[geeklog-cvs] geeklog-1.3/public_html/admin moderation.php,1.40,1.41
geeklog-cvs-admin at lists.geeklog.net
geeklog-cvs-admin at lists.geeklog.net
Mon Jul 14 06:35:11 EDT 2003
Update of /usr/cvs/geeklog/geeklog-1.3/public_html/admin
In directory internal.geeklog.net:/tmp/cvs-serv724/admin
Modified Files:
moderation.php
Log Message:
Check for proper topic access on submissions.
Index: moderation.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/admin/moderation.php,v
retrieving revision 1.40
retrieving revision 1.41
diff -C2 -d -r1.40 -r1.41
*** moderation.php 6 Jul 2003 09:16:14 -0000 1.40
--- moderation.php 14 Jul 2003 10:35:09 -0000 1.41
***************
*** 164,167 ****
--- 164,195 ----
/**
+ * Build part of an SQL request to check the topic permissions of current user.
+ *
+ * @return string SQL request to check for topic permissions (can be empty)
+ *
+ */
+ function buildTopicSql ()
+ {
+ global $_TABLES;
+
+ $topicsql = '';
+ $tresult = DB_query ("SELECT tid FROM {$_TABLES['topics']}"
+ . COM_getPermSQL ());
+ $trows = DB_numRows ($tresult);
+ if ($trows > 0) {
+ $tids = array ();
+ for ($i = 0; $i < $trows; $i++) {
+ $T = DB_fetchArray ($tresult);
+ $tids[] = $T['tid'];
+ }
+ if (sizeof ($tids) > 0) {
+ $topicsql = " (tid IN ('" . implode ("','", $tids) . "'))";
+ }
+ }
+
+ return $topicsql;
+ }
+
+ /**
* Diplays items needing moderation
*
***************
*** 209,213 ****
$retval .= COM_startBlock ($LANG29[35], 'ccstorysubmission.html',
COM_getBlockTemplate ('_admin_block', 'header'));
! $sql = "SELECT sid AS id,title,UNIX_TIMESTAMP(date) AS day,tid FROM {$_TABLES['storysubmission']} ORDER BY date ASC";
$H = array($LANG29[10],$LANG29[14],$LANG29[15]);
break;
--- 237,245 ----
$retval .= COM_startBlock ($LANG29[35], 'ccstorysubmission.html',
COM_getBlockTemplate ('_admin_block', 'header'));
! $topicsql = buildTopicSql ();
! if (!empty ($topicsql)) {
! $topicsql = ' WHERE' . $topicsql;
! }
! $sql = "SELECT sid AS id,title,UNIX_TIMESTAMP(date) AS day,tid FROM {$_TABLES['storysubmission']}" . $topicsql . " ORDER BY date ASC";
$H = array($LANG29[10],$LANG29[14],$LANG29[15]);
break;
***************
*** 230,234 ****
$mod_templates = new Template($_CONF['path_layout'] . 'admin/moderation');
$mod_templates->set_file(array('itemlist'=>'itemlist.thtml',
! 'itemrows'=>'itemlistrows.thtml'));
$mod_templates->set_var('form_action', $_CONF['site_admin_url'] . '/moderation.php');
$mod_templates->set_var('item_type', $type);
--- 262,266 ----
$mod_templates = new Template($_CONF['path_layout'] . 'admin/moderation');
$mod_templates->set_file(array('itemlist'=>'itemlist.thtml',
! 'itemrows'=>'itemlistrows.thtml'));
$mod_templates->set_var('form_action', $_CONF['site_admin_url'] . '/moderation.php');
$mod_templates->set_var('item_type', $type);
***************
*** 353,369 ****
COM_getBlockTemplate ('_admin_block', 'header'));
! $topicsql = '';
! $tresult = DB_query ("SELECT tid FROM {$_TABLES['topics']}"
! . COM_getPermSQL ());
! $trows = DB_numRows ($tresult);
! if ($trows > 0) {
! $tids = array ();
! for ($i = 0; $i < $trows; $i++) {
! $T = DB_fetchArray ($tresult);
! $tids[] = $T['tid'];
! }
! if (sizeof ($tids) > 0) {
! $topicsql = " AND (tid IN ('" . implode ("','", $tids) . "'))";
! }
}
--- 385,391 ----
COM_getBlockTemplate ('_admin_block', 'header'));
! $topicsql = buildTopicSql ();
! if (!empty ($topicsql)) {
! $topicsql = ' AND' . $topicsql;
}
More information about the geeklog-cvs
mailing list