diff options
author | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-06-02 16:31:54 +0000 |
---|---|---|
committer | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-06-02 16:31:54 +0000 |
commit | 367616f979405241eb432250644e2b172f152075 (patch) | |
tree | 6f0a8d066b489305297dbe5b73521b4f1c85768b /engine | |
parent | 820b106ef3ee47df69a21a0410adc0882f73cace (diff) | |
download | elgg-367616f979405241eb432250644e2b172f152075.tar.gz elgg-367616f979405241eb432250644e2b172f152075.tar.bz2 |
Marcus Povey <marcus@dushka.co.uk>
* Added access control shorthand function. REPLACE THIS WHEN QUERY OBJECT COMPLETE
git-svn-id: https://code.elgg.org/elgg/trunk@776 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/access.php | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php index e39a9f165..5205b7a55 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -86,6 +86,32 @@ return $access_array[$user_id];
+ } + + /** + * Add access restriction sql code to a given query. + * + * Note that if this code is executed in privileged mode it will return blank. + * + * TODO: DELETE once Query classes are fully integrated + * + * @param string $table_prefix Optional xxx. prefix for the access code. + */ + function get_access_sql_suffix($table_prefix = "") + { + $sql = ""; + + if (!is_privileged()) + { + $access = get_access_list(); + + if ($table_prefix) + $table_prefix = sanitise_string($table_prefix) . "."; + + $sql = " and ({$table_prefix}access_id in {$access} or ({$table_prefix}access_id = 0 and {$table_prefix}owner_guid = {$_SESSION['id']}))"; + } + + return $sql; }
/**
|