function list_objects()
{
/* get query parameters */
$filesPerPage = config_option('files_per_page');
$start = array_var($_GET, 'start') ? (int) array_var($_GET, 'start') : 0;
$limit = array_var($_GET, 'limit') ? array_var($_GET, 'limit') : $filesPerPage;
$order = array_var($_GET, 'sort');
$id_no_select = array_var($_GET, 'id_no_select', "undefined");
$ignore_context = (bool) array_var($_GET, 'ignore_context');
$member_ids = json_decode(array_var($_GET, 'member_ids'));
$extra_member_ids = json_decode(array_var($_GET, 'extra_member_ids'));
$orderdir = array_var($_GET, 'dir');
if (!in_array(strtoupper($orderdir), array('ASC', 'DESC'))) {
$orderdir = 'ASC';
}
if ($order == "dateUpdated") {
$order = "updated_on";
} elseif ($order == "dateArchived") {
$order = "archived_on";
} elseif ($order == "dateDeleted") {
$order = "trashed_on";
} elseif ($order == "name") {
$order = "name";
} else {
$order = "";
$orderdir = "";
}
$extra_list_params = array_var($_GET, 'extra_list_params');
$extra_list_params = json_decode($extra_list_params);
$page = (int) ($start / $limit) + 1;
$hide_private = !logged_user()->isMemberOfOwnerCompany();
$typeCSV = array_var($_GET, 'type');
$types = null;
if ($typeCSV) {
$types = explode(",", $typeCSV);
}
$name_filter = mysql_real_escape_string(array_var($_GET, 'name'));
$linked_obj_filter = array_var($_GET, 'linkedobject');
$object_ids_filter = '';
$show_all_linked_objects = false;
if (!is_null($linked_obj_filter)) {
$show_all_linked_objects = true;
$linkedObject = Objects::findObject($linked_obj_filter);
$objs = $linkedObject->getLinkedObjects();
foreach ($objs as $obj) {
$object_ids_filter .= ($object_ids_filter == '' ? '' : ',') . $obj->getId();
}
}
$filters = array();
if (!is_null($types)) {
$filters['types'] = $types;
}
if (!is_null($name_filter)) {
$filters['name'] = $name_filter;
}
if ($object_ids_filter != '') {
$filters['object_ids'] = $object_ids_filter;
}
$user = array_var($_GET, 'user');
$trashed = array_var($_GET, 'trashed', false);
$archived = array_var($_GET, 'archived', false);
/* if there's an action to execute, do so */
if (!$show_all_linked_objects) {
$this->processListActions();
}
$filterName = array_var($_GET, 'name');
$template_object_names = "";
$template_extra_condition = "true";
$template_objects = false;
if (in_array("template_task", array_var($filters, 'types', array())) || in_array("template_milestone", array_var($filters, 'types', array()))) {
$template_id = 0;
$template_objects = true;
if (isset($extra_list_params->template_id)) {
$template_id = $extra_list_params->template_id;
}
$tmpl_task = TemplateTasks::findById(intval($id_no_select));
if ($tmpl_task instanceof TemplateTask) {
$template_extra_condition = "o.id IN (SELECT object_id from " . TABLE_PREFIX . "template_tasks WHERE `template_id`=" . $tmpl_task->getTemplateId() . " OR `template_id`=0 AND `session_id`=" . logged_user()->getId() . " )";
} else {
$template_extra_condition = "o.id IN (SELECT object_id from " . TABLE_PREFIX . "template_tasks WHERE `template_id`=" . intval($template_id) . " OR `template_id`=0 AND `session_id`=" . logged_user()->getId() . " )";
}
} else {
$template_object_names = "AND name <> 'template_task' AND name <> 'template_milestone'";
}
$result = null;
$context = active_context();
$obj_type_types = array('content_object', 'dimension_object');
if (array_var($_GET, 'include_comments')) {
$obj_type_types[] = 'comment';
}
$type_condition = "";
if ($types) {
$type_condition = " AND name IN ('" . implode("','", $types) . "')";
}
$extra_conditions = array();
// user filter
if (in_array("contact", array_var($filters, 'types', array())) && isset($extra_list_params->is_user)) {
$joins[] = "\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "contacts c on c.object_id=o.id";
$extra_conditions[] = "\r\n\t\t\t\tc.user_type " . ($extra_list_params->is_user == 1 ? ">" : "=") . " 0";
if (isset($extra_list_params->has_permissions) && $extra_list_params->has_permissions > 0) {
$mem_id = $extra_list_params->has_permissions;
$extra_conditions[] = " EXISTS (\r\n\t\t\t\t\tSELECT cmp.permission_group_id FROM " . TABLE_PREFIX . "contact_member_permissions cmp\r\n\t\t\t\t\tWHERE cmp.permission_group_id IN (SELECT x.permission_group_id FROM " . TABLE_PREFIX . "contact_permission_groups x WHERE x.contact_id=o.id)\r\n\t\t\t\t\tAND cmp.member_id='{$mem_id}' \r\n\t\t\t\t\tAND cmp.object_type_id NOT IN (SELECT tp.object_type_id FROM " . TABLE_PREFIX . "tab_panels tp WHERE tp.enabled=0)\r\n\t\t\t\t\tAND cmp.object_type_id NOT IN (SELECT oott.id FROM " . TABLE_PREFIX . "object_types oott WHERE oott.name IN ('comment','template'))\r\n\t\t\t\t\tAND cmp.object_type_id IN (SELECT oott2.id FROM " . TABLE_PREFIX . "object_types oott2 WHERE oott2.type IN ('content_object','dimension_object'))\r\n\t\t\t\t)";
}
}
// Object type filter - exclude template types (if not template picker), filter by required type names (if specified) and match value with objects table
$extra_object_type_conditions = "\r\n\t\t\tAND name <> 'file revision' {$template_object_names} {$type_condition} AND o.object_type_id = ot.id";
$extra_conditions[] = ObjectTypes::getListableObjectsSqlCondition($extra_object_type_conditions);
// --
// logged user permission group ids
$logged_user_pg_ids = implode(',', logged_user()->getPermissionGroupIds());
// used in template object picker
$extra_conditions[] = $template_extra_condition;
// when filtering by name
if ($name_filter) {
$extra_conditions[] = "\r\n\t\t\t\tname LIKE '%{$name_filter}%'";
}
// when excluding some object in particular
if ($id_no_select != "undefined") {
$extra_conditions[] = "\r\n\t\t\t\tid <> '{$id_no_select}'";
}
// when filtering by some group of objects, for example in the linked objects view
if ($object_ids_filter != "") {
$extra_conditions[] = "\r\n\t\t\t\tid in ({$object_ids_filter})";
}
$joins[] = "\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "project_tasks pt on pt.object_id=o.id";
if (!SystemPermissions::userHasSystemPermission(logged_user(), 'can_see_assigned_to_other_tasks')) {
// exclude other users' tasks if cannot see them
$extra_conditions[] = "\r\n\t\t\t\t( pt.assigned_to_contact_id IS NULL OR pt.assigned_to_contact_id= " . logged_user()->getId() . ")";
}
// don't include tasks which have is_template=1
$extra_conditions[] = "\r\n\t\t\t( pt.is_template IS NULL OR pt.is_template=0)";
// trashed conditions
$extra_conditions[] = "\r\n\t\t\to.trashed_on" . ($trashed ? "<>" : "=") . "0";
// archived conditions
$extra_conditions[] = "\r\n\t\t\to.archived_on" . ($archived ? "<>" : "=") . "0";
// don't include unclassified mails from other accounts
if (Plugins::instance()->isActivePlugin('mail')) {
$accounts_of_loggued_user = MailAccountContacts::getByContact(logged_user());
$account_ids = array(0);
foreach ($accounts_of_loggued_user as $acc) {
$account_ids[] = $acc->getAccountId();
}
$joins[] = "\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "mail_contents mc on mc.object_id=o.id\r\n\t\t\t";
$extra_conditions[] = "\r\n\t\t\t\tIF( mc.account_id IS NULL, true, mc.account_id IN (" . implode(',', $account_ids) . ") OR EXISTS (\r\n\t\t\t\t\tSELECT om1.object_id FROM " . TABLE_PREFIX . "object_members om1 \r\n\t\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "members m1 ON m1.id=om1.member_id \r\n\t\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "dimensions d1 ON d1.id=m1.dimension_id \r\n\t\t\t\t\tWHERE om1.object_id=o.id AND d1.is_manageable=1)\r\n\t\t\t\t)";
}
// don't show attached files of emails that cannot be viewed
if (logged_user()->isAdministrator() && Plugins::instance()->isActivePlugin('mail')) {
$joins[] = "LEFT JOIN " . TABLE_PREFIX . "project_files pf on pf.object_id=o.id";
$extra_conditions[] = "IF(pf.mail_id IS NULL OR pf.mail_id = 0, true, \r\n\t\t\t\tpf.mail_id IN (SELECT sh.object_id FROM " . TABLE_PREFIX . "sharing_table sh WHERE pf.mail_id = sh.object_id AND sh.group_id IN ({$logged_user_pg_ids})))";
}
$only_count_result = array_var($_GET, 'only_result', false);
$count_results = array_var($_GET, 'count_results', false);
// Members filter
$sql_members = "";
if (!$ignore_context && !$member_ids) {
$members = active_context_members(false);
// Context Members Ids
} elseif (count($member_ids)) {
$members = $member_ids;
} else {
// get members from context
if (!$ignore_context) {
$members = active_context_members(false);
}
}
if (is_array($extra_member_ids)) {
if (isset($members)) {
$members = array_merge($members, $extra_member_ids);
} else {
$members = $extra_member_ids;
}
}
if (isset($members) && is_array($members) && count($members) > 0 && !(isset($template_id) && $template_id > 0)) {
$sql_members = "\r\n\t\t\t\tAND (EXISTS (SELECT om.object_id\r\n\t\t\t\t\tFROM " . TABLE_PREFIX . "object_members om\r\n\t\t\t\t\tWHERE om.member_id IN (" . implode(',', $members) . ") AND o.id = om.object_id \r\n\t\t\t\t\tGROUP BY object_id\r\n\t\t\t\t\tHAVING count(member_id) = " . count($members) . "\r\n\t\t\t\t))\r\n\t\t\t";
}
// --
// Permissions filter
if (isset($template_id) && $template_id > 0) {
// editing template items do not check permissions
$sql_permissions = "";
} else {
$sql_permissions = "\r\n\t\t\t\tAND EXISTS (SELECT sh.object_id FROM " . TABLE_PREFIX . "sharing_table sh WHERE sh.object_id=o.id AND sh.group_id IN ({$logged_user_pg_ids}))\r\n\t\t\t";
}
// Main select
$sql_select = "SELECT * FROM " . TABLE_PREFIX . "objects o ";
// Joins
$sql_joins = implode(" ", $joins);
// Where
$sql_where = "\r\n\t\t\tWHERE " . implode(" AND ", $extra_conditions) . $sql_permissions . $sql_members;
// Order
$sql_order = "";
if ($order) {
$sql_order = "\r\n\t\t\t\tORDER BY {$order} {$orderdir}\r\n\t\t\t";
}
// Limit
$sql_limit = "";
if ($start >= 0 && $limit > 0) {
$sql_limit = " LIMIT {$start}, {$limit}";
}
// Full SQL
$sql = "{$sql_select} {$sql_joins} {$sql_where} {$sql_order} {$sql_limit}";
// Execute query
if (!$only_count_result) {
$rows = DB::executeAll($sql);
}
// get total items
if ($count_results) {
$sql_count = "SELECT count(o.id) as total_items FROM " . TABLE_PREFIX . "objects o {$sql_joins} {$sql_where}";
$rows_count = DB::executeAll($sql_count);
$total_items = $rows_count[0]['total_items'];
} else {
if (isset($rows) && is_array($rows)) {
$total_items = count($rows) < $filesPerPage ? count($rows) : 1000000;
} else {
$total_items = 0;
}
}
// prepare response object
$info = array();
// get objects
if (isset($rows) && is_array($rows)) {
foreach ($rows as $row) {
$instance = Objects::findObject($row['id']);
if (!$instance instanceof ContentDataObject) {
continue;
}
$info_elem = $instance->getObject()->getArrayInfo();
$info_elem['url'] = $instance->getViewUrl();
$info_elem['isRead'] = $instance->getIsRead(logged_user()->getId());
$info_elem['manager'] = get_class($instance->manager());
$info_elem['memPath'] = json_encode($instance->getMembersIdsToDisplayPath());
if ($instance instanceof Contact) {
if ($instance->isCompany()) {
$info_elem['icon'] = 'ico-company';
$info_elem['type'] = 'company';
} else {
$info_elem['memPath'] = json_encode($instance->getUserType() ? "" : $instance->getMembersIdsToDisplayPath());
}
} else {
if ($instance instanceof ProjectFile) {
$info_elem['mimeType'] = $instance->getTypeString();
}
}
$info[] = $info_elem;
}
}
$listing = array("totalCount" => $total_items, "start" => $start, "objects" => $info);
ajx_extra_data($listing);
tpl_assign("listing", $listing);
if (isset($reload) && $reload) {
ajx_current("reload");
} else {
ajx_current("empty");
}
}
