wip #7378 @0.5

diff --git a/framework/application/controllers/AdminajaxController.php b/framework/application/controllers/AdminajaxController.php
index 5f4b7e7277114ac2f345d9dc0a0429671ca3d514..23ffde2c7759831b289c487ce845bc64d0c8b99f 100644 (file)
--- a/framework/application/controllers/AdminajaxController.php
+++ b/framework/application/controllers/AdminajaxController.php
@@ -202,17 +202,18 @@ L\'équipe "De toutes les couleurs"');
 
     public function devisConvertToStoreOrder($id)
     {
+        $r = Bootstrap::getInstance()->getDb()->select()->from('devis')->where('id = ?', $id)->query()->fetch();
+
         $db = $this->getDb();
         $bind['type'] = 'MAG';
         $bind['date_reponse'] = $bind['date_paiement'] = $_POST['date'];
         $bind['methode_paiement'] = $_POST['methode_paiement'];
         $bind['status'] = DTLC_Form_Devis::PAYE;
+        $bind['secret'] = $r->secret ?: md5(rand(100000000, 999999999));
         $db->compliantUpdate('devis', $bind, $db->quoteInto('id = ?', $id));
 
-        $r = Bootstrap::getInstance()->getDb()->select()->from('devis')->where('id = ?', $id)->query()->fetch();
-
         $this->_datas->addClosePopup();
-        $this->_datas->addRedirection('/devis/index/' . $id . '/' . $r->secret);
+        $this->_datas->addRedirection('/devis/index/' . $id . '/' . $bind['secret']);
     }
 
 }

diff --git a/framework/application/forms/Devis.php b/framework/application/forms/Devis.php
index 1d5c215a11fe2ab7fdb9a76316df2f8a01a0519c..a7535adca47f6a71eeb269da6abc3e848507cf3a 100644 (file)
--- a/framework/application/forms/Devis.php
+++ b/framework/application/forms/Devis.php
@@ -160,7 +160,7 @@ class DTLC_Form_Devis extends CubeIT_Form_List
 
     protected function _actionStore($r, $view)
     {
-        if ($r['status'] > 1) {
+        if ($r['status'] != 1) {
             return;
         }
         return $view->linkPopup($view->imageSilk('cart'), '/admin/ajaxpopup/devisConvertToStoreOrder/' . $r['id'], array('title' => 'Convertir en facture magasin'));