From 9b79ea79128db9cd8b19f9c49e0f9d5177d7f404 Mon Sep 17 00:00:00 2001
From: Daniel Maya <daniel.maya@pandorafms.com>
Date: Tue, 20 Sep 2022 16:05:27 +0200
Subject: [PATCH] #9506 Fixed um

---
 pandora_console/godmode/users/user_list.php | 14 ++++++++++----
 pandora_console/include/functions_users.php |  7 ++++---
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/pandora_console/godmode/users/user_list.php b/pandora_console/godmode/users/user_list.php
index b0dda31890..d282ff05af 100644
--- a/pandora_console/godmode/users/user_list.php
+++ b/pandora_console/godmode/users/user_list.php
@@ -99,10 +99,16 @@ if (is_ajax()) {
     if ($get_user_profile_group === true) {
         $id_user = get_parameter('id_user');
 
+        $user_is_admin = users_is_admin();
+
         $user_profiles = [];
 
+        if ($user_is_admin === false) {
+            $group_um = users_get_groups_UM($config['id_user']);
+        }
+
         // User profiles.
-        if (users_is_admin()) {
+        if ($user_is_admin || $id_user == $config['id_user'] || isset($group_um[0])) {
             $user_profiles = db_get_all_rows_field_filter(
                 'tusuario_perfil',
                 'id_usuario',
@@ -625,7 +631,7 @@ foreach ($info as $user_id => $user_info) {
             'SELECT * FROM tusuario_perfil where id_usuario LIKE "'.$user_id.'" LIMIT 5'
         );
     } else {
-        $user_profiles_aux = users_get_user_profile($user_id);
+        $user_profiles_aux = users_get_user_profile($user_id, 'LIMIT 5');
         $user_profiles = [];
         foreach ($group_um as $key => $value) {
             if (isset($user_profiles_aux[$key]) === true) {
@@ -911,7 +917,7 @@ echo '</div>';
 
 enterprise_hook('close_meta_frame');
 
-?>;
+?>
 <script type="text/javascript">
     function showGroups(id_user) {
         if ($(`#hidden-show_groups_${id_user}`).val() === '-1') {
@@ -951,4 +957,4 @@ enterprise_hook('close_meta_frame');
         }
     }
 
-</script>;
+</script>
diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php
index f4e6e25be8..5db489377a 100755
--- a/pandora_console/include/functions_users.php
+++ b/pandora_console/include/functions_users.php
@@ -838,13 +838,14 @@ function users_has_profile_without_UM($id_user, $id_groups)
 }
 
 
-function users_get_user_profile($id_user)
+function users_get_user_profile($id_user, $limit='')
 {
     $sql = sprintf(
         "SELECT * FROM tusuario_perfil
         INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
-        WHERE tusuario_perfil.id_usuario like '%s'",
-        $id_user
+        WHERE tusuario_perfil.id_usuario like '%s' %s",
+        $id_user,
+        $limit
     );
 
     $aux = db_get_all_rows_sql($sql);