lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: rowid is not a business field. Usage to search by users must be a hidden option as makin search on hidden fields will create result that user may not understand.

Browse Source
This commit is contained in:
Laurent Destailleur 2010-08-09 15:17:29 +00:00
parent 4c33ad67e5
commit 694c13812c
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
htdocs/societe/ajaxcompanies.php
View File

@ -52,10 +52,13 @@ if (! empty($_POST['newcompany']) || ! empty($_POST['socid']) || ! empty($_POST[
$sql = "SELECT rowid, nom";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE 1=1";
if ($socid){
$sql.=" AND (rowid LIKE '%" . $socid . "%'";
$sql.=" OR nom LIKE '%" . $socid . "%'";
$sql.=" OR code_fournisseur LIKE '%" . $socid . "%')";
if ($socid)
{
$sql.=" AND (nom LIKE '%" . $socid . "%'";
$sql.=" OR code_client LIKE '%" . $socid . "%'";
$sql.=" OR code_fournisseur LIKE '%" . $socid . "%'";
if ($conf->global->SOCIETE_ALLOW_SEARCH_ON_ROWID) $sql.=" OR rowid = '" . $socid . "'";
$sql.=")";
}
if (! empty($_GET["filter"])) $sql.= " AND ".$_GET["filter"]; // Add other filters
$sql.= " ORDER BY nom ASC";