Changed the access logic for PC tabs

classes/budget.class.php

@@ -404,13 +404,11 @@ public function getProfitTabs($register='', $acl = false, $params = Array()){
 		GLOBAL $arrUsrData;
 		GLOBAL $budget_scenario;
 		GLOBAL $bu_group;
-
+				
 		if ($acl && $arrUsrData['usrID']){
 			$strRoles = "'".implode("','",$arrUsrData['roleIDs'])."'";
-			$sqlWhere = "JOIN stbl_profit_role 
-							ON pccID=pcrProfitID 
-							WHERE pcrRoleID IN ({$strRoles}) 
-							AND pcrFlagRead=1";
+			$sqlJoin = "JOIN stbl_profit_role 
+							ON pccID LIKE pcrProfitID AND pcrRoleID IN ({$strRoles}) AND pcrFlagRead=1";
 		}
 
 		foreach ($params as $key=>$value){
@@ -426,7 +424,13 @@ public function getProfitTabs($register='', $acl = false, $params = Array()){
 		<div id='tabs' class='tabs'>
 			<ul>
 			<?php
-			if ($bu_group==0){
+			if ($bu_group=='no_h'){
+				$sql = "SELECT DISTINCT pccGUID as optValue, pccTitle as optText 
+						FROM vw_profit 
+						{$sqlJoin} 
+						WHERE pccFlagFolder=0 AND pccFlagDeleted=0
+						ORDER BY pccParentCode1C, pccTitle";
+			} elseif ($bu_group==0){
 				$sql = "SELECT DISTINCT pccGUID as optValue, pccTitle as optText 
 						FROM vw_profit 
 						WHERE pccFlagFolder=1 AND pccFlagDeleted=0
@@ -442,13 +446,16 @@ public function getProfitTabs($register='', $acl = false, $params = Array()){
 				if (!$register){
 					$sql = "SELECT DISTINCT pccGUID as optValue, pccTitle$strLocal as optText 
 								FROM vw_profit 
+								{$sqlJoin}
+								WHERE 
 								{$sqlWhere} 
 								ORDER BY pccParentCode1C, pccTitle";
 				} else {
 					$sqlWhere .= " AND scenario='$budget_scenario'";
 					$sql = "SELECT DISTINCT pccGUID as optValue, pccTitle$strLocal as optText 
 							FROM `$register` 
 							JOIN vw_profit ON pccID=pc
+							{$sqlJoin}
 							{$sqlWhere}
 							ORDER BY pccParentCode1C, pccTitle";
 

classes/reports.class.php

@@ -5151,7 +5151,7 @@ function _getFinancialSummaryData($sql,$sqlWhere,$sqlGroup){
 		$arrReport = Array();
 
 		$sqlOps = str_replace($sqlWhere, $sqlWhere." AND item IN('".implode("','",self::GROSS_REVENUE_ITEMS)."') AND pccFlagProd=1", $sql);
-		$sqlOps = str_replace($sqlGroup, '', $sqlOps);
+		$sqlOps = str_replace($sqlGroup, '', $sqlOps);		
 		$rs = $this->oSQL->q($sqlOps);
 		while ($rw = $this->oSQL->f($rs)){
 			$rw['Budget item'] = "Gross revenue";

includes/inc_report_pcfilter.php

@@ -18,9 +18,18 @@
 if ($_GET['pccGUID']=='all'){
 
 	if(is_array($arrUsrData['roleIDs'])) $strRoles = "'".implode("','",$arrUsrData['roleIDs'])."'";
+	$strBUs = implode(',',$arrBus);
 
-	if ($bu_group){
-		$strBUs = implode(',',$arrBus);
+	if($bu_group=='no_h'){
+		$sql = "SELECT DISTINCT pccID 
+				FROM stbl_profit_role 
+				JOIN common_db.tbl_profit ON pccID LIKE pcrProfitID
+				WHERE pcrRoleID IN ({$strRoles}) 
+					AND pcrFlagRead=1 
+					AND pccFlagFolder=0";			
+
+	} elseif ($bu_group){
+
 		// $sql = "SELECT DISTINCT pcrProfitID FROM stbl_profit_role WHERE pcrRoleID IN ($strRoles) AND pcrFlagRead=1 AND pcrProfitID IN ({$strBUs})";
 		$sql = "SELECT DISTINCT pccID FROM common_db.tbl_profit WHERE pccID IN ({$strBUs})";
 	} else {		

rep_monthly.php

@@ -54,7 +54,7 @@ function getDetails(params){
 			include ('includes/inc_report_selectors.php');
 			echo '<p>',$oBudget->timestamp,'; ',$oBudget->rates,'</p>';	
 
-			$oBudget::getProfitTabs('reg_master', true, Array('pccID'=>$arrBus));
+			$oBudget::getProfitTabs('reg_master', true);
 			include ('includes/inc-frame_bottom.php');
 		} else {
 			if (strpos($oBudget->type,'Budget')!== false) {