From 9b025da73261e80867458926b3ac22c9d5ce535b Mon Sep 17 00:00:00 2001 From: Adrian Greeve Date: Wed, 7 Nov 2012 19:50:15 +0100 Subject: [PATCH] MDL-35558 mod_data: Show only own entries while there are required pending. --- mod/data/lib.php | 16 ++++++++++------ mod/data/view.php | 39 ++++++++++++++++++++++----------------- 2 files changed, 32 insertions(+), 23 deletions(-) diff --git a/mod/data/lib.php b/mod/data/lib.php index 583ea73bb5e..d78acc5d985 100644 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -3514,7 +3514,7 @@ function data_get_recordids($alias, $searcharray, $dataid, $recordids) { * @param int $sort DATA_* * @param stdClass $data Data module object * @param array $recordids An array of record IDs. - * @param string $selectdata Information for the select part of the sql statement. + * @param string $selectdata Information for the where and select part of the sql statement. * @param string $sortorder Additional sort parameters * @return array sqlselect sqlselect['sql'] has the sql string, sqlselect['params'] contains an array of parameters. */ @@ -3559,13 +3559,17 @@ function data_get_advanced_search_sql($sort, $data, $recordids, $selectdata, $so {user} u '; $groupsql = ' GROUP BY r.id, r.approved, r.timecreated, r.timemodified, r.userid, u.firstname, u.lastname, ' .$sortcontentfull; } - $nestfromsql = 'WHERE c.recordid = r.id - AND r.dataid = :dataid - AND r.userid = u.id'; + + // Default to a standard Where statement if $selectdata is empty. + if ($selectdata == '') { + $selectdata = 'WHERE c.recordid = r.id + AND r.dataid = :dataid + AND r.userid = u.id '; + } // Find the field we are sorting on if ($sort > 0 or data_get_field_from_id($sort, $data)) { - $nestfromsql .= ' AND c.fieldid = :sort'; + $selectdata .= ' AND c.fieldid = :sort'; } // If there are no record IDs then return an sql statment that will return no rows. @@ -3574,7 +3578,7 @@ function data_get_advanced_search_sql($sort, $data, $recordids, $selectdata, $so } else { list($insql, $inparam) = $DB->get_in_or_equal(array('-1'), SQL_PARAMS_NAMED); } - $nestfromsql .= ' AND c.recordid ' . $insql . $selectdata . $groupsql; + $nestfromsql = $selectdata . ' AND c.recordid ' . $insql . $groupsql; $sqlselect['sql'] = "$nestselectsql $nestfromsql $sortorder"; $sqlselect['params'] = $inparam; return $sqlselect; diff --git a/mod/data/view.php b/mod/data/view.php index 1b2d85b73ef..0b76db04996 100644 --- a/mod/data/view.php +++ b/mod/data/view.php @@ -456,11 +456,15 @@ if ($showactivity) { $requiredentries_allowed = false; } + // Initialise the first group of params for advanced searches. + $initialparams = array(); + /// setup group and approve restrictions if (!$approvecap && $data->approval) { if (isloggedin()) { $approveselect = ' AND (r.approved=1 OR r.userid=:myid1) '; $params['myid1'] = $USER->id; + $initialparams['myid1'] = $params['myid1']; } else { $approveselect = ' AND r.approved=1 '; } @@ -471,6 +475,7 @@ if ($showactivity) { if ($currentgroup) { $groupselect = " AND (r.groupid = :currentgroup OR r.groupid = 0)"; $params['currentgroup'] = $currentgroup; + $initialparams['currentgroup'] = $params['currentgroup']; } else { if ($canviewallrecords) { $groupselect = ' '; @@ -486,6 +491,8 @@ if ($showactivity) { $advwhere = ''; $advtables = ''; $advparams = array(); + // This is used for the initial reduction of advanced search results with required entries. + $entrysql = ''; /// Find the field we are sorting on if ($sort <= 0 or !$sortfield = data_get_field_from_id($sort, $data)) { @@ -514,8 +521,7 @@ if ($showactivity) { $tables = '{data_content} c,{data_records} r, {data_content} cs, {user} u '; $where = 'WHERE c.recordid = r.id AND r.dataid = :dataid - AND r.userid = u.id - AND cs.recordid = r.id '; + AND r.userid = u.id '; $params['dataid'] = $data->id; $sortorder = ' ORDER BY '.$ordering.', r.id ASC '; $searchselect = ''; @@ -523,7 +529,9 @@ if ($showactivity) { // If requiredentries is not reached, only show current user's entries if (!$requiredentries_allowed) { $where .= ' AND u.id = :myid2 '; + $entrysql = ' AND r.userid = :myid3 '; $params['myid2'] = $USER->id; + $initialparams['myid3'] = $params['myid2']; } if (!empty($advanced)) { //If advanced box is checked. @@ -541,6 +549,7 @@ if ($showactivity) { $advparams = array_merge($advparams, $val->params); } } else if ($search) { + $where .= ' AND cs.recordid = r.id '; $searchselect = " AND (".$DB->sql_like('cs.content', ':search1', false)." OR ".$DB->sql_like('u.firstname', ':search2', false)." OR ".$DB->sql_like('u.lastname', ':search3', false)." ) "; $params['search1'] = "%$search%"; $params['search2'] = "%$search%"; @@ -558,10 +567,11 @@ if ($showactivity) { $count = ' COUNT(DISTINCT c.recordid) '; $tables = '{data_content} c, {data_records} r, {data_content} cs, {user} u '; $where = 'WHERE c.recordid = r.id - AND c.fieldid = :sort AND r.dataid = :dataid - AND r.userid = u.id - AND cs.recordid = r.id '; + AND r.userid = u.id '; + if (!$advanced) { + $where .= 'AND c.fieldid = :sort'; + } $params['dataid'] = $data->id; $params['sort'] = $sort; $sortorder = ' ORDER BY sortorder '.$order.' , r.id ASC '; @@ -569,8 +579,10 @@ if ($showactivity) { // If requiredentries is not reached, only show current user's entries if (!$requiredentries_allowed) { - $where .= ' AND u.id = ' . $USER->id; + $where .= ' AND u.id = :myid2'; + $entrysql = ' AND r.userid = :myid3'; $params['myid2'] = $USER->id; + $initialparams['myid3'] = $params['myid2']; } $i = 0; if (!empty($advanced)) { //If advanced box is checked. @@ -587,6 +599,7 @@ if ($showactivity) { $advparams = array_merge($advparams, $val->params); } } else if ($search) { + $where .= ' AND cs.recordid = r.id '; $searchselect = " AND (".$DB->sql_like('cs.content', ':search1', false)." OR ".$DB->sql_like('u.firstname', ':search2', false)." OR ".$DB->sql_like('u.lastname', ':search3', false)." ) "; $params['search1'] = "%$search%"; $params['search2'] = "%$search%"; @@ -599,23 +612,15 @@ if ($showactivity) { /// To actually fetch the records $fromsql = "FROM $tables $advtables $where $advwhere $groupselect $approveselect $searchselect $advsearchselect"; - $sqlcount = "SELECT $count $fromsql"; // Total number of records when searching - $sqlmax = "SELECT $count FROM $tables $where $groupselect $approveselect"; // number of all recoirds user may see $allparams = array_merge($params, $advparams); // Provide initial sql statements and parameters to reduce the number of total records. - $selectdata = $groupselect . $approveselect; - $initialparams = array(); - if ($currentgroup) { - $initialparams['currentgroup'] = $params['currentgroup']; - } - if (!$approvecap && $data->approval && isloggedin()) { - $initialparams['myid1'] = $params['myid1']; - } + $initialselect = $groupselect . $approveselect . $entrysql; - $recordids = data_get_all_recordids($data->id, $selectdata, $initialparams); + $recordids = data_get_all_recordids($data->id, $initialselect, $initialparams); $newrecordids = data_get_advance_search_ids($recordids, $search_array, $data->id); $totalcount = count($newrecordids); + $selectdata = $where . $groupselect . $approveselect; if (!empty($advanced)) { $advancedsearchsql = data_get_advanced_search_sql($sort, $data, $newrecordids, $selectdata, $sortorder);