extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 09:04:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Hopefully fixes sql search bug that showed other's private entries

Browse Source
This commit is contained in:
Miles Lott 2001-04-20 23:13:56 +00:00
parent ebd58d40af
commit 8a69409111
2 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
addressbook/inc/class.contacts_sql.inc.php
View File

@ -373,16 +373,18 @@
if ($filterlist) {
$filtermethod = '('.$filterlist.') ';
$fwhere = ' WHERE '; $fand = '';
$fwhere = ' WHERE '; $fand = ' AND ';
}
} else {
$filtermethod = "WHERE (tid='n' OR tid is null)";
}
if (!$filtermethod) {
$fwhere .= " WHERE (owner=" . $phpgw_info['user']['account_id'];
$fwhere .= " (owner=" . $phpgw_info['user']['account_id'];
$fand .= " (owner=" . $phpgw_info['user']['account_id'];
} else {
$fwhere .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id'];
$fand .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id'];
}
if (is_array($this->grants))
@ -394,10 +396,11 @@
}
reset($public_user_list);
$fwhere .= " OR (access='public' AND owner in(" . implode(',',$public_user_list) . "))) ";
$fand .= " OR (access='public' AND owner in(" . implode(',',$public_user_list) . "))) ";
}
else
{
$fwhere .= ') '; $fand = '';
$fwhere .= ') '; $fand .= ') ';
}

8
addressbook/index.php
View File

@ -120,6 +120,12 @@
} else {
$qfilter = 'tid=n,access=private,owner='.$phpgw_info["user"]["account_id"].',cat_id='.$cat_id;
}
} elseif($filter == "yours") {
if (!$cat_id) {
$qfilter = 'tid=n,owner='.$phpgw_info["user"]["account_id"];
} else {
$qfilter = 'tid=n,owner='.$phpgw_info["user"]["account_id"].',cat_id='.$cat_id;
}
} else {
if (!$cat_id) {
$qfilter = 'tid=n,owner='.$filter;
@ -159,7 +165,7 @@
$search_filter = $phpgw->nextmatchs->show_tpl("/addressbook/index.php",
$start, $this->total_records,"&order=$order&filter=$filter&sort=$sort&query=$query&cat_id=$cat_id","75%",
$phpgw_info["theme"]["th_bg"]);
$phpgw_info["theme"]["th_bg"],1,1,1,1);
if ($this->total_records > $phpgw_info["user"]["preferences"]["common"]["maxmatchs"]) {
if ($start + $phpgw_info["user"]["preferences"]["common"]["maxmatchs"] > $this->total_records) {