From 3afb7d7d0d32232e6d08196376eb6b237db2d186 Mon Sep 17 00:00:00 2001 From: wjames5 Date: Tue, 20 May 2008 16:39:46 +0000 Subject: make status sql checks flexible to accept custom values from packages --- liberty_lib.php | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) (limited to 'liberty_lib.php') diff --git a/liberty_lib.php b/liberty_lib.php index 7294c51..0cbaa83 100644 --- a/liberty_lib.php +++ b/liberty_lib.php @@ -1,6 +1,6 @@ hasUserPermission) )?$pObject->hasUserPermission('p_liberty_edit_all_status'):$gBitUser->hasPermission('p_liberty_edit_all_status'); - + $hasPerm = FALSE; + // enforce_status will require the status limit on everyone including admin and thus we can ignore permission checks + if ( !isset( $pParamHash['enforce_status'] ) ){ + $hasPerm = ( is_object($pObject) && isset($pObject->hasUserPermission) )?$pObject->hasUserPermission('p_liberty_edit_all_status'):$gBitUser->hasPermission('p_liberty_edit_all_status'); + } + + // default show content with status between 0 and 100; + $min_status_id = isset( $pParamHash['min_status_id'] ) && ( @BitBase::verifyId( $pParamHash['min_status_id'] ) || $pParamHash['min_status_id'] === 0 )?$pParamHash['min_status_id']:0; + $max_status_id = isset( $pParamHash['max_status_id'] ) && ( @BitBase::verifyId( $pParamHash['max_status_id'] ) || $pParamHash['max_status_id'] === 0 )?$pParamHash['max_status_id']:100; + // let owner see any of their own content with a status > -100 + $min_owner_status_id = isset( $pParamHash['min_owner_status_id'] ) && ( @BitBase::verifyId( $pParamHash['min_owner_status_id'] ) || $pParamHash['min_owner_status_id'] === 0 )?$pParamHash['min_owner_status_id']:-100; + if( $gBitSystem->isFeatureActive('liberty_display_status') && !$hasPerm ) { - if (( is_object( $pObject ) && !empty( $pObject->mType['content_type_guid'] ) && $pObject->mType['content_type_guid'] == 'bitcomment' ) || ( !empty( $pParamHash['include_comments'] ) && $pParamHash['include_comments'] == 'y' )) { + if (( is_object( $pObject ) && !empty( $pObject->mType['content_type_guid'] ) && $pObject->mType['content_type_guid'] == 'bitcomment' ) + || ( !empty( $pParamHash['include_comments'] ) && $pParamHash['include_comments'] == 'y' )) { // if we are getting a list of comments then lets check the owner of the comment root and the owner of the content $ret['join_sql'] = " INNER JOIN `".BIT_DB_PREFIX."liberty_content` rlcs ON( rlcs.`content_id`=lcom.`root_id` )"; - $ret['where_sql'] = " AND lc.`content_status_id` < 100 AND ( ( (rlcs.`user_id` = '".$gBitUser->getUserId()."' OR lc.`user_id` = '".$gBitUser->getUserId()."') AND lc.`content_status_id` > -100) OR lc.`content_status_id` > 0 )"; + $ret['where_sql'] = " AND lc.`content_status_id` < ".$max_status_id. + " AND ( + ( (rlcs.`user_id` = '".$gBitUser->getUserId()."' OR lc.`user_id` = '".$gBitUser->getUserId()."') AND lc.`content_status_id` > ".$min_owner_status_id.") + OR lc.`content_status_id` > ".$min_status_id." + )"; } else { - // let owner see any of their own content with a status > -100 - $ret['where_sql'] = " AND lc.`content_status_id` < 100 AND ( (lc.`user_id` = '".$gBitUser->getUserId()."' AND lc.`content_status_id` > -100) OR lc.`content_status_id` > 0 )"; + $ret['where_sql'] = " AND lc.`content_status_id` < ".$max_status_id. + " AND ( + (lc.`user_id` = '".$gBitUser->getUserId()."' AND lc.`content_status_id` > ".$min_owner_status_id.") + OR lc.`content_status_id` > ".$min_status_id." + )"; } } -- cgit v1.3