Skip to content
Snippets Groups Projects
Commit d2af63dc authored by Prasad's avatar Prasad
Browse files

Fixed building pquery or vtws_query for mail lookup with searchTerm

parent 64688956
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
pkg/vtiger/modules/MailManager/modules/MailManager/MailManager.php
+ 12
5
View file @ d2af63dc
...@@ -35,21 +35,24 @@ class MailManager { ...@@ -35,21 +35,24 @@ class MailManager {
$searchFieldList = array_merge($referenceModuleEmailFields, $referenceModuleEntityFieldsArray); $searchFieldList = array_merge($referenceModuleEmailFields, $referenceModuleEntityFieldsArray);
if(!empty($searchFieldList) && !empty($referenceModuleEmailFields)) { if(!empty($searchFieldList) && !empty($referenceModuleEmailFields)) {
$searchFieldListString = implode(',', $referenceModuleEmailFields); $searchFieldListString = implode(',', $referenceModuleEmailFields);
$where = null; $where = "";
$params = array();
for($i=0; $i<php7_count($searchFieldList); $i++) { for($i=0; $i<php7_count($searchFieldList); $i++) {
if($i == php7_count($searchFieldList) - 1) { if($i == php7_count($searchFieldList) - 1) {
$where .= sprintf($searchFieldList[$i]." like '%s'", $searchTerm); $where .= ($searchFieldList[$i]." like '%s'");
$params[] = $searchTerm;
} else { } else {
$where .= sprintf($searchFieldList[$i]." like '%s' or ", $searchTerm); $where .= ($searchFieldList[$i]." like '%s' or ");
$params[] = $searchTerm;
} }
} }
if(!empty($where)) $where = "WHERE $where";
if($referenceModule == 'Users' && !is_admin($user)){ if($referenceModule == 'Users' && !is_admin($user)){
//Have to do seperate query since webservices will throw permission denied for users module for non admin users //Have to do seperate query since webservices will throw permission denied for users module for non admin users
global $adb; global $adb;
if(!empty($where)) $where = "WHERE " . (str_replace("'%s'", '?', $where)); // query placeholders
$where .= " AND vtiger_users.status='Active'"; $where .= " AND vtiger_users.status='Active'";
$query = "select $searchFieldListString,id from vtiger_users $where"; $query = "select $searchFieldListString,id from vtiger_users $where";
$dbResult = $adb->pquery($query,array()); $dbResult = $adb->pquery($query, $params);
$num_rows = $adb->num_rows($dbResult); $num_rows = $adb->num_rows($dbResult);
$result = array(); $result = array();
for($i=0;$i<$num_rows;$i++) { for($i=0;$i<$num_rows;$i++) {
...@@ -60,6 +63,10 @@ class MailManager { ...@@ -60,6 +63,10 @@ class MailManager {
$result[] = $row; $result[] = $row;
} }
}else{ }else{
if(!empty($where)) {
array_unshift($params, $where);
$where = "WHERE " . call_user_func_array("sprintf", $params); // webservice query strings
}
$result = vtws_query("select $searchFieldListString from $referenceModule $where;", $user); $result = vtws_query("select $searchFieldListString from $referenceModule $where;", $user);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.