[geeklog-cvs] geeklog-1.3/public_html lib-common.php,1.237,1.238
geeklog-cvs-admin at lists.geeklog.net
geeklog-cvs-admin at lists.geeklog.net
Sun Jul 6 05:37:27 EDT 2003
Update of /usr/cvs/geeklog/geeklog-1.3/public_html
In directory internal.geeklog.net:/tmp/cvs-serv12413
Modified Files:
lib-common.php
Log Message:
Check for proper topic access when displaying the number of stories the user has access to in the Admin menu.
Index: lib-common.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/lib-common.php,v
retrieving revision 1.237
retrieving revision 1.238
diff -C2 -d -r1.237 -r1.238
*** lib-common.php 5 Jul 2003 10:09:36 -0000 1.237
--- lib-common.php 6 Jul 2003 09:37:25 -0000 1.238
***************
*** 2269,2272 ****
--- 2269,2293 ----
COM_getBlockTemplate( 'admin_block', 'header' ));
+ $topicsql = '';
+ if( SEC_isModerator() || SEC_hasrights( 'story.edit' ))
+ {
+ $tresult = DB_query( "SELECT tid FROM {$_TABLES['topics']}"
+ . COM_getPermSQL() );
+ $trows = DB_numRows( $tresult );
+ if( $trows > 0 )
+ {
+ $tids = array();
+ for( $i = 0; $i < $trows; $i++ )
+ {
+ $T = DB_fetchArray( $tresult );
+ $tids[] = $T['tid'];
+ }
+ if( sizeof( $tids ) > 0 )
+ {
+ $topicsql = " (tid IN ('" . implode( "','", $tids ) . "'))";
+ }
+ }
+ }
+
if( SEC_isModerator() )
{
***************
*** 2279,2283 ****
if( $_CONF['listdraftstories'] == 1 )
{
! $result = DB_query( "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)" . COM_getPermSQL( 'AND', 0, 3 ));
$A = DB_fetchArray( $result );
$num += $A['count'];
--- 2300,2309 ----
if( $_CONF['listdraftstories'] == 1 )
{
! $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
! if( !empty( $topicsql ))
! {
! $sql .= ' AND' . $topicsql;
! }
! $result = DB_query( $sql . COM_getPermSQL( 'AND', 0, 3 ));
$A = DB_fetchArray( $result );
$num += $A['count'];
***************
*** 2322,2326 ****
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[11] );
! $adminmenu->set_var( 'option_count', DB_count( $_TABLES['stories'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
--- 2348,2362 ----
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[11] );
! if( empty( $topicsql ))
! {
! $numstories = DB_count( $_TABLES['stories'] );
! }
! else
! {
! $nresult = DB_query( "SELECT COUNT(*) AS count from {$_TABLES['stories']} WHERE" . $topicsql );
! $N = DB_fetchArray( $nresult );
! $numstories = $N['count'];
! }
! $adminmenu->set_var( 'option_count', $numstories );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
More information about the geeklog-cvs
mailing list