* Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $page_type = 'Companies'; $page_type_single = 'Company'; $search = isset($_REQUEST['search']) ? $_REQUEST['search'] : array(); if (!module_vendor::can_i('view', $page_type)) { redirect_browser(_BASE_HREF); } $module->page_title = _l($page_type); $vendors = module_vendor::get_vendors($search, array('as_resource' => true)); // hack to add a "group" option to the pagination results. if (class_exists('module_group', false)) { module_group::enable_pagination_hook(array('fields' => array('owner_id' => 'vendor_id', 'owner_table' => 'vendor', 'title' => $page_type_single . ' Groups', 'name' => 'vendor_name', 'email' => 'primary_user_email'))); } if (class_exists('module_table_sort', false)) { module_table_sort::enable_pagination_hook(array('table_id' => 'vendor_list', 'sortable' => array('vendor_name' => array('field' => 'vendor_name'), 'primary_contact_name' => array('field' => 'primary_user_name'), 'primary_contact_email' => array('field' => 'primary_user_email'), 'vendor_group' => array('group_sort' => true, 'owner_table' => 'vendor', 'owner_id' => 'vendor_id')))); } // hack to add a "export" option to the pagination results. if (class_exists('module_import_export', false) && module_vendor::can_i('view', 'Export ' . $page_type)) { module_import_export::enable_pagination_hook(array('name' => $page_type_single . ' Export', 'fields' => array($page_type_single . ' ID' => 'vendor_id', $page_type_single . ' Name' => 'vendor_name', 'Credit' => 'credit', 'Address Line 1' => 'line_1', 'Address Line 2' => 'line_2', 'Address Suburb' => 'suburb', 'Address Country' => 'country', 'Address State' => 'state', 'Address Region' => 'region', 'Address Post Code' => 'post_code', 'Primary Contact First Name' => 'primary_user_name', 'Primary Contact Last Name' => 'primary_user_last_name', 'Primary Phone' => 'primary_user_phone', 'Primary Email' => 'primary_user_email', 'Primary Fax' => 'primary_user_fax', 'Primary Mobile' => 'primary_user_mobile', 'Primary Language' => 'primary_user_language', 'Invoice Prefix' => 'default_invoice_prefix', 'Tax Name' => 'default_tax_name', 'Tax Rate' => 'default_tax'), 'extra' => array(array('owner_table' => 'vendor', 'owner_id' => 'vendor_id'), array('owner_table' => 'user', 'owner_id' => 'primary_user_id')), 'group' => array(array('title' => $page_type_single . ' Group', 'owner_table' => 'vendor', 'owner_id' => 'vendor_id')))); } $header_buttons = array(); if (module_vendor::can_i('create', $page_type)) { $header_buttons[] = array('url' => module_vendor::link_open('new', false), 'title' => 'Create New ' . $page_type_single, 'type' => 'add'); }
public static function get_contacts($search = array(), $new_security_check = false, $as_array = true) { // limit based on customer id // build up a custom search sql query based on the provided search fields $sql = "SELECT u.*,u.user_id AS id "; $sql .= ", u.name AS name "; $from = " FROM `" . _DB_PREFIX . "user` u "; $where = " WHERE (u.customer_id > 0 OR u.vendor_id > 0) "; if (isset($search['generic']) && $search['generic']) { $str = mysql_real_escape_string($search['generic']); $where .= " AND ( "; $where .= " u.name LIKE '%{$str}%' OR "; $where .= " u.email LIKE '%{$str}%' OR "; $where .= " u.phone LIKE '%{$str}%' OR "; $where .= " u.mobile LIKE '%{$str}%' "; $where .= ' ) '; } if (isset($search['customer_id'])) { $sql .= ", c.* "; $sql .= " , c.primary_user_id AS is_primary "; $from .= " LEFT JOIN `" . _DB_PREFIX . "customer` c ON u.customer_id = c.customer_id "; $str = (int) $search['customer_id']; if ($str > 0) { $where .= " AND u.customer_id = '{$str}'"; } else { // searching all customers $where .= " AND u.customer_id > 0 "; } } else { if (isset($search['vendor_id'])) { //$search['vendor_id'] $sql .= ", c.* "; $sql .= " , c.primary_user_id AS is_primary "; $from .= " LEFT JOIN `" . _DB_PREFIX . "vendor` c ON u.vendor_id = c.vendor_id "; $str = (int) $search['vendor_id']; if ($str > 0) { $where .= " AND u.vendor_id = '{$str}'"; } else { // searching all vendors $where .= " AND u.vendor_id > 0 "; } } } foreach (array('is_staff', 'split_hours') as $key) { if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) { $str = mysql_real_escape_string($search[$key]); $where .= " AND u.`{$key}` = '{$str}'"; } } if (isset($search['security_role_id']) && (int) $search['security_role_id'] > 0) { $str = (int) $search['security_role_id']; $from .= " LEFT JOIN `" . _DB_PREFIX . "user_role` ur ON u.user_id = ur.user_id"; $where .= " AND ur.security_role_id = {$str}"; } foreach (array('email') as $key) { if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) { $str = mysql_real_escape_string($search[$key]); $where .= " AND u.`{$key}` LIKE '{$str}'"; } } if (class_exists('module_customer', false)) { switch (module_user::get_user_data_access()) { case _USER_ACCESS_ALL: // all user accounts. break; case _USER_ACCESS_ME: $where .= " AND u.`user_id` = " . (int) module_security::get_loggedin_id(); break; case _USER_ACCESS_CONTACTS: $where .= " AND (u.`customer_id` > 0 OR u.`vendor_id` > 0) "; break; } switch (module_customer::get_customer_data_access()) { case _CUSTOMER_ACCESS_ALL: // all customers! so this means all jobs! break; case _CUSTOMER_ACCESS_ALL_COMPANY: case _CUSTOMER_ACCESS_CONTACTS: case _CUSTOMER_ACCESS_TASKS: case _CUSTOMER_ACCESS_STAFF: $valid_customer_ids = module_security::get_customer_restrictions(); if (count($valid_customer_ids)) { $where .= " AND u.customer_id IN ( "; foreach ($valid_customer_ids as $valid_customer_id) { $where .= (int) $valid_customer_id . ", "; } $where = rtrim($where, ', '); $where .= " )"; } } if (class_exists('module_vendor', false)) { switch (module_vendor::get_vendor_data_access()) { case _VENDOR_ACCESS_ALL: // all vendors! so this means all jobs! break; case _VENDOR_ACCESS_ALL_COMPANY: case _VENDOR_ACCESS_CONTACTS: case _VENDOR_ACCESS_TASKS: $valid_vendor_ids = module_vendor::get_vendors(array(), array('columns', 'c.vendor_id AS id')); if (count($valid_vendor_ids)) { $where .= " AND u.vendor_id IN ( "; foreach ($valid_vendor_ids as $valid_vendor_id => $v) { $where .= (int) $valid_vendor_id . ", "; } $where = rtrim($where, ', '); $where .= " )"; } } } } if ($new_security_check) { // addition for the 'all customer contacts' permission // if user doesn't' have this permission then we only show ourselves in this list. $current_customer_type_id = module_customer::get_current_customer_type_id(); $permission_check_string = 'Customer'; if ($current_customer_type_id > 0) { $customer_type = module_customer::get_customer_type($current_customer_type_id); if ($customer_type && !empty($customer_type['type_name'])) { $permission_check_string = $customer_type['type_name']; } } if (isset($search['customer_id']) && $search['customer_id'] && !module_user::can_i('view', 'All ' . $permission_check_string . ' Contacts', 'Customer', 'customer')) { $where .= " AND u.user_id = " . (int) module_security::get_loggedin_id(); /*foreach($result as $key=>$val){ if($val['user_id']!=module_security::get_loggedin_id())unset($result[$key]); }*/ } else { if (isset($search['vendor_id']) && $search['vendor_id'] && !module_user::can_i('view', 'All Vendor Contacts', 'Vendor', 'vendor')) { $where .= " AND u.user_id = " . (int) module_security::get_loggedin_id(); } } } $group_order = ' GROUP BY u.user_id '; if (isset($search['customer_id']) && $search['customer_id']) { $group_order .= 'ORDER BY c.customer_name, u.name'; // stop when multiple company sites have same region } else { if (isset($search['vendor_id']) && $search['vendor_id']) { $group_order .= 'ORDER BY c.vendor_name, u.name'; // stop when multiple company sites have same region } } $sql = $sql . $from . $where . $group_order; if ($as_array) { $result = qa($sql); } else { $result = query($sql); } //module_security::filter_data_set("user",$result); return $result; // return get_multiple("user",$search,"user_id","fuzzy","name"); }