| 1 | <?php |
| 2 | |
| 3 | function smarty_function_get_nodes_by_parent($params,&$smarty) { |
| 4 | global $node; |
| 5 | |
| 6 | $parent=$params['parent']; |
| 7 | $permissions=permissions::checkPerms($parent); |
| 8 | if (!$permissions['r']) { |
| 9 | $error=$error_messages['READ_PERMISSION_ERROR']; |
| 10 | return false; |
| 11 | } |
| 12 | $parent_vectot=$parent['node_vector']; |
| 13 | |
| 14 | if ($params['listing_amount']=='all') $listing_amount='100'; // XXX remove constant |
| 15 | else $listing_amount=$params['listing_amount']; |
| 16 | if (empty($params['offset'])) $offset=0; |
| 17 | else $offset=$params['offset']; |
| 18 | |
| 19 | if ($params['orderby']) { |
| 20 | $orderby=addslashes($params['orderby']); |
| 21 | } |
| 22 | |
| 23 | global $db,$node; |
| 24 | $node_id=$node['node_id']; |
| 25 | $user_id=$_SESSION['user_id']; |
| 26 | if ($params['time']) $sql_time=" nodes.node_created > '".addslashes($params['time'])."' and "; |
| 27 | $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' left join users on users.user_id=nodes.node_creator where "; |
| 28 | $q.=" $sql_time nodes.node_parent='$parent' and nodes.node_system_access!='private'"; |
| 29 | |
| 30 | |
| 31 | if ($_POST['template_event']=='filter_by') { |
| 32 | if ($_POST['search_type']=='content') |
| 33 | $sql_type.=" and node_content like '%".addslashes($_POST['node_content'])."%' "; |
| 34 | else { |
| 35 | $q2="select user_id from users where login='".mysql_real_escape_string($_POST['node_content'])."'"; |
| 36 | $userset=$db->query($q2); |
| 37 | $userset->next(); |
| 38 | $id=$userset->getString('user_id'); |
| 39 | $sql_type=" and nodes.node_creator='$id'"; |
| 40 | } |
| 41 | $q.=$sql_type; |
| 42 | } |
| 43 | |
| 44 | if ($orderby) $q.=" order by $orderby "; |
| 45 | else $q.=" order by nodes.node_id desc "; |
| 46 | $q.= " LIMIT $offset,$listing_amount "; |
| 47 | $set=$db->query($q); |
| 48 | while ($set->next()) $pole[]=$set->getRecord(); |
| 49 | $smarty->assign('get_nodes_by_parent',$pole); |
| 50 | |
| 51 | } |
| 52 | ?> |
| 53 | |
| 54 | |
| 55 | |
| 56 | |