/** function used to get the query which will list the permitted fields * @param string $module - module name * @param string $disp_view - view name, this may be create_view, edit_view or detail_view * @return string $sql - query to get the list of fields which are permitted to the current user */ function getPermittedFieldsQuery($module, $disp_view) { global $adb, $log; $log->debug("Entering into the function getPermittedFieldsQuery()"); //To get the permitted blocks $blockid_list = getPermittedBlocks($module, $disp_view); $tabid = getTabid($module); $sql = "SELECT ec_field.columnname, ec_field.fieldlabel, ec_field.tablename FROM ec_field inner join ec_def_org_field on ec_def_org_field.fieldid=ec_field.fieldid left join ec_blocks on ec_blocks.blockid=ec_field.block WHERE ec_def_org_field.visible=0 and ec_field.tabid=" . $tabid . " AND ec_field.block IN {$blockid_list} AND ec_field.displaytype IN (1,2,4) ORDER BY ec_blocks.sequence,ec_field.sequence"; $log->debug("Exit from the function getPermittedFieldsQuery()."); return $sql; }
/** function used to get the query which will list the permitted fields * @param string $module - module name * @param string $disp_view - view name, this may be create_view, edit_view or detail_view * @return string $sql - query to get the list of fields which are permitted to the current user */ function getPermittedFieldsQuery($module, $disp_view) { global $adb, $log; $log->debug("Entering into the function getPermittedFieldsQuery({$module}, {$disp_view})"); global $current_user; require 'user_privileges/user_privileges_' . $current_user->id . '.php'; //To get the permitted blocks $blockid_list = getPermittedBlocks($module, $disp_view); $tabid = getTabid($module); if ($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0 || $module == "Users") { $sql = "SELECT vtiger_field.columnname, vtiger_field.fieldlabel, vtiger_field.tablename FROM vtiger_field WHERE vtiger_field.tabid=" . $tabid . " AND vtiger_field.block IN {$blockid_list} AND vtiger_field.displaytype IN (1,2,4) and vtiger_field.presence in (0,2) ORDER BY block,sequence"; } else { $profileList = getCurrentUserProfileList(); $sql = "SELECT vtiger_field.columnname, vtiger_field.fieldlabel, vtiger_field.tablename FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=" . $tabid . " AND vtiger_field.block IN " . $blockid_list . " AND vtiger_field.displaytype IN (1,2,4) AND vtiger_profile2field.visible=0 AND vtiger_def_org_field.visible=0 AND vtiger_profile2field.profileid IN (" . implode(",", $profileList) . ") and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid ORDER BY block,sequence"; } $log->debug("Exit from the function getPermittedFieldsQuery({$module}, {$disp_view}). Return value = {$sql}"); return $sql; }