Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[7741] trunk/SuppTransGLAnalysis.php
|
From: <te...@us...> - 2017-03-21 03:50:42
|
Revision: 7741
http://sourceforge.net/p/web-erp/reponame/7741
Author: tehonu
Date: 2017-03-21 03:50:39 +0000 (Tue, 21 Mar 2017)
Log Message:
-----------
Fixed bug where User was able to select all GL accounts not only the GL accounts she is authorized to.
Modified Paths:
--------------
trunk/SuppTransGLAnalysis.php
Modified: trunk/SuppTransGLAnalysis.php
===================================================================
--- trunk/SuppTransGLAnalysis.php 2017-03-19 12:52:53 UTC (rev 7740)
+++ trunk/SuppTransGLAnalysis.php 2017-03-21 03:50:39 UTC (rev 7741)
@@ -198,8 +198,12 @@
<br />' . _('otherwise select the account from the list') . ')</td>
<td><select name="AcctSelection">';
-$sql = "SELECT accountcode, accountname FROM chartmaster ORDER BY accountcode";
-
+$sql = "SELECT chartmaster.accountcode,
+ chartmaster.accountname
+ FROM chartmaster
+ INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" . $_SESSION['UserID'] . "' AND glaccountusers.canview=1
+ ORDER BY chartmaster.accountcode";
+
$result = DB_query($sql);
echo '<option value=""></option>';
while ($myrow = DB_fetch_array($result)) {
|
