/** function used to get the query which will list the permitted fields
* @param string $module - module name
* @param string $disp_view - view name, this may be create_view, edit_view or detail_view
* @return string $sql - query to get the list of fields which are permitted to the current user
*/
function getPermittedFieldsQuery($module, $disp_view)
{
global $adb, $log;
$log->debug("Entering into the function getPermittedFieldsQuery()");
//To get the permitted blocks
$blockid_list = getPermittedBlocks($module, $disp_view);
$tabid = getTabid($module);
$sql = "SELECT ec_field.columnname, ec_field.fieldlabel, ec_field.tablename FROM ec_field inner join ec_def_org_field on ec_def_org_field.fieldid=ec_field.fieldid left join ec_blocks on ec_blocks.blockid=ec_field.block WHERE ec_def_org_field.visible=0 and ec_field.tabid=" . $tabid . " AND ec_field.block IN {$blockid_list} AND ec_field.displaytype IN (1,2,4) ORDER BY ec_blocks.sequence,ec_field.sequence";
$log->debug("Exit from the function getPermittedFieldsQuery().");
return $sql;
}
/** function used to get the query which will list the permitted fields
* @param string $module - module name
* @param string $disp_view - view name, this may be create_view, edit_view or detail_view
* @return string $sql - query to get the list of fields which are permitted to the current user
*/
function getPermittedFieldsQuery($module, $disp_view)
{
global $adb, $log;
$log->debug("Entering into the function getPermittedFieldsQuery({$module}, {$disp_view})");
global $current_user;
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
//To get the permitted blocks
$blockid_list = getPermittedBlocks($module, $disp_view);
$tabid = getTabid($module);
if ($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0 || $module == "Users") {
$sql = "SELECT vtiger_field.columnname, vtiger_field.fieldlabel, vtiger_field.tablename FROM vtiger_field WHERE vtiger_field.tabid=" . $tabid . " AND vtiger_field.block IN {$blockid_list} AND vtiger_field.displaytype IN (1,2,4) and vtiger_field.presence in (0,2) ORDER BY block,sequence";
} else {
$profileList = getCurrentUserProfileList();
$sql = "SELECT vtiger_field.columnname, vtiger_field.fieldlabel, vtiger_field.tablename FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=" . $tabid . " AND vtiger_field.block IN " . $blockid_list . " AND vtiger_field.displaytype IN (1,2,4) AND vtiger_profile2field.visible=0 AND vtiger_def_org_field.visible=0 AND vtiger_profile2field.profileid IN (" . implode(",", $profileList) . ") and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid ORDER BY block,sequence";
}
$log->debug("Exit from the function getPermittedFieldsQuery({$module}, {$disp_view}). Return value = {$sql}");
return $sql;
}
