($id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $form->{login}); + my ($id) = selectrow_query($form, $dbh, qq|SELECT id FROM employee WHERE login = ?|, $::myconfig{login}); do_query($form, $dbh, qq|DELETE FROM follow_up_access WHERE what = ?|, $id); @@ -455,7 +455,7 @@ sub retrieve_access_rights { my $dbh = $form->get_standard_dbh($myconfig); - my $sth = prepare_execute_query($form, $dbh, qq|SELECT who FROM follow_up_access WHERE what = (SELECT id FROM employee WHERE login = ?)|, $form->{login}); + my $sth = prepare_execute_query($form, $dbh, qq|SELECT who FROM follow_up_access WHERE what = (SELECT id FROM employee WHERE login = ?)|, $::myconfig{login}); my $access = {}; while (my $ref = $sth->fetchrow_hashref()) { diff --git a/SL/GL.pm b/SL/GL.pm index f97e2b248..016601e01 100644 --- a/SL/GL.pm +++ b/SL/GL.pm @@ -104,7 +104,7 @@ sub post_transaction { $query = qq|INSERT INTO gl (id, employee_id) | . qq|VALUES (?, (SELECT id FROM employee WHERE login = ?))|; - @values = ($form->{id}, $form->{login}); + @values = ($form->{id}, $::myconfig{login}); do_query($form, $dbh, $query, @values); } diff --git a/SL/Menu.pm b/SL/Menu.pm index 19b2d2d16..530a468fc 100644 --- a/SL/Menu.pm +++ b/SL/Menu.pm @@ -147,7 +147,7 @@ sub parse_access_string { push @{$cur_ary}, $token; } else { - push @{$cur_ary}, $auth->check_right($form->{login}, $token, 1); + push @{$cur_ary}, $auth->check_right($::myconfig{login}, $token, 1); } } diff --git a/SL/Notes.pm b/SL/Notes.pm index 3eafb5b9e..38959f429 100644 --- a/SL/Notes.pm +++ b/SL/Notes.pm @@ -23,7 +23,7 @@ sub save { ($params{id}) = selectrow_query($form, $dbh, qq|SELECT nextval('note_id')|); $query = qq|INSERT INTO notes (created_by, trans_id, trans_module, subject, body, id) VALUES ((SELECT id FROM employee WHERE login = ?), ?, ?, ?, ?, ?)|; - push @values, $form->{login}, conv_i($params{trans_id}), $params{trans_module}; + push @values, $::myconfig{login}, conv_i($params{trans_id}), $params{trans_module}; } else { $query = qq|UPDATE notes SET subject = ?, body = ? WHERE id = ?|; diff --git a/SL/OE.pm b/SL/OE.pm index 9944f71cd..35e617576 100644 --- a/SL/OE.pm +++ b/SL/OE.pm @@ -176,7 +176,7 @@ SQL if (!$main::auth->assert('sales_all_edit', 1)) { $query .= " AND o.employee_id = (select id from employee where login= ?)"; - push @values, $form->{login}; + push @values, $::myconfig{login}; } if ($form->{employee_id}) { $query .= " AND o.employee_id = ?"; @@ -325,7 +325,7 @@ sub transactions_for_todo_list { my $dbh = $params{dbh} || $form->get_standard_dbh($myconfig); my $query = qq|SELECT id FROM employee WHERE login = ?|; - my ($e_id) = selectrow_query($form, $dbh, $query, $form->{login}); + my ($e_id) = selectrow_query($form, $dbh, $query, $::myconfig{login}); $query = qq|SELECT oe.id, oe.transdate, oe.reqdate, oe.quonumber, oe.transaction_description, oe.amount, diff --git a/SL/USTVA.pm b/SL/USTVA.pm index d387b5ec4..378f48e88 100644 --- a/SL/USTVA.pm +++ b/SL/USTVA.pm @@ -1030,7 +1030,7 @@ sub get_config { $form->error("Missing Parameter: @_") if !$userspath || !$filename; - $filename = "$form->{login}_$filename"; + $filename = "$::myconfig{login}_$filename"; $filename =~ s|.*/||; $filename = "$userspath/$filename"; open my $FACONF, "<", $filename or do {# Annon Sub diff --git a/SL/VK.pm b/SL/VK.pm index 6d7df707a..f20414c7f 100644 --- a/SL/VK.pm +++ b/SL/VK.pm @@ -72,7 +72,7 @@ sub invoice_transactions { # limits by employees (Bearbeiter), not salesmen! if (!$main::auth->assert('sales_all_edit', 1)) { $where .= " AND ar.employee_id = (select id from employee where login= ?)"; - push (@values, $form->{login}); + push (@values, $::myconfig{login}); } # Stornierte Rechnungen und Stornorechnungen in invoice rausfiltern diff --git a/SL/WH.pm b/SL/WH.pm index 929560038..22f4a4195 100644 --- a/SL/WH.pm +++ b/SL/WH.pm @@ -59,7 +59,7 @@ sub transfer { require SL::DB::Employee; require SL::DB::Inventory; - my $employee = SL::DB::Manager::Employee->find_by(login => $::form->{login}); + my $employee = SL::DB::Manager::Employee->find_by(login => $::myconfig{login}); my ($now) = selectrow_query($::form, $::form->get_standard_dbh, qq|SELECT current_date|); my @directions = (undef, qw(out in transfer)); diff --git a/bin/mozilla/am.pl b/bin/mozilla/am.pl index a52677f95..56c48f3a9 100644 --- a/bin/mozilla/am.pl +++ b/bin/mozilla/am.pl @@ -885,9 +885,9 @@ sub config { $myconfig{show_form_details} = 1 unless (defined($myconfig{show_form_details})); $form->{CAN_CHANGE_PASSWORD} = $main::auth->can_change_password(); - $form->{todo_cfg} = { TODO->get_user_config('login' => $form->{login}) }; + $form->{todo_cfg} = { TODO->get_user_config('login' => $::myconfig{login}) }; - $form->{title} = $locale->text('Edit Preferences for #1', $form->{login}); + $form->{title} = $locale->text('Edit Preferences for #1', $::myconfig{login}); $form->header(); @@ -907,7 +907,7 @@ sub save_preferences { $form->{stylesheet} = $form->{usestylesheet}; - TODO->save_user_config('login' => $form->{login}, %{ $form->{todo_cfg} || { } }); + TODO->save_user_config('login' => $::myconfig{login}, %{ $form->{todo_cfg} || { } }); if (AM->save_preferences($form)) { if ($::auth->can_change_password() @@ -920,7 +920,7 @@ sub save_preferences { $form->error($::locale->text('The settings were saved, but the password was not changed.') . ' ' . join(' ', $verifier->errors($result))); } - $::auth->change_password($form->{login}, $form->{new_password}); + $::auth->change_password($::myconfig{login}, $form->{new_password}); } $form->redirect($locale->text('Preferences saved!')); diff --git a/bin/mozilla/arap.pl b/bin/mozilla/arap.pl index 67b1c4871..2a034d8ba 100644 --- a/bin/mozilla/arap.pl +++ b/bin/mozilla/arap.pl @@ -36,8 +36,8 @@ use strict; if (-f "bin/mozilla/custom_arap.pl") { eval { require "bin/mozilla/custom_arap.pl"; }; } -if (-f "bin/mozilla/$main::form->{login}_arap.pl") { - eval { require "bin/mozilla/$main::form->{login}_arap.pl"; }; +if (-f "bin/mozilla/$::myconfig{login}_arap.pl") { + eval { require "bin/mozilla/$::myconfig{login}_arap.pl"; }; } 1; diff --git a/bin/mozilla/fu.pl b/bin/mozilla/fu.pl index e49c8ac3d..5cd6a0745 100644 --- a/bin/mozilla/fu.pl +++ b/bin/mozilla/fu.pl @@ -364,7 +364,7 @@ sub report_for_todo_list { my %params = ( 'due_only' => 1, 'not_done' => 1, - 'created_for_login' => $form->{login}, + 'created_for_login' => $::myconfig{login}, ); my $follow_ups = FU->follow_ups(%params); diff --git a/bin/mozilla/ic.pl b/bin/mozilla/ic.pl index 906693126..0c1ab688d 100644 --- a/bin/mozilla/ic.pl +++ b/bin/mozilla/ic.pl @@ -1641,7 +1641,7 @@ sub form_header { # payment_terms => $form->{payment_terms}, # all_partsgroup => $form->{all_partsgroup}}); - $form->{show_edit_buttons} = $main::auth->check_right($form->{login}, 'part_service_assembly_edit'); + $form->{show_edit_buttons} = $main::auth->check_right($::myconfig{login}, 'part_service_assembly_edit'); print $form->parse_html_template('ic/form_header'); $lxdebug->leave_sub(); diff --git a/bin/mozilla/invoice_io.pl b/bin/mozilla/invoice_io.pl index a1098020d..a4e50ff0c 100644 --- a/bin/mozilla/invoice_io.pl +++ b/bin/mozilla/invoice_io.pl @@ -48,8 +48,8 @@ use strict; if (-f "bin/mozilla/custom_invoice_io.pl") { eval { require "bin/mozilla/custom_invoice_io.pl"; }; } -if (-f "bin/mozilla/$main::form->{login}_invoice_io.pl") { - eval { require "bin/mozilla/$main::form->{login}_invoice_io.pl"; }; +if (-f "bin/mozilla/$::myconfig{login}_invoice_io.pl") { + eval { require "bin/mozilla/$::myconfig{login}_invoice_io.pl"; }; } 1; diff --git a/bin/mozilla/io.pl b/bin/mozilla/io.pl index b2b6979d4..6ae6cd0d6 100644 --- a/bin/mozilla/io.pl +++ b/bin/mozilla/io.pl @@ -65,8 +65,8 @@ use strict; if (-f "bin/mozilla/custom_io.pl") { eval { require "bin/mozilla/custom_io.pl"; }; } -if (-f "bin/mozilla/$::form->{login}_io.pl") { - eval { require "bin/mozilla/$::form->{login}_io.pl"; }; +if (-f "bin/mozilla/$::myconfig{login}_io.pl") { + eval { require "bin/mozilla/$::myconfig{login}_io.pl"; }; } 1; diff --git a/bin/mozilla/login.pl b/bin/mozilla/login.pl index 25379dd7a..553909355 100644 --- a/bin/mozilla/login.pl +++ b/bin/mozilla/login.pl @@ -44,7 +44,7 @@ sub company_logo { $main::lxdebug->enter_sub(); my %myconfig = %main::myconfig; - $form->{todo_list} = create_todo_list('login_screen' => 1) if (!$form->{no_todo_list}) and ($main::auth->check_right($form->{login}, 'productivity')); + $form->{todo_list} = create_todo_list('login_screen' => 1) if (!$form->{no_todo_list}) and ($main::auth->check_right($::myconfig{login}, 'productivity')); $form->{stylesheet} = $myconfig{stylesheet}; $form->{title} = $::locale->text('kivitendo'); diff --git a/bin/mozilla/sepa.pl b/bin/mozilla/sepa.pl index 94e062050..c9db0713e 100755 --- a/bin/mozilla/sepa.pl +++ b/bin/mozilla/sepa.pl @@ -154,7 +154,7 @@ sub bank_transfer_create { $bank_transfer->{chart_id} = $bank_account->{chart_id}; } - my $id = SL::SEPA->create_export('employee' => $form->{login}, + my $id = SL::SEPA->create_export('employee' => $::myconfig{login}, 'bank_transfers' => \@bank_transfers, 'vc' => $vc); diff --git a/bin/mozilla/todo.pl b/bin/mozilla/todo.pl index 9e5ce0197..3589d7a88 100644 --- a/bin/mozilla/todo.pl +++ b/bin/mozilla/todo.pl @@ -41,7 +41,7 @@ sub create_todo_list { my %params = @_; my $postfix = $params{login_screen} ? '_login' : ''; - my %todo_cfg = TODO->get_user_config('login' => $form->{login}); + my %todo_cfg = TODO->get_user_config('login' => $::myconfig{login}); if ($params{login_screen} && !$todo_cfg{show_after_login}) { $main::lxdebug->leave_sub(); diff --git a/bin/mozilla/ustva.pl b/bin/mozilla/ustva.pl index 435117ed3..f786d4bfd 100644 --- a/bin/mozilla/ustva.pl +++ b/bin/mozilla/ustva.pl @@ -1168,7 +1168,7 @@ sub save { $::auth->assert('advance_turnover_tax_return'); - my $filename = "$::form->{login}_$::form->{filename}"; + my $filename = "$::myconfig{login}_$::form->{filename}"; $filename =~ s|.*/||; #zuerst die steuernummer aus den part, parts_X_Y und delimiter herstellen diff --git a/bin/mozilla/wh.pl b/bin/mozilla/wh.pl index c3aa1f03a..fbc645e65 100644 --- a/bin/mozilla/wh.pl +++ b/bin/mozilla/wh.pl @@ -455,7 +455,7 @@ sub create_assembly { # Anm. jb 18.3. vielleicht auch nur meine unwissenheit in perl-datenstrukturen my %TRANSFER = ( 'transfer_type' => 'assembly', - 'login' => $form->{login}, + 'login' => $::myconfig{login}, 'dst_warehouse_id' => $form->{warehouse_id}, 'dst_bin_id' => $form->{bin_id}, 'chargenumber' => $form->{chargenumber}, @@ -972,7 +972,7 @@ sub show_no_warehouses_error { my $msg = $locale->text('No warehouse has been created yet or the quantity of the bins is not configured yet.') . ' '; - if ($main::auth->check_right($form->{login}, 'config')) { + if ($main::auth->check_right($::myconfig{login}, 'config')) { $msg .= $locale->text('You can create warehouses and bins via the menu "System -> Warehouses".'); } else { $msg .= $locale->text('Please ask your administrator to create warehouses and bins.');