From d05a00bd0a093b609d15fff2e9e99232ad2582ba Mon Sep 17 00:00:00 2001 From: ptibogxiv Date: Wed, 15 Apr 2020 19:03:40 +0200 Subject: [PATCH] Update api_thirdparties.class.php --- htdocs/societe/class/api_thirdparties.class.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index bb72a8d3e7f..63130b8b1da 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -128,7 +128,8 @@ class Thirdparties extends DolibarrApi if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql .= " FROM ".MAIN_DB_PREFIX."societe as t"; if ($category > 0) { - $sql .= ", ".MAIN_DB_PREFIX."categorie_societe as c"; + if ($mode != 4) $sql .= ", ".MAIN_DB_PREFIX."categorie_societe as c"; + if (!in_array($mode, array(1,2,3))) $sql .= ", ".MAIN_DB_PREFIX."categorie_fournisseur as cc"; } if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale $sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st"; @@ -142,8 +143,9 @@ class Thirdparties extends DolibarrApi // Select thirdparties of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$db->escape($category); - $sql .= " AND c.fk_soc = t.rowid "; + if ($mode != 4) $sql .= " AND c.fk_categorie = ".$db->escape($category)." AND c.fk_soc = t.rowid "; + elseif (!in_array($mode, array(1,2,3))) $sql .= " AND cc.fk_categorie = ".$db->escape($category)." AND cc.fk_soc = t.rowid "; + else $sql .= " AND (c.fk_categorie = ".$db->escape($category)." OR cc.fk_categorie = ".$db->escape($category).") AND cc.fk_soc = t.rowid AND c.fk_soc = t.rowid "; } if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= " AND t.rowid = sc.fk_soc";