lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NEW add modifications for new function "$db->prefix()"

Browse Source
This commit is contained in:
Regis Houssin 2022-01-21 16:57:57 +01:00
parent 9276224422
commit a3a856d0be
2 changed files with 59 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/class/conf.class.php
View File

@ -258,7 +258,7 @@ class Conf
// Define all global constants into $this->global->key=value
$sql = "SELECT ".$db->decrypt('name')." as name,";
$sql .= " ".$db->decrypt('value')." as value, entity";
$sql .= " FROM ".MAIN_DB_PREFIX."const";
$sql .= " FROM ".$db->prefix()."const";
$sql .= " WHERE entity IN (0,".$this->entity.")";
$sql .= " ORDER BY entity"; // This is to have entity 0 first, then entity 1 that overwrite.

116
htdocs/user/class/user.class.php
View File

@ -439,9 +439,9 @@ class User extends CommonObject
$sql .= " u.default_range, u.default_c_exp_tax_cat,"; // Expense report default mode
$sql .= " c.code as country_code, c.label as country,";
$sql .= " d.code_departement as state_code, d.nom as state";
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON u.fk_country = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d ON u.fk_state = d.rowid";
$sql .= " FROM ".$this->db->prefix()."user as u";
$sql .= " LEFT JOIN ".$this->db->prefix()."c_country as c ON u.fk_country = c.rowid";
$sql .= " LEFT JOIN ".$this->db->prefix()."c_departements as d ON u.fk_state = d.rowid";
if ($entity < 0) {
if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty($user->entity))) {
@ -584,7 +584,7 @@ class User extends CommonObject
// To get back the global configuration unique to the user
if ($loadpersonalconf) {
// Load user->conf for user
$sql = "SELECT param, value FROM ".MAIN_DB_PREFIX."user_param";
$sql = "SELECT param, value FROM ".$this->db->prefix()."user_param";
$sql .= " WHERE fk_user = ".((int) $this->id);
$sql .= " AND entity = ".((int) $conf->entity);
//dol_syslog(get_class($this).'::fetch load personalized conf', LOG_DEBUG);
@ -801,7 +801,7 @@ class User extends CommonObject
// If we ask to add a given permission, we first load properties of this permission (module, perms and subperms).
$sql = "SELECT module, perms, subperms";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql .= " FROM ".$this->db->prefix()."rights_def";
$sql .= " WHERE id = ".((int) $rid);
$sql .= " AND entity = ".((int) $entity);
@ -847,7 +847,7 @@ class User extends CommonObject
if (!empty($whereforadd)) {
//print "$module-$perms-$subperms";
$sql = "SELECT id";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql .= " FROM ".$this->db->prefix()."rights_def";
$sql .= " WHERE entity = ".((int) $entity);
if (!empty($whereforadd) && $whereforadd != 'allmodules') {
$sql .= " AND (".$whereforadd.")"; // Note: parenthesis are important because whereforadd can contains OR. Also note that $whereforadd is already sanitized
@ -861,11 +861,11 @@ class User extends CommonObject
$obj = $this->db->fetch_object($result);
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".((int) $this->id)." AND fk_id = ".((int) $nid)." AND entity = ".((int) $entity);
$sql = "DELETE FROM ".$this->db->prefix()."user_rights WHERE fk_user = ".((int) $this->id)." AND fk_id = ".((int) $nid)." AND entity = ".((int) $entity);
if (!$this->db->query($sql)) {
$error++;
}
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (entity, fk_user, fk_id) VALUES (".((int) $entity).", ".((int) $this->id).", ".((int) $nid).")";
$sql = "INSERT INTO ".$this->db->prefix()."user_rights (entity, fk_user, fk_id) VALUES (".((int) $entity).", ".((int) $this->id).", ".((int) $nid).")";
if (!$this->db->query($sql)) {
$error++;
}
@ -927,7 +927,7 @@ class User extends CommonObject
// Si on a demande supression d'un droit en particulier, on recupere
// les caracteristiques module, perms et subperms de ce droit.
$sql = "SELECT module, perms, subperms";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql .= " FROM ".$this->db->prefix()."rights_def";
$sql .= " WHERE id = '".$this->db->escape($rid)."'";
$sql .= " AND entity = ".((int) $entity);
@ -973,7 +973,7 @@ class User extends CommonObject
if (!empty($wherefordel)) {
//print "$module-$perms-$subperms";
$sql = "SELECT id";
$sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql .= " FROM ".$this->db->prefix()."rights_def";
$sql .= " WHERE entity = ".((int) $entity);
if (!empty($wherefordel) && $wherefordel != 'allmodules') {
$sql .= " AND (".$wherefordel.")"; // Note: parenthesis are important because wherefordel can contains OR. Also note that $wherefordel is already sanitized
@ -995,7 +995,7 @@ class User extends CommonObject
$obj = $this->db->fetch_object($result);
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights";
$sql = "DELETE FROM ".$this->db->prefix()."user_rights";
$sql .= " WHERE fk_user = ".((int) $this->id)." AND fk_id = ".((int) $nid);
$sql .= " AND entity = ".((int) $entity);
if (!$this->db->query($sql)) {
@ -1076,8 +1076,8 @@ class User extends CommonObject
// First user permissions
$sql = "SELECT DISTINCT r.module, r.perms, r.subperms";
$sql .= " FROM ".MAIN_DB_PREFIX."user_rights as ur,";
$sql .= " ".MAIN_DB_PREFIX."rights_def as r";
$sql .= " FROM ".$this->db->prefix()."user_rights as ur,";
$sql .= " ".$this->db->prefix()."rights_def as r";
$sql .= " WHERE r.id = ur.fk_id";
if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) {
// on old version, we use entity defined into table r only
@ -1138,9 +1138,9 @@ class User extends CommonObject
// Now permissions of groups
$sql = "SELECT DISTINCT r.module, r.perms, r.subperms";
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,";
$sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu,";
$sql .= " ".MAIN_DB_PREFIX."rights_def as r";
$sql .= " FROM ".$this->db->prefix()."usergroup_rights as gr,";
$sql .= " ".$this->db->prefix()."usergroup_user as gu,";
$sql .= " ".$this->db->prefix()."rights_def as r";
$sql .= " WHERE r.id = gr.fk_id";
if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) {
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
@ -1243,7 +1243,7 @@ class User extends CommonObject
$this->db->begin();
// Save in database
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET statut = ".((int) $status);
$sql .= " WHERE rowid = ".((int) $this->id);
$result = $this->db->query($sql);
@ -1304,7 +1304,7 @@ class User extends CommonObject
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
// Remove rights
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".((int) $this->id);
$sql = "DELETE FROM ".$this->db->prefix()."user_rights WHERE fk_user = ".((int) $this->id);
if (!$error && !$this->db->query($sql)) {
$error++;
@ -1312,14 +1312,14 @@ class User extends CommonObject
}
// Remove group
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user WHERE fk_user = ".((int) $this->id);
$sql = "DELETE FROM ".$this->db->prefix()."usergroup_user WHERE fk_user = ".((int) $this->id);
if (!$error && !$this->db->query($sql)) {
$error++;
$this->error = $this->db->lasterror();
}
// Remove params
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param WHERE fk_user = ".((int) $this->id);
$sql = "DELETE FROM ".$this->db->prefix()."user_param WHERE fk_user = ".((int) $this->id);
if (!$error && !$this->db->query($sql)) {
$error++;
$this->error = $this->db->lasterror();
@ -1327,7 +1327,7 @@ class User extends CommonObject
// If contact, remove link
if ($this->contact_id > 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET fk_user_creat = null WHERE rowid = ".((int) $this->contact_id);
$sql = "UPDATE ".$this->db->prefix()."socpeople SET fk_user_creat = null WHERE rowid = ".((int) $this->contact_id);
if (!$error && !$this->db->query($sql)) {
$error++;
$this->error = $this->db->lasterror();
@ -1345,7 +1345,7 @@ class User extends CommonObject
// Remove user
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user WHERE rowid = ".((int) $this->id);
$sql = "DELETE FROM ".$this->db->prefix()."user WHERE rowid = ".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
if (!$this->db->query($sql)) {
$error++;
@ -1417,7 +1417,7 @@ class User extends CommonObject
// Check if login already exists in same entity or into entity 0.
if ($this->login) {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".$this->db->prefix()."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);
@ -1432,7 +1432,7 @@ class User extends CommonObject
}
}
if ($this->email !== '') {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".$this->db->prefix()."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);
@ -1448,13 +1448,13 @@ class User extends CommonObject
}
// Insert into database
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user (datec, login, ldap_sid, entity)";
$sql = "INSERT INTO ".$this->db->prefix()."user (datec, login, ldap_sid, entity)";
$sql .= " VALUES('".$this->db->idate($this->datec)."', '".$this->db->escape($this->login)."', '".$this->db->escape($this->ldap_sid)."', ".((int) $this->entity).")";
$result = $this->db->query($sql);
dol_syslog(get_class($this)."::create", LOG_DEBUG);
if ($result) {
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."user");
$this->id = $this->db->last_insert_id($this->db->prefix()."user");
// Set default rights
if ($this->set_default_rights() < 0) {
@ -1556,7 +1556,7 @@ class User extends CommonObject
// Create user and set $this->id. Trigger is disabled because executed later.
$result = $this->create($user, 1);
if ($result > 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET fk_socpeople=".((int) $contact->id);
$sql .= ", civility='".$this->db->escape($contact->civility_code)."'";
if ($contact->socid > 0) {
@ -1644,7 +1644,7 @@ class User extends CommonObject
$result = -2;
}
} elseif (!empty($this->pass_crypted)) { // If a crypted password is already known, we save it directly into database because the previous create did not save it.
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET pass_crypted = '".$this->db->escape($this->pass_crypted)."'";
$sql .= " WHERE rowid=".((int) $this->id);
@ -1655,7 +1655,7 @@ class User extends CommonObject
}
if ($result > 0 && $member->fk_soc) { // If member is linked to a thirdparty
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET fk_soc=".((int) $member->fk_soc);
$sql .= " WHERE rowid=".((int) $this->id);
@ -1696,7 +1696,7 @@ class User extends CommonObject
$rd = array();
$num = 0;
$sql = "SELECT id FROM ".MAIN_DB_PREFIX."rights_def";
$sql = "SELECT id FROM ".$this->db->prefix()."rights_def";
$sql .= " WHERE bydefault = 1";
$sql .= " AND entity = ".((int) $conf->entity);
@ -1713,10 +1713,10 @@ class User extends CommonObject
}
$i = 0;
while ($i < $num) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = $this->id AND fk_id=$rd[$i]";
$sql = "DELETE FROM ".$this->db->prefix()."user_rights WHERE fk_user = $this->id AND fk_id=$rd[$i]";
$result = $this->db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (fk_user, fk_id) VALUES ($this->id, $rd[$i])";
$sql = "INSERT INTO ".$this->db->prefix()."user_rights (fk_user, fk_id) VALUES ($this->id, $rd[$i])";
$result = $this->db->query($sql);
if (!$result) {
return -1;
@ -1807,7 +1807,7 @@ class User extends CommonObject
// Check if login already exists in same entity or into entity 0.
if (!empty($this->oldcopy) && $this->oldcopy->login != $this->login) {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".$this->db->prefix()."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);
@ -1821,7 +1821,7 @@ class User extends CommonObject
}
}
if (!empty($this->oldcopy) && $this->email !== '' && $this->oldcopy->email != $this->email) {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".$this->db->prefix()."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);
@ -1836,7 +1836,7 @@ class User extends CommonObject
}
// Update datas
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
$sql = "UPDATE ".$this->db->prefix()."user SET";
$sql .= " civility = '".$this->db->escape($this->civility_code)."'";
$sql .= ", lastname = '".$this->db->escape($this->lastname)."'";
$sql .= ", firstname = '".$this->db->escape($this->firstname)."'";
@ -1916,7 +1916,7 @@ class User extends CommonObject
// If user is linked to a member, remove old link to this member
if ($this->fk_member > 0) {
dol_syslog(get_class($this)."::update remove link with member. We will recreate it later", LOG_DEBUG);
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL where fk_member = ".((int) $this->fk_member);
$sql = "UPDATE ".$this->db->prefix()."user SET fk_member = NULL where fk_member = ".((int) $this->fk_member);
$resql = $this->db->query($sql);
if (!$resql) {
$this->error = $this->db->error(); $this->db->rollback(); return -5;
@ -1924,7 +1924,7 @@ class User extends CommonObject
}
// Set link to user
dol_syslog(get_class($this)."::update set link with member", LOG_DEBUG);
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member =".($this->fk_member > 0 ? ((int) $this->fk_member) : 'null')." where rowid = ".((int) $this->id);
$sql = "UPDATE ".$this->db->prefix()."user SET fk_member =".($this->fk_member > 0 ? ((int) $this->fk_member) : 'null')." where rowid = ".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
$this->error = $this->db->error(); $this->db->rollback(); return -5;
@ -2082,7 +2082,7 @@ class User extends CommonObject
// phpcs:enable
$now = dol_now();
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
$sql = "UPDATE ".$this->db->prefix()."user SET";
$sql .= " datepreviouslogin = datelastlogin,";
$sql .= " datelastlogin = '".$this->db->idate($now)."',";
$sql .= " tms = tms"; // La date de derniere modif doit changer sauf pour la mise a jour de date de derniere connexion
@ -2160,7 +2160,7 @@ class User extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET pass_crypted = '".$this->db->escape($password_crypted)."',";
$sql .= " pass_temp = null";
if (!empty($conf->global->DATABASE_PWD_ENCRYPTED)) {
@ -2224,7 +2224,7 @@ class User extends CommonObject
} else {
// We store password in password temporary field.
// After receiving confirmation link, we will erase and store it in pass_crypted
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET pass_temp = '".$this->db->escape($password)."'";
$sql .= " WHERE rowid = ".((int) $this->id);
@ -2373,7 +2373,7 @@ class User extends CommonObject
{
// phpcs:enable
$sql = "SELECT url, login, pass, poste ";
$sql .= " FROM ".MAIN_DB_PREFIX."user_clicktodial as u";
$sql .= " FROM ".$this->db->prefix()."user_clicktodial as u";
$sql .= " WHERE u.fk_user = ".((int) $this->id);
$resql = $this->db->query($sql);
@ -2408,13 +2408,13 @@ class User extends CommonObject
// phpcs:enable
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_clicktodial";
$sql = "DELETE FROM ".$this->db->prefix()."user_clicktodial";
$sql .= " WHERE fk_user = ".((int) $this->id);
dol_syslog(get_class($this).'::update_clicktodial', LOG_DEBUG);
$result = $this->db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_clicktodial";
$sql = "INSERT INTO ".$this->db->prefix()."user_clicktodial";
$sql .= " (fk_user,url,login,pass,poste)";
$sql .= " VALUES (".$this->id;
$sql .= ", '".$this->db->escape($this->clicktodial_url)."'";
@ -2453,14 +2453,14 @@ class User extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user";
$sql = "DELETE FROM ".$this->db->prefix()."usergroup_user";
$sql .= " WHERE fk_user = ".((int) $this->id);
$sql .= " AND fk_usergroup = ".((int) $group);
$sql .= " AND entity = ".((int) $entity);
$result = $this->db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_user (entity, fk_user, fk_usergroup)";
$sql = "INSERT INTO ".$this->db->prefix()."usergroup_user (entity, fk_user, fk_usergroup)";
$sql .= " VALUES (".((int) $entity).",".((int) $this->id).",".((int) $group).")";
$result = $this->db->query($sql);
@ -2510,7 +2510,7 @@ class User extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user";
$sql = "DELETE FROM ".$this->db->prefix()."usergroup_user";
$sql .= " WHERE fk_user = ".((int) $this->id);
$sql .= " AND fk_usergroup = ".((int) $group);
$sql .= " AND entity = ".((int) $entity);
@ -3103,7 +3103,7 @@ class User extends CommonObject
{
$sql = "SELECT u.rowid, u.login as ref, u.datec,";
$sql .= " u.tms as date_modification, u.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
$sql .= " FROM ".$this->db->prefix()."user as u";
$sql .= " WHERE u.rowid = ".((int) $id);
$result = $this->db->query($sql);
@ -3134,7 +3134,7 @@ class User extends CommonObject
public function getNbOfEMailings()
{
$sql = "SELECT count(mc.email) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc";
$sql .= " FROM ".$this->db->prefix()."mailing_cibles as mc";
$sql .= " WHERE mc.email = '".$this->db->escape($this->email)."'";
$sql .= " AND mc.statut NOT IN (-1,0)"; // -1 erreur, 0 non envoye, 1 envoye avec succes
@ -3164,7 +3164,7 @@ class User extends CommonObject
global $conf;
$sql = "SELECT count(rowid) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."user";
$sql .= " FROM ".$this->db->prefix()."user";
if ($option == 'superadmin') {
$sql .= " WHERE entity = 0";
} else {
@ -3242,7 +3242,7 @@ class User extends CommonObject
public function get_children()
{
// phpcs:enable
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."user";
$sql = "SELECT rowid FROM ".$this->db->prefix()."user";
$sql .= " WHERE fk_user = ".((int) $this->id);
dol_syslog(get_class($this)."::get_children", LOG_DEBUG);
@ -3275,7 +3275,7 @@ class User extends CommonObject
// Load array[child]=parent
$sql = "SELECT fk_user as id_parent, rowid as id_son";
$sql .= " FROM ".MAIN_DB_PREFIX."user";
$sql .= " FROM ".$this->db->prefix()."user";
$sql .= " WHERE fk_user <> 0";
$sql .= " AND entity IN (".getEntity('user').")";
@ -3322,7 +3322,7 @@ class User extends CommonObject
// Init $this->users array
$sql = "SELECT DISTINCT u.rowid, u.firstname, u.lastname, u.fk_user, u.fk_soc, u.login, u.email, u.gender, u.admin, u.statut, u.photo, u.entity"; // Distinct reduce pb with old tables with duplicates
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
$sql .= " FROM ".$this->db->prefix()."user as u";
// Add fields from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printUserListWhere', $parameters); // Note that $action and $object may have been modified by hook
@ -3505,9 +3505,9 @@ class User extends CommonObject
$this->nb = array();
$sql = "SELECT COUNT(DISTINCT u.rowid) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."user as u";
$sql .= " FROM ".$this->db->prefix()."user as u";
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql .= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql .= ", ".$this->db->prefix()."usergroup_user as ug";
$sql .= " WHERE ug.entity IN (".getEntity('usergroup').")";
$sql .= " AND ug.fk_user = u.rowid";
} else {
@ -3579,7 +3579,7 @@ class User extends CommonObject
}
$sql = "SELECT rowid, email, user_mobile, civility, lastname, firstname";
$sql .= " FROM ".MAIN_DB_PREFIX."user";
$sql .= " FROM ".$this->db->prefix()."user";
$sql .= " WHERE rowid = ".((int) $rowid);
$resql = $this->db->query($sql);
@ -3618,14 +3618,14 @@ class User extends CommonObject
global $conf, $user;
$sql = "SELECT t.rowid";
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t ';
$sql .= ' FROM '.$this->db->prefix().$this->table_element.' as t ';
if ($entityfilter) {
if (!empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
if (!empty($user->admin) && empty($user->entity) && $conf->entity == 1) {
$sql .= " WHERE t.entity IS NOT NULL"; // Show all users
} else {
$sql .= ",".MAIN_DB_PREFIX."usergroup_user as ug";
$sql .= ",".$this->db->prefix()."usergroup_user as ug";
$sql .= " WHERE ((ug.fk_user = t.rowid";
$sql .= " AND ug.entity IN (".getEntity('user')."))";
$sql .= " OR t.entity = 0)"; // Show always superadmin
@ -3713,7 +3713,7 @@ class User extends CommonObject
global $conf;
$sql = 'SELECT rowid';
$sql .= ' FROM '.MAIN_DB_PREFIX.'user';
$sql .= ' FROM '.$this->db->prefix().'user';
if (!empty($conf->global->AGENDA_DISABLE_EXACT_USER_EMAIL_COMPARE_FOR_EXTERNAL_CALENDAR)) {
$sql .= " WHERE email LIKE '%".$this->db->escape($email)."%'";
} else {