X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fbrowse%2Fcust_attachment.html;h=7330c05a4b5a852d9d5adbad7405a0122ccd04dd;hb=32d3fef150fd4ad2d900468dacb5a98688818f37;hp=9d62e56094c15ca682bfc4bb994beaaf8f9702fa;hpb=fb4ab1073f0d15d660c6cdc4e07afebf68ef3924;p=freeside.git
diff --git a/httemplate/browse/cust_attachment.html b/httemplate/browse/cust_attachment.html
index 9d62e5609..7330c05a4 100755
--- a/httemplate/browse/cust_attachment.html
+++ b/httemplate/browse/cust_attachment.html
@@ -11,10 +11,7 @@
!
,
- 'query' => { 'table' => 'cust_attachment',
- 'hashref' => $hashref,
- 'order_by' => 'ORDER BY '.$orderby,
- },
+ 'query' => $query,
'count_query' => $count_query,
'header' => [ selflink('#',orderby => 'attachnum'),
selflink('Customer',orderby => 'custnum'),
@@ -90,18 +87,24 @@ else {
}
}
-my $hashref = $disabled ?
- { disabled => { op => '>', value => 0 } } :
- { disabled => '' };
+my $orderby = $cgi->param('orderby') || 'custnum';
-my $count_query = 'SELECT COUNT(*) FROM cust_attachment WHERE '. ($disabled ?
- 'disabled > 0' : 'disabled IS NULL');
+my $query = {
+ table => 'cust_attachment',
+ hashref => { disabled => $disabled ? { op => '>', value => 0 } : '', },
+ order_by => "ORDER BY $orderby",
+ addl_from => 'JOIN cust_main USING (custnum)',
+ extra_sql => ' AND ' . $curuser->agentnums_sql,
+};
-my $orderby = $cgi->param('orderby') || 'custnum';
+my $count_query = 'SELECT COUNT(*) FROM cust_attachment'
+ . ' JOIN cust_main USING (custnum)'
+ . ' WHERE ' . $curuser->agentnums_sql
+ . ' AND disabled ' . ( $disabled ? '> 0' : 'IS NULL' );
my $sub_cust = sub {
my $c = qsearchs('cust_main', { custnum => shift->custnum } );
- return $c ? $c->name : '(not found)';
+ return $c ? encode_entities($c->name) : '(not found)';
};
my $sub_date = sub {