X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Fsmarty%2Fnode_methodz%2Ffunction.get_nodes_by_parent.php;h=9fb36599c53b0720cab628d2dc42ecebcb6e6d81;hb=d9b4dfbcb3d920445869db2c3abd706ee6916286;hp=b6fe822dc38648c8c97c08aeb7c8d56424152ce4;hpb=17ec25133d7efb812a3396427bcf777ad6d71e49;p=mirrors%2FKyberia-bloodline.git diff --git a/wwwroot/inc/smarty/node_methodz/function.get_nodes_by_parent.php b/wwwroot/inc/smarty/node_methodz/function.get_nodes_by_parent.php index b6fe822..9fb3659 100644 --- a/wwwroot/inc/smarty/node_methodz/function.get_nodes_by_parent.php +++ b/wwwroot/inc/smarty/node_methodz/function.get_nodes_by_parent.php @@ -1,54 +1,59 @@ '".addslashes($params['time'])."' and "; - $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' left join users on users.user_id=nodes.node_creator where "; - $q.=" $sql_time nodes.node_parent='$parent' and nodes.node_system_access!='private'"; - - - if ($_POST['template_event']=='filter_by') { - if ($_POST['search_type']=='content') - $sql_type.=" and node_content like '%".addslashes($_POST['node_content'])."%' "; - else { - $q2="select user_id from users where login='".$_POST['node_content']."'"; - $userset=$db->query($q2); - $userset->next(); - $id=$userset->getString('user_id'); - $sql_type=" and nodes.node_creator='$id'"; - } - $q.=$sql_type; - } +function smarty_function_get_nodes_by_parent($params,&$smarty) { + global $node; + + $sql_time=""; + $sql_type=""; + $parent=$params['parent']; + $permissions=permissions::checkPerms($parent); + if (!$permissions['r']) { + $error=$error_messages['READ_PERMISSION_ERROR']; + return false; + } + $parent_vectot=$parent['node_vector']; - if ($orderby) $q.=" order by $orderby "; - else $q.=" order by nodes.node_id desc "; - $q.= " LIMIT $offset,$listing_amount "; - $set=$db->query($q); - while ($set->next()) $pole[]=$set->getRecord(); - $smarty->assign('get_nodes_by_parent',$pole); + if ($params['listing_amount']=='all') $listing_amount=DEF_MAX_LISTING_AMMOUNT; + else $listing_amount=$params['listing_amount']; + if (empty($params['offset'])) $offset=0; + else $offset=$params['offset']; + if (isset($params['orderby'])) { + $orderby=db_escape_string($params['orderby']); } + + global $db,$node; + $node_id=$node['node_id']; + $user_id=$_SESSION['user_id']; + if (isset($params['time'])) { + $sql_time=" nodes.node_created > '".db_escape_string($params['time'])."' and "; + } + + $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' left join users on users.user_id=nodes.node_creator where "; + $q.=" $sql_time nodes.node_parent='$parent' and nodes.node_system_access!='private'"; + + + if (isset($_POST['template_event']) && $_POST['template_event']=='filter_by') { + if (isset($_POST['search_type']) && $_POST['search_type']=='content') + $sql_type.=" and node_content like '%".db_escape_string($_POST['node_content'])."%' "; + else { + $q2="select user_id from users where login='".db_escape_string($_POST['node_content'])."'"; + $userset=$db->query($q2); + $userset->next(); + $id=$userset->getString('user_id'); + $sql_type=" and nodes.node_creator='$id'"; + } + $q.=$sql_type; + } + + if (isset($orderby)) $q.=" order by $orderby "; + else $q.=" order by nodes.node_id desc "; + $q.= " LIMIT $offset,$listing_amount "; + $set=$db->query($q); + while ($set->next()) $pole[]=$set->getRecord(); + $smarty->assign('get_nodes_by_parent',$pole); + +} ?>