function Reports($reportId = "") { $db = PearDatabase::getInstance(); $currentUser = Users_Record_Model::getCurrentUserModel(); $userId = $currentUser->getId(); $this->initListOfModules(); if ($reportId != "") { // Lookup information in cache first $cachedInfo = VTCacheUtils::lookupReport_Info($userId, $reportId); $subOrdinateUsers = VTCacheUtils::lookupReport_SubordinateUsers($reportId); if ($cachedInfo === false) { $ssql = "SELECT vtiger_reportmodules.*, vtiger_report.* FROM vtiger_report\n\t\t\t\t\t\t\tINNER JOIN vtiger_reportmodules ON vtiger_report.reportid = vtiger_reportmodules.reportmodulesid\n\t\t\t\t\t\t\tWHERE vtiger_report.reportid = ?"; $params = array($reportId); require_once 'include/utils/GetUserGroups.php'; require 'user_privileges/user_privileges_' . $userId . '.php'; $userGroups = new GetUserGroups(); $userGroups->getAllUserGroups($userId); $userGroupsList = $userGroups->user_groups; if (!empty($userGroupsList) && $currentUser->isAdminUser() == false) { $userGroupsQuery = " (shareid IN (" . generateQuestionMarks($userGroupsList) . ") AND setype='groups') OR"; array_push($params, $userGroupsList); } $nonAdminQuery = " vtiger_report.reportid IN (SELECT reportid from vtiger_reportsharing\n\t\t\t\t\t\t\t\t\tWHERE {$userGroupsQuery} (shareid=? AND setype='users'))"; if ($currentUser->isAdminUser() == false) { $ssql .= " AND (({$nonAdminQuery})\n\t\t\t\t\t\t\t\tOR vtiger_report.sharingtype = 'Public'\n\t\t\t\t\t\t\t\tOR vtiger_report.owner = ? OR vtiger_report.owner IN\n\t\t\t\t\t\t\t\t\t(SELECT vtiger_user2role.userid FROM vtiger_user2role\n\t\t\t\t\t\t\t\t\tINNER JOIN vtiger_users ON vtiger_users.id = vtiger_user2role.userid\n\t\t\t\t\t\t\t\t\tINNER JOIN vtiger_role ON vtiger_role.roleid = vtiger_user2role.roleid\n\t\t\t\t\t\t\t\t\tWHERE vtiger_role.parentrole LIKE '{$current_user_parent_role_seq}::%')\n\t\t\t\t\t\t\t\t)"; array_push($params, $userId, $userId); } $result = $db->pquery($ssql, $params); if ($result && $db->num_rows($result)) { $reportModulesRow = $db->fetch_array($result); // Update information in cache now VTCacheUtils::updateReport_Info($userId, $reportId, $reportModulesRow["primarymodule"], $reportModulesRow["secondarymodules"], $reportModulesRow["reporttype"], $reportModulesRow["reportname"], $reportModulesRow["description"], $reportModulesRow["folderid"], $reportModulesRow["owner"]); } $subOrdinateUsers = array(); $subResult = $db->pquery("SELECT userid FROM vtiger_user2role\n\t\t\t\t\t\t\t\t\tINNER JOIN vtiger_users ON vtiger_users.id = vtiger_user2role.userid\n\t\t\t\t\t\t\t\t\tINNER JOIN vtiger_role ON vtiger_role.roleid = vtiger_user2role.roleid\n\t\t\t\t\t\t\t\t\tWHERE vtiger_role.parentrole LIKE '{$current_user_parent_role_seq}::%'", array()); $numOfSubRows = $db->num_rows($subResult); for ($i = 0; $i < $numOfSubRows; $i++) { $subOrdinateUsers[] = $db->query_result($subResult, $i, 'userid'); } // Update subordinate user information for re-use VTCacheUtils::updateReport_SubordinateUsers($reportId, $subOrdinateUsers); // Re-look at cache to maintain code-consistency below $cachedInfo = VTCacheUtils::lookupReport_Info($userId, $reportId); } if ($cachedInfo) { $this->primodule = $cachedInfo["primarymodule"]; $this->secmodule = $cachedInfo["secondarymodules"]; $this->reporttype = $cachedInfo["reporttype"]; $this->reportname = decode_html($cachedInfo["reportname"]); $this->reportdescription = decode_html($cachedInfo["description"]); $this->folderid = $cachedInfo["folderid"]; if ($currentUser->isAdminUser() == true || in_array($cachedInfo["owner"], $subOrdinateUsers) || $cachedInfo["owner"] == $userId) { $this->is_editable = true; } else { $this->is_editable = false; } } } return $this; }
/** Function to set primodule,secmodule,reporttype,reportname,reportdescription,folderid for given vtiger_reportid * This function accepts the vtiger_reportid as argument * It sets primodule,secmodule,reporttype,reportname,reportdescription,folderid for the given vtiger_reportid */ function Reports($reportid = "") { global $adb, $current_user, $theme, $mod_strings; $this->initListOfModules(); if ($reportid != "") { // Lookup information in cache first $cachedInfo = VTCacheUtils::lookupReport_Info($current_user->id, $reportid); $subordinate_users = VTCacheUtils::lookupReport_SubordinateUsers($reportid); if ($cachedInfo === false) { $ssql = "select vtiger_reportmodules.*,vtiger_report.* from vtiger_report inner join vtiger_reportmodules on vtiger_report.reportid = vtiger_reportmodules.reportmodulesid"; $ssql .= " where vtiger_report.reportid = ?"; $params = array($reportid); require_once 'include/utils/GetUserGroups.php'; require 'user_privileges/user_privileges_' . $current_user->id . '.php'; $userGroups = new GetUserGroups(); $userGroups->getAllUserGroups($current_user->id); $user_groups = $userGroups->user_groups; if (!empty($user_groups) && $is_admin == false) { $user_group_query = " (shareid IN (" . generateQuestionMarks($user_groups) . ") AND setype='groups') OR"; array_push($params, $user_groups); } $non_admin_query = " vtiger_report.reportid IN (SELECT reportid from vtiger_reportsharing WHERE {$user_group_query} (shareid=? AND setype='users'))"; if ($is_admin == false) { $ssql .= " and ( (" . $non_admin_query . ") or vtiger_report.sharingtype='Public' or vtiger_report.owner = ? or vtiger_report.owner in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%'))"; array_push($params, $current_user->id); array_push($params, $current_user->id); } $query = $adb->pquery("select userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%'", array()); $subordinate_users = array(); for ($i = 0; $i < $adb->num_rows($query); $i++) { $subordinate_users[] = $adb->query_result($query, $i, 'userid'); } // Update subordinate user information for re-use VTCacheUtils::updateReport_SubordinateUsers($reportid, $subordinate_users); $result = $adb->pquery($ssql, $params); if ($result && $adb->num_rows($result)) { $reportmodulesrow = $adb->fetch_array($result); // Update information in cache now VTCacheUtils::updateReport_Info($current_user->id, $reportid, $reportmodulesrow["primarymodule"], $reportmodulesrow["secondarymodules"], $reportmodulesrow["reporttype"], $reportmodulesrow["reportname"], $reportmodulesrow["description"], $reportmodulesrow["folderid"], $reportmodulesrow["owner"]); } // Re-look at cache to maintain code-consistency below $cachedInfo = VTCacheUtils::lookupReport_Info($current_user->id, $reportid); } if ($cachedInfo) { $this->primodule = $cachedInfo["primarymodule"]; $this->secmodule = $cachedInfo["secondarymodules"]; $this->reporttype = $cachedInfo["reporttype"]; $this->reportname = decode_html($cachedInfo["reportname"]); $this->reportdescription = decode_html($cachedInfo["description"]); $this->folderid = $cachedInfo["folderid"]; if ($is_admin == true || in_array($cachedInfo["owner"], $subordinate_users) || $cachedInfo["owner"] == $current_user->id) { $this->is_editable = 'true'; } else { $this->is_editable = 'false'; } } else { echo "<table border='0' cellpadding='5' cellspacing='0' width='100%' height='450px'><tr><td align='center'>"; echo "<div style='border: 3px solid rgb(153, 153, 153); background-color: rgb(255, 255, 255); width: 80%; position: relative; z-index: 10000000;'>\n\n\t\t\t\t<table border='0' cellpadding='5' cellspacing='0' width='98%'>\n\t\t\t\t<tbody><tr>\n\t\t\t\t<td rowspan='2' width='11%'><img src='" . vtiger_imageurl('denied.gif', $theme) . "' ></td>\n\t\t\t\t<td style='border-bottom: 1px solid rgb(204, 204, 204);' nowrap='nowrap' width='70%'><span class='genHeaderSmall'>You are not allowed to View this Report </span></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t<td class='small' align='right' nowrap='nowrap'>\n\t\t\t\t<a href='javascript:window.history.back();'>{$app_strings['LBL_GO_BACK']}</a><br>\t\t\t\t\t\t\t\t \t\t </td>\n\t\t\t\t</tr>\n\t\t\t\t</tbody></table>\n\t\t\t\t</div>"; echo "</td></tr></table>"; exit; } } }