2.0.7

benkeen · benkeen · commit e2f56054de9d · 2018-03-30T09:00:44.000-07:00
diff --git a/code/General.class.php b/code/General.class.php
@@ -19,45 +19,14 @@ class General
      */
     public static function getQuicklinkVisualizations($form_id, $view_id)
     {
-        $db = Core::$db;
-        $account_type = Core::$user->getAccountType();
-        $account_id = Core::$user->getAccountId();
-
-        $private_client_accessible_vis_ids = array();
-        if ($account_type == "client") {
-            $db->query("
-                SELECT vis_id
-                FROM   {PREFIX}module_data_visualization_clients
-                WHERE  account_id = :account_id
-            ");
-            $db->bind("account_id", $account_id);
-            $db->execute();
-
-            $private_client_accessible_vis_ids = $db->fetchAll(PDO::FETCH_COLUMN);
-        }
-
         $visualizations = Visualizations::searchVisualizations(array(
             "form_id"      => $form_id,
             "view_id"      => $view_id,
-            "account_type" => $account_type
+            "account_type" => Core::$user->getAccountType(),
+            "client_id"    => Core::$user->getAccountId()
         ));
 
-        $accessible_visualizations = array();
-        foreach ($visualizations as $vis_info) {
-            if ($vis_info["access_type"] == "public") {
-                $accessible_visualizations[] = $vis_info["vis_id"];
-            } else {
-                if ($account_type == "client") {
-                    if ($vis_info["access_type"] != "admin" && in_array($vis_info["export_group_id"], $private_client_accessible_vis_ids)) {
-                        $accessible_visualizations[] = $vis_info["vis_id"];
-                    }
-                } else {
-                    $accessible_visualizations[] = $vis_info["vis_id"];
-                }
-            }
-        }
-
-        return $accessible_visualizations;
+        return array_column($visualizations, "vis_id");
     }
 
 
diff --git a/code/Module.class.php b/code/Module.class.php
@@ -17,8 +17,8 @@ class Module extends FormToolsModule
     protected $author = "Ben Keen";
     protected $authorEmail = "ben.keen@gmail.com";
     protected $authorLink = "https://formtools.org";
-    protected $version = "2.0.6";
-    protected $date = "2018-03-24";
+    protected $version = "2.0.7";
+    protected $date = "2018-03-31";
     protected $originLanguage = "en_us";
     protected $jsFiles = array(
         "https://www.gstatic.com/charts/loader.js",
@@ -86,14 +86,11 @@ public function install($module_id)
         ";
 
         try {
-            $db->beginTransaction();
             foreach ($queries as $query) {
                 $db->query($query);
                 $db->execute();
             }
-            $db->processTransaction();
         } catch (Exception $e) {
-            $db->rollbackTransaction();
             $L = $this->getLangStrings();
             return array(false, $L["notify_installation_problem_c"] . " <b>" . $e->getMessage() . "</b>");
         }
@@ -196,7 +193,7 @@ public function addQuicklink($params)
 
         $vis_id_str = implode(",", $vis_ids);
 
-      // output the visualization IDs right into the page. This will save an HTTP request to retrieve them later
+      // output the visualization IDs right into the page. This saves an HTTP request to retrieve them later
       echo <<< END
     <script>g.vis_ids = [$vis_id_str];</script>
 END;
diff --git a/code/Visualizations.class.php b/code/Visualizations.class.php
@@ -157,7 +157,6 @@ public static function searchVisualizations($search_criteria)
 
         $where_clauses = array();
         if (isset($search_criteria["keyword"]) && !empty($search_criteria["keyword"])) {
-            //$keyword = General::sanitize($search_criteria["keyword"]);
             $keyword = $search_criteria["keyword"];
             $where_clauses[] = "vis_name LIKE '%$keyword%'";
         }
@@ -210,6 +209,8 @@ public static function searchVisualizations($search_criteria)
                 }
             }
 
+            // if this is a client account, check the permissions for admin/private forms to confirm the visualization
+            // can be viewed
             if ($account_type == "client") {
                 if ($row["access_type"] == "admin") {
                     continue;

Original file line number	Diff line number	Diff line change
`@@ -157,7 +157,6 @@ public static function searchVisualizations($search_criteria)`
`157`	`157`
`158`	`158`	`$where_clauses = array();`
`159`	`159`	`if (isset($search_criteria["keyword"]) && !empty($search_criteria["keyword"])) {`
`160`		`- //$keyword = General::sanitize($search_criteria["keyword"]);`
`161`	`160`	`$keyword = $search_criteria["keyword"];`
`162`	`161`	`$where_clauses[] = "vis_name LIKE '%$keyword%'";`
`163`	`162`	`}`
`@@ -210,6 +209,8 @@ public static function searchVisualizations($search_criteria)`
`210`	`209`	`}`
`211`	`210`	`}`
`212`	`211`
	`212`	`+ // if this is a client account, check the permissions for admin/private forms to confirm the visualization`
	`213`	`+ // can be viewed`
`213`	`214`	`if ($account_type == "client") {`
`214`	`215`	`if ($row["access_type"] == "admin") {`
`215`	`216`	`continue;`