public static function get_users($search = array(), $mysql = false)
{
// limit based on customer id
/*if(!isset($_REQUEST['customer_id']) || !(int)$_REQUEST['customer_id']){
return array();
}*/
// build up a custom search sql query based on the provided search fields
$sql = "SELECT *,u.user_id AS id ";
$sql .= ", u.name AS name ";
$from = " FROM `" . _DB_PREFIX . "user` u ";
$where = " WHERE 1 ";
$where .= " AND ( (u.customer_id = 0 OR u.customer_id IS NULL) AND (u.vendor_id = 0 OR u.vendor_id IS NULL)) ";
if (isset($search['generic']) && $search['generic']) {
$str = mysql_real_escape_string($search['generic']);
$where .= " AND ( ";
$where .= " u.name LIKE '%{$str}%' OR ";
$where .= " u.email LIKE '%{$str}%' OR ";
$where .= " u.phone LIKE '%{$str}%' OR ";
$where .= " u.mobile LIKE '%{$str}%' ";
$where .= ' ) ';
}
if (isset($search['customer_id']) && $search['customer_id']) {
/*$str = mysql_real_escape_string($search['customer_id']);
$where .= " AND u.customer_id = '$str'";
$sql .= " , c.primary_user_id AS is_primary ";
$from .= " LEFT JOIN `"._DB_PREFIX."customer` c ON u.customer_id = c.customer_id ";*/
set_error('Bad usage of get_user() - please report this error.');
return array();
}
if (isset($search['security_role_id']) && (int) $search['security_role_id'] > 0) {
$str = (int) $search['security_role_id'];
$from .= " LEFT JOIN `" . _DB_PREFIX . "user_role` ur ON u.user_id = ur.user_id";
$where .= " AND ur.security_role_id = {$str}";
}
foreach (array('email') as $key) {
if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) {
$str = mysql_real_escape_string($search[$key]);
$where .= " AND u.`{$key}` LIKE '{$str}'";
}
}
foreach (array('is_staff', 'split_hours') as $key) {
if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) {
$str = mysql_real_escape_string($search[$key]);
$where .= " AND u.`{$key}` = '{$str}'";
}
}
if (class_exists('module_customer', false)) {
switch (module_user::get_user_data_access()) {
case _USER_ACCESS_ALL:
// all user accounts.
break;
case _USER_ACCESS_ME:
$where .= " AND u.`user_id` = " . (int) module_security::get_loggedin_id();
break;
case _USER_ACCESS_CONTACTS:
$where .= " AND u.`customer_id` > 0 ";
break;
}
/*switch(module_customer::get_customer_data_access()){
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if(count($valid_customer_ids)){
$where .= " AND u.customer_id IN ( ";
foreach($valid_customer_ids as $valid_customer_id){
$where .= (int)$valid_customer_id.", ";
}
$where = rtrim($where,', ');
$where .= " )";
}
}*/
}
$group_order = ' GROUP BY u.user_id ORDER BY u.name';
// stop when multiple company sites have same region
$sql = $sql . $from . $where . $group_order;
if ($mysql) {
return query($sql);
}
$result = qa($sql);
module_security::filter_data_set("user", $result);
return $result;
// return get_multiple("user",$search,"user_id","fuzzy","name");
}
