| 1 | <?php |
| 2 | |
| 3 | function smarty_function_get_nodes_by_parent($params,&$smarty) { |
| 4 | global $node; |
| 5 | |
| 6 | $sql_time=""; |
| 7 | $sql_type=""; |
| 8 | $parent=$params['parent']; |
| 9 | $permissions=permissions::checkPerms($parent); |
| 10 | if (!$permissions['r']) { |
| 11 | $error=$error_messages['READ_PERMISSION_ERROR']; |
| 12 | return false; |
| 13 | } |
| 14 | $parent_vectot=$parent['node_vector']; |
| 15 | |
| 16 | if ($params['listing_amount']=='all') $listing_amount=DEF_MAX_LISTING_AMMOUNT; |
| 17 | else $listing_amount=$params['listing_amount']; |
| 18 | if (empty($params['offset'])) $offset=0; |
| 19 | else $offset=$params['offset']; |
| 20 | |
| 21 | if (isset($params['orderby'])) { |
| 22 | $orderby=db_escape_string($params['orderby']); |
| 23 | } |
| 24 | |
| 25 | global $db,$node; |
| 26 | $node_id=$node['node_id']; |
| 27 | $user_id=$_SESSION['user_id']; |
| 28 | if (isset($params['time'])) { |
| 29 | $sql_time=" nodes.node_created > '".db_escape_string($params['time'])."' and "; |
| 30 | } |
| 31 | |
| 32 | $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' left join users on users.user_id=nodes.node_creator where "; |
| 33 | $q.=" $sql_time nodes.node_parent='$parent' and nodes.node_system_access!='private'"; |
| 34 | |
| 35 | |
| 36 | if (isset($_POST['template_event']) && $_POST['template_event']=='filter_by') { |
| 37 | if (isset($_POST['search_type']) && $_POST['search_type']=='content') |
| 38 | $sql_type.=" and node_content like '%".db_escape_string($_POST['node_content'])."%' "; |
| 39 | else { |
| 40 | $q2="select user_id from users where login='".db_escape_string($_POST['node_content'])."'"; |
| 41 | $userset=$db->query($q2); |
| 42 | $userset->next(); |
| 43 | $id=$userset->getString('user_id'); |
| 44 | $sql_type=" and nodes.node_creator='$id'"; |
| 45 | } |
| 46 | $q.=$sql_type; |
| 47 | } |
| 48 | |
| 49 | if (isset($orderby)) $q.=" order by $orderby "; |
| 50 | else $q.=" order by nodes.node_id desc "; |
| 51 | $q.= " LIMIT $offset,$listing_amount "; |
| 52 | $set=$db->query($q); |
| 53 | while ($set->next()) $pole[]=$set->getRecord(); |
| 54 | $smarty->assign('get_nodes_by_parent',$pole); |
| 55 | |
| 56 | } |
| 57 | ?> |
| 58 | |
| 59 | |
| 60 | |
| 61 | |