From bb373edff1f90578c112f39beec2b3e322bfc8f1 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 7 Mar 2006 15:30:06 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/comm/clients.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/clients.php b/htdocs/comm/clients.php index 2bbb1883dcb..1a2964e0cf0 100644 --- a/htdocs/comm/clients.php +++ b/htdocs/comm/clients.php @@ -52,12 +52,14 @@ $search_ville=isset($_GET["search_ville"])?$_GET["search_ville"]:$_POST["search_ $search_code=isset($_GET["search_code"])?$_GET["search_contract"]:$_POST["search_code"]; -$sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm, s.code_client "; -$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st "; +$sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea,"; +$sql .= " st.libelle as stcomm, s.prefix_comm, s.code_client, sc.fk_soc, sc.fk_user"; +$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."societe_commerciaux as sc "; $sql .= " WHERE s.fk_stcomm = st.id AND s.client=1"; if ($socidp) $sql .= " AND s.idp = $socidp"; if ($user->societe_id) $sql .= " AND s.idp = " .$user->societe_id; +if (!$user->rights->commercial->voir) $sql .= " AND sc.fk_user = " .$user->id; if ($search_nom) $sql .= " AND s.nom like '%".addslashes(strtolower($search_nom))."%'"; if ($search_ville) $sql .= " AND s.ville like '%".addslashes(strtolower($search_ville))."%'";