lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Code comment

Browse Source
This commit is contained in:
Laurent Destailleur 2018-06-20 21:24:57 +02:00
parent a73296e212
commit 90b2314d98
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/projet/list.php
View File

@ -297,7 +297,7 @@ $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status as cls on p.fk_opp_status = c
// We'll need this table joined to the select in order to filter by categ
if (! empty($search_categ)) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_project as cs ON p.rowid = cs.fk_project"; // We'll need this table joined to the select in order to filter by categ
// We'll need this table joined to the select in order to filter by sale
// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
// No check is done on company permission because readability is managed by public status of project and assignement.
//if ($search_sale > 0 || (! $user->rights->societe->client->voir && ! $socid)) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
if ($search_sale > 0) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
if ($search_project_user > 0)
@ -307,7 +307,7 @@ if ($search_project_user > 0)
$sql.= " WHERE p.entity IN (".getEntity('project').')';
if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users
// No need to check if company is external user, as filtering of projects must be done by getProjectsAuthorizedForUser
if ($socid > 0) $sql.= " AND (p.fk_soc = ".$socid.")";
if ($socid > 0) $sql.= " AND (p.fk_soc = ".$socid.")"; // This filter if when we use a hard coded filter on company on url (not related to filter for external users)
if ($search_categ > 0) $sql.= " AND cs.fk_categorie = ".$db->escape($search_categ);
if ($search_categ == -2) $sql.= " AND cs.fk_categorie IS NULL";
if ($search_ref) $sql .= natural_search('p.ref', $search_ref);
@ -355,8 +355,10 @@ if ($search_opp_status)
if ($search_opp_status == 'none') $sql .= " AND p.fk_opp_status IS NULL";
}
if ($search_public!='') $sql .= " AND p.public = ".$db->escape($search_public);
if ($search_sale > 0) $sql.= " AND sc.fk_user = " .$search_sale;
// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
//if ($socid > 0) $sql.= " AND s.rowid = ".$socid;
if ($search_sale > 0) $sql.= " AND sc.fk_user = " .$search_sale;
// No check is done on company permission because readability is managed by public status of project and assignement.
//if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
if ($search_project_user > 0) $sql.= " AND ecp.fk_c_type_contact IN (".join(',',array_keys($listofprojectcontacttype)).") AND ecp.element_id = p.rowid AND ecp.fk_socpeople = ".$search_project_user;
if ($search_opp_amount != '') $sql .= natural_search('p.opp_amount', $search_opp_amount, 1);