quote names in sql statements of getProcessesWithoutUserGroup()

This commit is contained in:
Uwe Steinmann 2017-08-02 17:40:27 +02:00
parent d0b9084ad6
commit 141895b80d

View File

@ -2137,19 +2137,19 @@ class SeedDMS_Core_DMS {
function getProcessWithoutUserGroup($process, $usergroup) { /* {{{ */ function getProcessWithoutUserGroup($process, $usergroup) { /* {{{ */
switch($process) { switch($process) {
case 'review': case 'review':
$queryStr = "SELECT a.*, b.name FROM tblDocumentReviewers"; $queryStr = "SELECT a.*, b.`name` FROM `tblDocumentReviewers`";
break; break;
case 'approval': case 'approval':
$queryStr = "SELECT a.*, b.name FROM tblDocumentApprovers"; $queryStr = "SELECT a.*, b.`name` FROM `tblDocumentApprovers`";
break; break;
} }
$queryStr .= " a LEFT JOIN tblDocuments b ON a.documentID=b.id where"; $queryStr .= " a LEFT JOIN `tblDocuments` b ON a.`documentID`=b.`id` where";
switch($usergroup) { switch($usergroup) {
case 'user': case 'user':
$queryStr .= " a.type=0 and a.required not in (select id from tblUsers) ORDER by b.id"; $queryStr .= " a.`type`=0 and a.`required` not in (select `id` from `tblUsers`) ORDER by b.`id`";
break; break;
case 'group': case 'group':
$queryStr .= " a.type=1 and a.required not in (select id from tblGroups) ORDER by b.id"; $queryStr .= " a.`type`=1 and a.`required` not in (select `id` from `tblGroups`) ORDER by b.`id`";
break; break;
} }
return $this->db->getResultArray($queryStr); return $this->db->getResultArray($queryStr);