holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add some verification that account_id exists for use in accounts storage

Browse Source
This commit is contained in:
Miles Lott 2001-04-29 13:41:36 +00:00
parent 8dd7dad2ed
commit ebae1c6323
1 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
addressbook/inc/class.contacts_sql.inc.php
View File

@ -45,12 +45,15 @@
var $total_records; // This will contain numrows for data retrieved var $total_records; // This will contain numrows for data retrieved
var $grants; // This holds all of the users that have granted access to there entrys var $grants; // This holds all of the users that have granted access to there entrys
function contacts_() function contacts_($useacl=True)
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$this->db = $phpgw->db; $this->db = $phpgw->db;
if($useacl)
{
$this->grants = $phpgw->acl->get_grants('addressbook'); $this->grants = $phpgw->acl->get_grants('addressbook');
}
$this->account_id = $phpgw_info['user']['account_id']; $this->account_id = $phpgw_info['user']['account_id'];
// The left side are the array elements used throughout phpgw, right side are the db field names. // The left side are the array elements used throughout phpgw, right side are the db field names.
@ -380,12 +383,24 @@
} }
if (!$filtermethod) { if (!$filtermethod) {
if($phpgw_info['user']['account_id'])
{
$fwhere .= " (owner=" . $phpgw_info['user']['account_id']; $fwhere .= " (owner=" . $phpgw_info['user']['account_id'];
$fand .= " (owner=" . $phpgw_info['user']['account_id']; $fand .= " (owner=" . $phpgw_info['user']['account_id'];
}
} else { } else {
if($phpgw_info['user']['account_id'])
{
$fwhere .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id']; $fwhere .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id'];
$fand .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id']; $fand .= $filtermethod . " AND (owner=" . $phpgw_info['user']['account_id'];
} }
else
{
$filtermethod = substr($filtermethod,0,-2);
$fwhere .= $filtermethod;
$fand .= $filtermethod;
}
}
if (is_array($this->grants)) if (is_array($this->grants))
{ {