From 20cec3ca87e7f8bcda761e8912811b454533787b Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Sun, 6 Mar 2005 17:16:54 +0000
Subject: [PATCH] =?UTF-8?q?Fix:=20On=20g=E8re=20par=202=20requetes=20pluto?=
 =?UTF-8?q?t=20qu'avec=20un=20UNION=20non=20disponible=20sur=20MySQL=203.2?=
 =?UTF-8?q?3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/user.class.php | 39 +++++++++++++++++++++++++++++++++++----
 1 file changed, 35 insertions(+), 4 deletions(-)

diff --git a/htdocs/user.class.php b/htdocs/user.class.php
index 1bc00813494..fcbcb3732ee 100644
--- a/htdocs/user.class.php
+++ b/htdocs/user.class.php
@@ -318,13 +318,43 @@ class User
         }
         
         // Récupération des droits utilisateurs + récupération des droits groupes
+
+        // D'abord les droits utilisateurs
         $sql = "SELECT r.module, r.perms, r.subperms";
         $sql .= " FROM ".MAIN_DB_PREFIX."user_rights as ur, ".MAIN_DB_PREFIX."rights_def as r";
-        $sql .= " WHERE r.id = ur.fk_id AND ur.fk_user= $this->id AND r.perms IS NOT NULL";
-        $sql .= " UNION ALL";
-        $sql .= " SELECT r.module, r.perms, r.subperms";
+        $sql .= " WHERE r.id = ur.fk_id AND ur.fk_user= ".$this->id." AND r.perms IS NOT NULL";
+
+        $result = $this->db->query($sql);
+        if ($result)
+        {
+            $num = $this->db->num_rows($result);
+            $i = 0;
+            while ($i < $num)
+            {
+                $row = $this->db->fetch_row($result);
+        
+                if (strlen($row[1]) > 0)
+                {
+        
+                    if (strlen($row[2]) > 0)
+                    {
+                        $this->rights->$row[0]->$row[1]->$row[2] = 1;
+                    }
+                    else
+                    {
+                        $this->rights->$row[0]->$row[1] = 1;
+                    }
+        
+                }
+                $i++;
+            }
+           $this->db->free($result);
+        }
+        
+        // Maintenant les droits groupes
+        $sql  = " SELECT r.module, r.perms, r.subperms";
         $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr, ".MAIN_DB_PREFIX."usergroup_user as gu, ".MAIN_DB_PREFIX."rights_def as r";
-        $sql .= " WHERE r.id = gr.fk_id AND gr.fk_usergroup = gu.fk_usergroup AND gu.fk_user= $this->id AND r.perms IS NOT NULL";
+        $sql .= " WHERE r.id = gr.fk_id AND gr.fk_usergroup = gu.fk_usergroup AND gu.fk_user = ".$this->id." AND r.perms IS NOT NULL";
         
         $result = $this->db->query($sql);
         if ($result)
@@ -350,6 +380,7 @@ class User
                 }
                 $i++;
             }
+           $this->db->free($result);
         }
         
         if ($module == '')