From a60f90ac515ad092ecd2ae036a582b75d0c19b01 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 7 Mar 2006 18:11:36 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/contact/index.php | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/htdocs/contact/index.php b/htdocs/contact/index.php index c3e27ec335f..4c2a2749421 100644 --- a/htdocs/contact/index.php +++ b/htdocs/contact/index.php @@ -88,19 +88,31 @@ if ($_POST["button_removefilter"]) * */ +if ($user->rights->commercial->client->voir) +{ $sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax "; $sql .= "FROM ".MAIN_DB_PREFIX."socpeople as p "; $sql .= "LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON (s.idp = p.fk_soc) "; $sql .= "WHERE 1=1 "; +} +else +{ +$sql = "SELECT s.idp, s.nom, p.idp as cidp, p.name, p.firstname, p.email, p.phone, p.phone_mobile, p.fax, "; +$sql .= "sc.fk_soc, sc.fk_user "; +$sql .= "FROM ".MAIN_DB_PREFIX."socpeople as p, ".MAIN_DB_PREFIX."societe_commerciaux as sc "; +$sql .= "LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON (s.idp = p.fk_soc) "; +$sql .= "WHERE 1=1 "; +} if ($_GET["userid"]) // statut commercial { $sql .= " AND p.fk_user=".$_GET["userid"]; } -if ($search_nom) // filtre sur le nom +if (!$user->rights->commercial->client->voir) //restriction { - $sql .= " AND p.name like '%".$search_nom."%'"; +$sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; } + if ($search_prenom) // filtre sur le prenom { $sql .= " AND p.firstname like '%".$search_prenom."%'";