Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-35558 mod_data: Show only own entries while there are required pe…

…nding.
  • Loading branch information...
commit 4cf9360fcadd45b74c0743eb5c0f2cc722b23e37 1 parent 546667e
@abgreeve abgreeve authored stronk7 committed
Showing with 32 additions and 21 deletions.
  1. +10 −6 mod/data/lib.php
  2. +22 −15 mod/data/view.php
View
16 mod/data/lib.php
@@ -3577,7 +3577,7 @@ function data_get_recordids($alias, $searcharray, $dataid, $recordids) {
* @param int $sort DATA_*
* @param stdClass $data Data module object
* @param array $recordids An array of record IDs.
- * @param string $selectdata Information for the select part of the sql statement.
+ * @param string $selectdata Information for the where and select part of the sql statement.
* @param string $sortorder Additional sort parameters
* @return array sqlselect sqlselect['sql] has the sql string, sqlselect['params'] contains an array of parameters.
*/
@@ -3622,13 +3622,17 @@ function data_get_advanced_search_sql($sort, $data, $recordids, $selectdata, $so
{user} u ';
$groupsql = ' GROUP BY r.id, r.approved, r.timecreated, r.timemodified, r.userid, u.firstname, u.lastname, ' .$sortcontentfull;
}
- $nestfromsql = 'WHERE c.recordid = r.id
- AND r.dataid = :dataid
- AND r.userid = u.id';
+
+ // Default to a standard Where statement if $selectdata is empty.
+ if ($selectdata == '') {
+ $selectdata = 'WHERE c.recordid = r.id
+ AND r.dataid = :dataid
+ AND r.userid = u.id ';
+ }
// Find the field we are sorting on
if ($sort > 0 or data_get_field_from_id($sort, $data)) {
- $nestfromsql .= ' AND c.fieldid = :sort';
+ $selectdata .= ' AND c.fieldid = :sort';
}
// If there are no record IDs then return an sql statment that will return no rows.
@@ -3637,7 +3641,7 @@ function data_get_advanced_search_sql($sort, $data, $recordids, $selectdata, $so
} else {
list($insql, $inparam) = $DB->get_in_or_equal(array('-1'), SQL_PARAMS_NAMED);
}
- $nestfromsql .= ' AND c.recordid ' . $insql . $selectdata . $groupsql;
+ $nestfromsql = $selectdata . ' AND c.recordid ' . $insql . $groupsql;
$sqlselect['sql'] = "$nestselectsql $nestfromsql $sortorder";
$sqlselect['params'] = $inparam;
return $sqlselect;
View
37 mod/data/view.php
@@ -457,11 +457,15 @@
$requiredentries_allowed = false;
}
+ // Initialise the first group of params for advanced searches.
+ $initialparams = array();
+
/// setup group and approve restrictions
if (!$approvecap && $data->approval) {
if (isloggedin()) {
$approveselect = ' AND (r.approved=1 OR r.userid=:myid1) ';
$params['myid1'] = $USER->id;
+ $initialparams['myid1'] = $params['myid1'];
} else {
$approveselect = ' AND r.approved=1 ';
}
@@ -472,6 +476,7 @@
if ($currentgroup) {
$groupselect = " AND (r.groupid = :currentgroup OR r.groupid = 0)";
$params['currentgroup'] = $currentgroup;
+ $initialparams['currentgroup'] = $params['currentgroup'];
} else {
if ($canviewallrecords) {
$groupselect = ' ';
@@ -487,6 +492,8 @@
$advwhere = '';
$advtables = '';
$advparams = array();
+ // This is used for the initial reduction of advanced search results with required entries.
+ $entrysql = '';
/// Find the field we are sorting on
if ($sort <= 0 or !$sortfield = data_get_field_from_id($sort, $data)) {
@@ -515,8 +522,7 @@
$tables = '{data_content} c,{data_records} r, {data_content} cs, {user} u ';
$where = 'WHERE c.recordid = r.id
AND r.dataid = :dataid
- AND r.userid = u.id
- AND cs.recordid = r.id ';
+ AND r.userid = u.id ';
$params['dataid'] = $data->id;
$sortorder = ' ORDER BY '.$ordering.', r.id ASC ';
$searchselect = '';
@@ -524,7 +530,9 @@
// If requiredentries is not reached, only show current user's entries
if (!$requiredentries_allowed) {
$where .= ' AND u.id = :myid2 ';
+ $entrysql = ' AND r.userid = :myid3 ';
$params['myid2'] = $USER->id;
+ $initialparams['myid3'] = $params['myid2'];
}
if (!empty($advanced)) { //If advanced box is checked.
@@ -542,6 +550,7 @@
$advparams = array_merge($advparams, $val->params);
}
} else if ($search) {
+ $where .= ' AND cs.recordid = r.id ';
$searchselect = " AND (".$DB->sql_like('cs.content', ':search1', false)." OR ".$DB->sql_like('u.firstname', ':search2', false)." OR ".$DB->sql_like('u.lastname', ':search3', false)." ) ";
$params['search1'] = "%$search%";
$params['search2'] = "%$search%";
@@ -559,10 +568,11 @@
$count = ' COUNT(DISTINCT c.recordid) ';
$tables = '{data_content} c, {data_records} r, {data_content} cs, {user} u ';
$where = 'WHERE c.recordid = r.id
- AND c.fieldid = :sort
AND r.dataid = :dataid
- AND r.userid = u.id
- AND cs.recordid = r.id ';
+ AND r.userid = u.id ';
+ if (!$advanced) {
+ $where .= 'AND c.fieldid = :sort';
+ }
$params['dataid'] = $data->id;
$params['sort'] = $sort;
$sortorder = ' ORDER BY sortorder '.$order.' , r.id ASC ';
@@ -570,8 +580,10 @@
// If requiredentries is not reached, only show current user's entries
if (!$requiredentries_allowed) {
- $where .= ' AND u.id = ' . $USER->id;
+ $where .= ' AND u.id = :myid2';
+ $entrysql = ' AND r.userid = :myid3';
$params['myid2'] = $USER->id;
+ $initialparams['myid3'] = $params['myid2'];
}
$i = 0;
@@ -589,6 +601,7 @@
$advparams = array_merge($advparams, $val->params);
}
} else if ($search) {
+ $where .= ' AND cs.recordid = r.id ';
$searchselect = " AND (".$DB->sql_like('cs.content', ':search1', false)." OR ".$DB->sql_like('u.firstname', ':search2', false)." OR ".$DB->sql_like('u.lastname', ':search3', false)." ) ";
$params['search1'] = "%$search%";
$params['search2'] = "%$search%";
@@ -604,18 +617,12 @@
$allparams = array_merge($params, $advparams);
// Provide initial sql statements and parameters to reduce the number of total records.
- $selectdata = $groupselect . $approveselect;
- $initialparams = array();
- if ($currentgroup) {
- $initialparams['currentgroup'] = $params['currentgroup'];
- }
- if (!$approvecap && $data->approval && isloggedin()) {
- $initialparams['myid1'] = $params['myid1'];
- }
+ $initialselect = $groupselect . $approveselect . $entrysql;
- $recordids = data_get_all_recordids($data->id, $selectdata, $initialparams);
+ $recordids = data_get_all_recordids($data->id, $initialselect, $initialparams);
$newrecordids = data_get_advance_search_ids($recordids, $search_array, $data->id);
$totalcount = count($newrecordids);
+ $selectdata = $where . $groupselect . $approveselect;
if (!empty($advanced)) {
$advancedsearchsql = data_get_advanced_search_sql($sort, $data, $newrecordids, $selectdata, $sortorder);
Please sign in to comment.
Something went wrong with that request. Please try again.