AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-26 07:15:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Limit User access to restricted clients under global search

Browse Source
This commit is contained in:
johnnyq
2024-05-12 13:54:34 -04:00
parent ff4628465c
commit bd12319422
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
global_search.php
View File

@@ -24,6 +24,7 @@ if (isset($_GET['query'])) {
LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1
WHERE client_archived_at IS NULL WHERE client_archived_at IS NULL
AND client_name LIKE '%$query%' AND client_name LIKE '%$query%'
$access_permission_query
ORDER BY client_id DESC LIMIT 5" ORDER BY client_id DESC LIMIT 5"
); );
@@ -35,6 +36,7 @@ if (isset($_GET['query'])) {
OR contact_email LIKE '%$query%' OR contact_email LIKE '%$query%'
OR contact_phone LIKE '%$phone_query%' OR contact_phone LIKE '%$phone_query%'
OR contact_mobile LIKE '%$phone_query%') OR contact_mobile LIKE '%$phone_query%')
$access_permission_query
ORDER BY contact_id DESC LIMIT 5" ORDER BY contact_id DESC LIMIT 5"
); );
@@ -43,6 +45,7 @@ if (isset($_GET['query'])) {
WHERE vendor_archived_at IS NULL WHERE vendor_archived_at IS NULL
AND vendor_template = 0 AND vendor_template = 0
AND (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%')
$access_permission_query
ORDER BY vendor_id DESC LIMIT 5" ORDER BY vendor_id DESC LIMIT 5"
); );
@@ -50,6 +53,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients ON domain_client_id = client_id LEFT JOIN clients ON domain_client_id = client_id
WHERE domain_archived_at IS NULL WHERE domain_archived_at IS NULL
AND domain_name LIKE '%$query%' AND domain_name LIKE '%$query%'
$access_permission_query
ORDER BY domain_id DESC LIMIT 5" ORDER BY domain_id DESC LIMIT 5"
); );
@@ -63,6 +67,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients on document_client_id = clients.client_id LEFT JOIN clients on document_client_id = clients.client_id
WHERE document_archived_at IS NULL WHERE document_archived_at IS NULL
AND MATCH(document_content_raw) AGAINST ('$query') AND MATCH(document_content_raw) AGAINST ('$query')
$access_permission_query
ORDER BY document_id DESC LIMIT 5" ORDER BY document_id DESC LIMIT 5"
); );
@@ -72,6 +77,7 @@ if (isset($_GET['query'])) {
WHERE file_archived_at IS NULL WHERE file_archived_at IS NULL
AND (file_name LIKE '%$query%' AND (file_name LIKE '%$query%'
OR file_description LIKE '%$query%') OR file_description LIKE '%$query%')
$access_permission_query
ORDER BY file_id DESC LIMIT 5" ORDER BY file_id DESC LIMIT 5"
); );
@@ -81,6 +87,7 @@ if (isset($_GET['query'])) {
WHERE ticket_archived_at IS NULL WHERE ticket_archived_at IS NULL
AND (ticket_subject LIKE '%$query%' AND (ticket_subject LIKE '%$query%'
OR ticket_number = '$ticket_num_query') OR ticket_number = '$ticket_num_query')
$access_permission_query
ORDER BY ticket_id DESC LIMIT 5" ORDER BY ticket_id DESC LIMIT 5"
); );
@@ -88,6 +95,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients ON scheduled_ticket_client_id = client_id LEFT JOIN clients ON scheduled_ticket_client_id = client_id
WHERE scheduled_ticket_subject LIKE '%$query%' WHERE scheduled_ticket_subject LIKE '%$query%'
OR scheduled_ticket_details LIKE '%$query%' OR scheduled_ticket_details LIKE '%$query%'
$access_permission_query
ORDER BY scheduled_ticket_id DESC LIMIT 5" ORDER BY scheduled_ticket_id DESC LIMIT 5"
); );
@@ -96,6 +104,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients ON login_client_id = client_id LEFT JOIN clients ON login_client_id = client_id
WHERE login_archived_at IS NULL WHERE login_archived_at IS NULL
AND (login_name LIKE '%$query%' OR login_description LIKE '%$query%') AND (login_name LIKE '%$query%' OR login_description LIKE '%$query%')
$access_permission_query
ORDER BY login_id DESC LIMIT 5" ORDER BY login_id DESC LIMIT 5"
); );
@@ -104,6 +113,7 @@ if (isset($_GET['query'])) {
LEFT JOIN categories ON invoice_category_id = category_id LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_archived_at IS NULL WHERE invoice_archived_at IS NULL
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$query%' OR invoice_scope LIKE '%$query%') AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$query%' OR invoice_scope LIKE '%$query%')
$access_permission_query
ORDER BY invoice_number DESC LIMIT 5" ORDER BY invoice_number DESC LIMIT 5"
); );
@@ -113,6 +123,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients ON asset_client_id = client_id LEFT JOIN clients ON asset_client_id = client_id
WHERE asset_archived_at IS NULL WHERE asset_archived_at IS NULL
AND (asset_name LIKE '%$query%' OR asset_description LIKE '%$query%' OR asset_type LIKE '%$query%' OR asset_make LIKE '%$query%' OR asset_model LIKE '%$query%' OR asset_serial LIKE '%$query%' OR asset_os LIKE '%$query%' OR asset_ip LIKE '%$query%' OR asset_nat_ip LIKE '%$query%' OR asset_mac LIKE '%$query%' OR asset_status LIKE '%$query%') AND (asset_name LIKE '%$query%' OR asset_description LIKE '%$query%' OR asset_type LIKE '%$query%' OR asset_make LIKE '%$query%' OR asset_model LIKE '%$query%' OR asset_serial LIKE '%$query%' OR asset_os LIKE '%$query%' OR asset_ip LIKE '%$query%' OR asset_nat_ip LIKE '%$query%' OR asset_mac LIKE '%$query%' OR asset_status LIKE '%$query%')
$access_permission_query
ORDER BY asset_name DESC LIMIT 5" ORDER BY asset_name DESC LIMIT 5"
); );
@@ -121,6 +132,7 @@ if (isset($_GET['query'])) {
LEFT JOIN clients ON ticket_client_id = client_id LEFT JOIN clients ON ticket_client_id = client_id
WHERE ticket_reply_archived_at IS NULL WHERE ticket_reply_archived_at IS NULL
AND (ticket_reply LIKE '%$query%') AND (ticket_reply LIKE '%$query%')
$access_permission_query
ORDER BY ticket_id DESC, ticket_reply_id ASC LIMIT 20" ORDER BY ticket_id DESC, ticket_reply_id ASC LIMIT 20"
); );