$parent_permissions=permissions::checkPerms($parent_id);
- if (!$parent_permissions['w']) {
+ if ((!$parent_permissions['w']) && ($params['flag']!='registration' )) {
$error=$error_messages['WRITE_PERMISSION_ERROR'];
logger::log('add','error','WRITE_PERMISSION_ERROR');
return false;
// getThreadedChildren
-// XXX
-// XXX FUCKING MESS, argh
-// returns XXX
-// if ($limit > DEF_MAX_GET_THREADED_CHILDREN)
-// $limit = DEF_MAX_GET_THREADED_CHILDREN;
-//
-// // XXX this should go to separate function
-//
-// if (!empty($params['search'])) {
-// if ($params['search_type']=='content') $sql_type.=" and node_content like '%".addslashes($params['search'])."%' ";
-// else {
-// $q2="select user_id from users where login='".$params['search']."'";
-// $userset=$db->query($q2);
-// $userset->next();
-// $id=$userset->getString('user_id');
-// $sql_type=" and nodes.node_creator='$id'";
-// }
-//
-// }
-
-
-public static function getThreadedChildren($offset,$limit,$orderby,$time,$synapse_time,$security,$link,$search,$search_param) {
+public static function getThreadedChildren($node_id,$node_vector,$offset,$limit,$orderby,$time,$synapse_time,$security,$link,$search,$search_param) {
global $db;
$sql_synapse="";
$sql_type="";
+ $sql_time="";
+
if ($synapse_time) { $sql_synapse.=" and node_created >'".db_escape_string($synapse_time)."'"; }
if ($orderby=='' OR $orderby=='desc') {
}
-
+ $q="";
if ($link=='yes') $q.="(";
$q.="select nodes.node_id,node_name,node_external_access,external_link,node_parent,
node_system_access,node_children_count,node_creator,node_created,lastchild_created,
length(node_vector) as depth,users.login,node_vector, node_content,'' as synapse_creator
from nodes
left join users on users.user_id=nodes.node_creator
- where $sql_time node_vector like '".$node['node_vector']."%' $sql_type
- and node_id != '".$node['node_id']."' $security
+ where $sql_time node_vector like '".$node_vector."%' $sql_type
+ and node_id != '".$node_id."' $security
order by $orderby LIMIT $offset,$limit";
if ($link=='yes') {
from neurons
left join nodes on neurons.src=nodes.node_id
left join users on users.user_id=nodes.node_creator
- where $sql_time dst_vector like '".$node['node_vector']."%' $sql_synapse $sql_type
- and node_id != '".$node['node_id']."' order by $orderby LIMIT $offset,$limit)";
+ where $sql_time dst_vector like '".$node_vector."%' $sql_synapse $sql_type
+ and node_id != '".$node_id."' order by $orderby LIMIT $offset,$limit)";
}
if ($link=='yes') $q.=" order by $orderby LIMIT $limit";
return $get_children_array;
}
+// XXX
+
+public static function getPoll($user_id,$poll_id) {
+ global $db;
+
+ $set=$db->query("select nodes.*,node_access.node_permission from nodes
+ left join node_access on (nodes.node_id=node_access.node_id and node_access.user_id='$user_id')
+ where node_parent='$poll_id' and template_id='1549834' order by node_id desc limit 1");
+
+ $set->next();
+ $array=$set->getRecord();
+
+ return $array;
+}
+
+// XXX
+
+public static function resetPassword($login_id,$login,$vercode,$password) {
+ global $db;
+
+ // Security checks
+ $login = db_escape_string($login);
+ if (!is_numeric($login_id)) {
+ $error="Not numeric id is not numeric. Here, take this stone.";
+ return $error;
+ }
+
+ if ($login == '') {
+ $error="Please enter name or id";
+ return $error;
+ }
+
+ if ($login_id == 0) {
+ $set=$db->query("select * from users where login='$login'");
+ } else {
+ $set=$db->query("select * from users where user_id='$login_id'");
+ }
+
+ $set->next();
+ $user_name=$set->getString('login');
+ $user_id=$set->getString('user_id');
+ $hash=$set->getString('hash');
+
+ if ($hash != $vercode) {
+ $error="Bad verification code!";
+ return $error;
+ }
+
+ $password = sha1($password);
+ $q="update users set password='$password',hash='' where user_id='$user_id'";
+ $db->query($q);
+
+ $error="OK, password was RE-set";
+ return $error;
+}
+
+// levenshteinLog
+
+// Log user action for later analysis
+// Secure.
+
+public static function levenshteinLog($userid,$nodeid) {
+ global $db;
+
+ $q="insert delayed into levenshtein set user_id='".$userid."',node_id='".$node_id."'";
+ $db->update($q);
+
}
+
+}
?>