Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix sql query for external users

Browse Source
This commit is contained in:
atm-greg
2023-09-07 16:47:57 +02:00
parent 5c03db3b05
commit b8455430af
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/commande/class/commandestats.class.php
View File

@@ -245,13 +245,14 @@ class CommandeStats extends Stats
global $user;
$sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg";
$sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product";
$sql .= " FROM ".$this->from;
$sql .= " LEFT JOIN ".$this->from_line." ON c.rowid = tl.fk_commande ";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as product ON tl.fk_product = product.rowid";
if (empty($user->rights->societe->client->voir) && !$user->socid) {
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
}
$sql .= $this->join;
$sql .= " WHERE ".$this->where;
$sql .= " AND c.rowid = tl.fk_commande AND tl.fk_product = product.rowid";
$sql .= " AND c.date_commande BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'";
$sql .= " GROUP BY product.ref";
$sql .= $this->db->order('nb', 'DESC');