regarding earlier security filter issue

Archived from the Xataface Users forum.

samhans — Mon Feb 20, 2012 10:09 pm

Suppose you have 2 columns: owner_id and approver_id. Then you want to create a grafted field called role such that:
If current user is the owner, role = ‘owner’
else if current user is an approver, role = ‘approver’
else role is null.

Then you could implement an __sql__() method like:

Code: Select all
function __sql__(){
$user_id = getUser(); ///
return “select demand.*, if(owner_id=’“.addslashes($user_id).”’,’owner’, if(approver_id=’“.addslashes($user_id).”’, ‘approver’, null)) as role from demand”;
}

Then you could set a security filter on the “role” field:

Code: Select all
$table->setSecurityFilter(array(‘role’=>’>’));

steve i am getting the error: addslashes()expects parameter 1 to be string, object given in ……demand.php

please help. i think some problem with addslashes.

---

samhans — Tue Feb 21, 2012 9:14 pm

hai,
in my previous code i think the $user_id = getUser() has some problem because it is returning an object but string is required in our query.

how to solve this problem.. i M WAITING!!!!

---

samhans — Tue Feb 21, 2012 9:50 pm

friends solved the problem :

here is the solution
in the above code just replaced $user_id = $auth->getLoggedInusername();

this will return the string .

hope it will help many others who want to filter there table based on two fields. where xataface have restriction in using ‘or’ in setsecurityfilter.

good day