aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
authoricewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-03-05 10:26:41 +0000
committericewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-03-05 10:26:41 +0000
commit888dd84a0e92e184dd96d02d7677f4e699b1d287 (patch)
treedc156390b067f32640eec6e10aeb224cba4f4f60 /engine/lib
parent743f20d52943887732ea4beaefc67f27b0b4c537 (diff)
downloadelgg-888dd84a0e92e184dd96d02d7677f4e699b1d287.tar.gz
elgg-888dd84a0e92e184dd96d02d7677f4e699b1d287.tar.bz2
Get annotations
git-svn-id: https://code.elgg.org/elgg/trunk@73 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/annotations.php33
1 files changed, 26 insertions, 7 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php
index a0d56b56b..703538273 100644
--- a/engine/lib/annotations.php
+++ b/engine/lib/annotations.php
@@ -97,29 +97,48 @@
* Get a list of annotations for a given object/user/annotation type.
*
* @param int $object_id
- * @param string $annotation_type
+ * @param string $object_type
* @param int $owner_id
* @param string $order_by
* @param int $limit
* @param int $offset
*/
- function get_annotations($object_id = 0, $annotation_type = "", $owner_id = 0, $order_by = "created desc", $limit = 10, $offset = 0)
+ function get_annotations($object_id = 0, $object_type = "", $owner_id = 0, $order_by = "created desc", $limit = 10, $offset = 0)
{
+ global $CONFIG;
+
$object_id = (int)$object_id;
- $annotation_type = mysql_real_escape_string(trim($annotation_type));
+ $object_type = mysql_real_escape_string(trim($object_type));
$name = mysql_real_escape_string(trim($name));
$value = mysql_real_escape_string(trim($value));
$owner_id = (int)$owner_id;
$limit = (int)$limit;
$offset = (int)$offset;
- $access = get_access_list();
-
-
- // construct query.
+ // Construct query
+ $where = array();
+ if ($object_id != 0)
+ $where[] = "object_id=$object_id";
+
+ if ($object_type != "")
+ $where[] = "object_type='$object_type'";
+ if ($owner_id != 0)
+ $where[] = "owner_id=$owner_id";
+
+ // add access controls
+ $access = get_access_list();
+ $where[] = "(access_id in {$access} or (access_id = 0 and owner_id = {$_SESSION['id']}))";
+
+ // construct query.
+ $query = "SELECT * from {$CONFIG->dbprefix}annotations where ";
+ for ($n = 0; $n < count($where); $n++)
+ {
+ if ($n > 0) $query .= " and ";
+ $query .= $where[$n];
+ }
return get_data($query);
}