From bb565d33f91f8d30bc9affe9d1dbe027d41cfe48 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Nov 2018 16:39:08 +0100 Subject: [PATCH] FIX Several fixes in fetchAll --- .../template/class/myobject.class.php | 13 +++++-- htdocs/user/class/user.class.php | 35 ++++++++++++------- 2 files changed, 32 insertions(+), 16 deletions(-) diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index 14989e4d4b6..6029fc7d3f9 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -321,7 +321,7 @@ class MyObject extends CommonObject * @param string $sortfield Sort field * @param int $limit limit * @param int $offset Offset - * @param array $filter Filter array + * @param array $filter Filter array. Example array('field'=>'valueforlike', 'customurl'=>...) * @param string $filtermode Filter mode (AND or OR) * @return array|int int <0 if KO, array of pages if OK */ @@ -335,7 +335,7 @@ class MyObject extends CommonObject $sql = 'SELECT'; $sql .= ' t.rowid'; - // TODO Gett all fields + // TODO Get all fields $sql .= ' FROM ' . MAIN_DB_PREFIX . $this->table_element. ' as t'; $sql .= ' WHERE t.entity = '.$conf->entity; // Manage filter @@ -344,7 +344,14 @@ class MyObject extends CommonObject foreach ($filter as $key => $value) { if ($key=='t.rowid') { $sqlwhere[] = $key . '='. $value; - } else { + } + elseif (strpos($key,'date') !== false) { + $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; + } + elseif ($key=='customsql') { + $sqlwhere[] = $value; + } + else { $sqlwhere[] = $key . ' LIKE \'%' . $this->db->escape($value) . '%\''; } } diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 23f8b09169d..f51fb404579 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -3179,14 +3179,15 @@ class User extends CommonObject /** * Load all objects into $this->users * - * @param string $sortorder sort order - * @param string $sortfield sort field - * @param int $limit limit page - * @param int $offset page - * @param array $filter filter output - * @return int <0 if KO, >0 if OK + * @param string $sortorder sort order + * @param string $sortfield sort field + * @param int $limit limit page + * @param int $offset page + * @param array $filter Filter array. Example array('field'=>'valueforlike', 'customurl'=>...) + * @param string $filtermode Filter mode (AND or OR) + * @return int <0 if KO, >0 if OK */ - function fetchAll($sortorder='', $sortfield='', $limit=0, $offset=0, $filter=array()) + function fetchAll($sortorder='', $sortfield='', $limit=0, $offset=0, $filter=array(), $filtermode='AND') { global $conf; @@ -3194,19 +3195,27 @@ class User extends CommonObject $sql.= ' FROM '.MAIN_DB_PREFIX .$this->table_element.' as t '; $sql.= " WHERE 1"; - //Manage filter + // Manage filter + $sqlwhere = array(); if (!empty($filter)){ foreach($filter as $key => $value) { - if (strpos($key,'date')) { - $sql.= ' AND '.$key.' = \''.$this->db->idate($value).'\''; + if ($key=='t.rowid') { + $sqlwhere[] = $key . '='. $value; + } + elseif (strpos($key,'date') !== false) { + $sqlwhere[] = $key.' = \''.$this->db->idate($value).'\''; } elseif ($key=='customsql') { - $sql.= ' AND '.$value; - } else { - $sql.= ' AND '.$key.' LIKE \'%'.$value.'%\''; + $sqlwhere[] = $value; + } + else { + $sqlwhere[] = $key . ' LIKE \'%' . $this->db->escape($value) . '%\''; } } } + if (count($sqlwhere) > 0) { + $sql .= ' AND (' . implode(' '.$filtermode.' ', $sqlwhere).')'; + } $sql.= $this->db->order($sortfield,$sortorder); if ($limit) $sql.= $this->db->plimit($limit+1,$offset);