/** * Generates an SQL query asking for the records that may be seen by this user * * Generates a left join for mysql, subselect for postgres */ function may_read_SQL($db, $tableinfo, $USER, $temptable = 'tempa') { global $db_type; if ($db_type == 'mysql') { $list = may_read_SQL_JOIN($db, $tableinfo->realname, $USER); if (!$list) { $list = '-1'; } $result['sql'] = " {$tableinfo->realname}.id IN ({$list}) "; $result['numrows'] = substr_count($list, ','); } else { //return may_read_SQL_subselect ($db,$table,$tableid,$USER); $r = $db->Execute(may_read_SQL_subselect($db, $tableinfo->realname, $tableinfo->id, $USER, false)); $result['numrows'] = $r->NumRows(); make_temp_table($db, $temptable, $r); $result['sql'] = " ({$tableinfo->realname}.id = {$temptable}.uniqueid) "; } return $result; }
echo "<td align='center'>{$tabletext} <B>{$tableinfo->label}</B> {$modetext}</td>"; echo "<td align='center'>" . viewmenu($db, $tableinfo, $viewid, false) . "</td>\n"; if ($may_write) { echo "<td align='center'><a href='import.php?tableid={$tableinfo->id}'>Import Data</a></td>\n"; } echo "</tr>\n</table>\n"; next_previous_buttons($rp, true, $num_p_r, $numrows, ${$pagename}, $db, $tableinfo, $viewid); // get a list with ids we may see, $listb has all the ids we may see if ($db_type == 'mysql') { $lista = make_SQL_csf($r, false, 'id', $nr_records); if (!$lista) { $lista = "-1"; } $lista = " id IN ({$lista}) "; } else { make_temp_table($db, 'tempa', $r); $lista = " ({$tableinfo->realname}.id=tempa.uniqueid) "; } // get a list of all fields that are displayed in the table $Allfields = getvalues($db, $tableinfo, $Fieldscomma, false, false); // javascript to automatically execute search when pulling down $jscript = "onChange='document.g_form.searchj.value=\"Search\"; document.g_form.submit()'"; echo "<input type='hidden' name='searchj' value=''>\n"; // print header of table echo "<table border='1' align='center'>\n"; // row with search form echo "<tr align='center'>\n"; foreach ($Allfields as $nowfield) { if ($_GET[$nowfield['name']]) { $list = $listb['sql']; $count = $listb['numrows'];