Skip to content

Commit

Permalink
Fix: bad sql query
Browse files Browse the repository at this point in the history
  • Loading branch information
@hregis
hregis committed Sep 6, 2011
1 parent 1135627 commit 965071a
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 12 deletions.
6 changes: 2 additions & 4 deletions htdocs/user/group/perms.php
View file
Expand Up @@ -169,8 +169,7 @@
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.= ", ".MAIN_DB_PREFIX."usergroup_rights as ugr";
$sql.= " WHERE ugr.fk_id = r.id";
if (empty($conf->multicompany->enabled)) $sql.= " AND r.entity = ".$conf->entity;
else $sql.= " AND r.entity = ".$fgroup->entity;
$sql.= " AND r.entity = ".(empty($conf->multicompany->enabled) ? $conf->entity : $fgroup->entity);
$sql.= " AND ugr.fk_usergroup = ".$fgroup->id;

$result=$db->query($sql);
Expand Down Expand Up @@ -235,8 +234,7 @@
$sql = "SELECT r.id, r.libelle, r.module";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
if (empty($conf->multicompany->enabled)) $sql.= " AND r.entity = ".$conf->entity;
else $sql.= " AND r.entity = ".$fgroup->entity;
$sql.= " AND r.entity = ".(empty($conf->multicompany->enabled) ? $conf->entity : $fgroup->entity);
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql.= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable
$sql.= " ORDER BY r.module, r.id";

Expand Down
12 changes: 4 additions & 8 deletions htdocs/user/perms.php
View file
Expand Up @@ -195,8 +195,7 @@
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r,";
$sql.= " ".MAIN_DB_PREFIX."user_rights as ur";
$sql.= " WHERE ur.fk_id = r.id";
if (empty($conf->multicompany->enabled)) $sql.= " AND r.entity = ".$conf->entity;
else $sql.= " AND r.entity = ".$fuser->entity;
$sql.= " AND r.entity = ".((! empty($conf->multicompany->enabled) && ! empty($fuser->entity)) ? $fuser->entity : $conf->entity);
$sql.= " AND ur.fk_user = ".$fuser->id;

$result=$db->query($sql);
Expand Down Expand Up @@ -225,10 +224,8 @@
$sql.= " ".MAIN_DB_PREFIX."usergroup_rights as gr,";
$sql.= " ".MAIN_DB_PREFIX."usergroup_user as gu";
$sql.= " WHERE gr.fk_id = r.id";
if (empty($conf->multicompany->enabled)) $sql.= " AND r.entity = ".$conf->entity;
else $sql.= " AND r.entity = ".$fuser->entity;
if (empty($conf->multicompany->enabled)) $sql.= " AND gu.entity IN (0,".$conf->entity.")";
else $sql.= " AND gu.entity IN (0,".$fuser->entity.")";
$sql.= " AND r.entity = ".((! empty($conf->multicompany->enabled) && ! empty($fuser->entity)) ? $fuser->entity : $conf->entity);
$sql.= " AND gu.entity IN (0,".((! empty($conf->multicompany->enabled) && ! empty($fuser->entity)) ? $fuser->entity : $conf->entity).")";
$sql.= " AND gr.fk_usergroup = gu.fk_usergroup";
$sql.= " AND gu.fk_user = ".$fuser->id;

Expand Down Expand Up @@ -291,8 +288,7 @@
$sql = "SELECT r.id, r.libelle, r.module";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
if (empty($conf->multicompany->enabled)) $sql.= " AND r.entity = ".$conf->entity;
else $sql.= " AND r.entity = ".$fuser->entity;
$sql.= " AND r.entity = ".((! empty($conf->multicompany->enabled) && ! empty($fuser->entity)) ? $fuser->entity : $conf->entity);
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql.= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable
$sql.= " ORDER BY r.module, r.id";

Expand Down

0 comments on commit 965071a

Please sign in to comment.