From f8c708514310a6cfcef683252c876f7ecaad054b Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 8 Mar 2006 13:51:37 +0000 Subject: [PATCH] =?UTF-8?q?r=E9duction=20de=20la=20requete?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/comm/clients.php | 18 +++++------------- htdocs/contact/index.php | 20 ++++++-------------- 2 files changed, 11 insertions(+), 27 deletions(-) diff --git a/htdocs/comm/clients.php b/htdocs/comm/clients.php index 228c361c5df..770243397bf 100644 --- a/htdocs/comm/clients.php +++ b/htdocs/comm/clients.php @@ -51,20 +51,12 @@ $search_nom=isset($_GET["search_nom"])?$_GET["search_nom"]:$_POST["search_nom"]; $search_ville=isset($_GET["search_ville"])?$_GET["search_ville"]:$_POST["search_ville"]; $search_code=isset($_GET["search_code"])?$_GET["search_contract"]:$_POST["search_code"]; -if ($user->rights->commercial->client->voir) -{ - $sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea,"; - $sql .= " st.libelle as stcomm, s.prefix_comm, s.code_client"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st "; + + $sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm, s.code_client"; + if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st"; + if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE s.fk_stcomm = st.id AND s.client=1"; -} -else -{ - $sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea,"; - $sql .= " st.libelle as stcomm, s.prefix_comm, s.code_client, sc.fk_soc, sc.fk_user"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."societe_commerciaux as sc "; - $sql .= " WHERE s.fk_stcomm = st.id AND s.client=1"; -} if ($socidp) $sql .= " AND s.idp = $socidp"; if ($user->societe_id) $sql .= " AND s.idp = " .$user->societe_id; diff --git a/htdocs/contact/index.php b/htdocs/contact/index.php index a89550b456b..a8f617f412d 100644 --- a/htdocs/contact/index.php +++ b/htdocs/contact/index.php @@ -89,21 +89,13 @@ if ($_POST["button_removefilter"]) llxHeader(); -if ($user->rights->commercial->client->voir) -{ - $sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax "; - $sql .= "FROM ".MAIN_DB_PREFIX."socpeople as p "; - $sql .= "LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.idp = p.fk_soc "; + + $sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax"; + if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user "; + $sql .= "FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."socpeople as p "; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.idp = p.fk_soc "; $sql .= "WHERE 1=1 "; -} -else -{ - $sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax, "; - $sql .= "sc.fk_soc, sc.fk_user "; - $sql .= "FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc,".MAIN_DB_PREFIX."socpeople as p "; - $sql .= "LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.idp = p.fk_soc "; - $sql .= "WHERE 1=1 "; -} if ($_GET["userid"]) // statut commercial {