chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix SQL error see BT#14352

Browse Source
pull/2525/head
jmontoyaa 7 years ago
parent 4fb9432072
commit 65a69b752e
1 changed files with 9 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 18
      main/admin/user_list.php

18
main/admin/user_list.php
Unescape View File

@ -208,17 +208,17 @@ function trimVariables()
* Prepares the shared SQL query for the user table. * Prepares the shared SQL query for the user table.
* See get_user_data() and get_number_of_users(). * See get_user_data() and get_number_of_users().
* *
* @param bool $is_count Whether to count, or get data * @param bool $getCount Whether to count, or get data
* *
* @return string SQL query * @return string SQL query
*/ */
function prepare_user_sql_query($is_count) function prepare_user_sql_query($getCount)
{ {
$sql = ''; $sql = '';
$user_table = Database::get_main_table(TABLE_MAIN_USER); $user_table = Database::get_main_table(TABLE_MAIN_USER);
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN); $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
if ($is_count) { if ($getCount) {
$sql .= "SELECT COUNT(u.id) AS total_number_of_items FROM $user_table u"; $sql .= "SELECT COUNT(u.id) AS total_number_of_items FROM $user_table u";
} else { } else {
$sql .= "SELECT u.id AS col0, u.official_code AS col2, "; $sql .= "SELECT u.id AS col0, u.official_code AS col2, ";
@ -325,6 +325,7 @@ function prepare_user_sql_query($is_count)
if (!empty($keywordListValues['keyword_officialcode'])) { if (!empty($keywordListValues['keyword_officialcode'])) {
$sql .= " AND u.official_code LIKE '".Database::escape_string("%".$keywordListValues['keyword_officialcode']."%")."' "; $sql .= " AND u.official_code LIKE '".Database::escape_string("%".$keywordListValues['keyword_officialcode']."%")."' ";
} }
$sql .= " $sql .= "
$keyword_admin $keyword_admin
$keyword_extra_value $keyword_extra_value
@ -342,6 +343,11 @@ function prepare_user_sql_query($is_count)
$sql .= " ) "; $sql .= " ) ";
} }
$preventSessionAdminsToManageAllUsers = api_get_setting('prevent_session_admins_to_manage_all_users');
if (api_is_session_admin() && $preventSessionAdminsToManageAllUsers === 'true') {
$sql .= " AND u.creator_id = ".api_get_user_id();
}
$variables = Session::read('variables_to_show', []); $variables = Session::read('variables_to_show', []);
if (!empty($variables)) { if (!empty($variables)) {
$extraField = new ExtraField('user'); $extraField = new ExtraField('user');
@ -445,12 +451,6 @@ function get_user_data($from, $number_of_items, $column, $direction)
$column = intval($column); $column = intval($column);
$from = intval($from); $from = intval($from);
$number_of_items = intval($number_of_items); $number_of_items = intval($number_of_items);
$preventSessionAdminsToManageAllUsers = api_get_setting('prevent_session_admins_to_manage_all_users');
if (api_is_session_admin() && $preventSessionAdminsToManageAllUsers === 'true') {
$sql .= " WHERE u.creator_id = ".api_get_user_id();
}
$sql .= " ORDER BY col$column $direction "; $sql .= " ORDER BY col$column $direction ";
$sql .= " LIMIT $from,$number_of_items"; $sql .= " LIMIT $from,$number_of_items";

Write Preview
Loading…
Cancel
Save