From ffb2dfcd4d065912f24448a041f4a1c22ad17297 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 25 Nov 2011 02:02:21 +0100
Subject: [PATCH] Fix: filter by categ

---
 .../includes/modules/mailings/contacts3.modules.php  | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/htdocs/includes/modules/mailings/contacts3.modules.php b/htdocs/includes/modules/mailings/contacts3.modules.php
index b8ddb204c16..813c8263ce2 100755
--- a/htdocs/includes/modules/mailings/contacts3.modules.php
+++ b/htdocs/includes/modules/mailings/contacts3.modules.php
@@ -74,15 +74,15 @@ class mailing_contacts3 extends MailingTargets
         $sql.= " sp.name as name, sp.firstname as firstname, sp.civilite,";
         $sql.= " s.nom as companyname";
         $sql.= " FROM ".MAIN_DB_PREFIX."socpeople as sp,";
-        $sql.= " ".MAIN_DB_PREFIX."societe as s,";
-    	$sql.= " ".MAIN_DB_PREFIX."categorie as c,";
-    	$sql.= " ".MAIN_DB_PREFIX."categorie_societe as cs";
+        $sql.= " ".MAIN_DB_PREFIX."societe as s";
+    	if ($filtersarray[0] <> 'all') $sql.= ", ".MAIN_DB_PREFIX."categorie as c,";
+    	if ($filtersarray[0] <> 'all') $sql.= " ".MAIN_DB_PREFIX."categorie_societe as cs";
         $sql.= " WHERE s.rowid = sp.fk_soc";
     	$sql.= " AND sp.email != ''";     // Note that null != '' is false
     	$sql.= " AND sp.entity = ".$conf->entity;
-    	$sql.= " AND cs.fk_categorie = c.rowid";
-    	$sql.= " AND cs.fk_societe = sp.fk_soc";
-    	if ($filtersarray[0] <> 'all') $sql.= " AND c.label = '".$filtersarray[0]."'";
+    	if ($filtersarray[0] <> 'all') $sql.= " AND cs.fk_categorie = c.rowid";
+    	if ($filtersarray[0] <> 'all') $sql.= " AND cs.fk_societe = sp.fk_soc";
+    	if ($filtersarray[0] <> 'all') $sql.= " AND c.label = '".$this->db>escape($filtersarray[0])."'";
     	$sql.= " ORDER BY sp.name, sp.firstname";
 
     	$resql = $this->db->query($sql);