diff options
author | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:26:41 +0000 |
---|---|---|
committer | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:26:41 +0000 |
commit | 888dd84a0e92e184dd96d02d7677f4e699b1d287 (patch) | |
tree | dc156390b067f32640eec6e10aeb224cba4f4f60 /engine | |
parent | 743f20d52943887732ea4beaefc67f27b0b4c537 (diff) | |
download | elgg-888dd84a0e92e184dd96d02d7677f4e699b1d287.tar.gz elgg-888dd84a0e92e184dd96d02d7677f4e699b1d287.tar.bz2 |
Get annotations
git-svn-id: https://code.elgg.org/elgg/trunk@73 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/annotations.php | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index a0d56b56b..703538273 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -97,29 +97,48 @@ * Get a list of annotations for a given object/user/annotation type. * * @param int $object_id - * @param string $annotation_type + * @param string $object_type * @param int $owner_id * @param string $order_by * @param int $limit * @param int $offset */ - function get_annotations($object_id = 0, $annotation_type = "", $owner_id = 0, $order_by = "created desc", $limit = 10, $offset = 0) + function get_annotations($object_id = 0, $object_type = "", $owner_id = 0, $order_by = "created desc", $limit = 10, $offset = 0) { + global $CONFIG; + $object_id = (int)$object_id; - $annotation_type = mysql_real_escape_string(trim($annotation_type)); + $object_type = mysql_real_escape_string(trim($object_type)); $name = mysql_real_escape_string(trim($name)); $value = mysql_real_escape_string(trim($value)); $owner_id = (int)$owner_id; $limit = (int)$limit; $offset = (int)$offset; - $access = get_access_list(); - - - // construct query. + // Construct query + $where = array(); + if ($object_id != 0) + $where[] = "object_id=$object_id"; + + if ($object_type != "") + $where[] = "object_type='$object_type'"; + if ($owner_id != 0) + $where[] = "owner_id=$owner_id"; + + // add access controls + $access = get_access_list(); + $where[] = "(access_id in {$access} or (access_id = 0 and owner_id = {$_SESSION['id']}))"; + + // construct query. + $query = "SELECT * from {$CONFIG->dbprefix}annotations where "; + for ($n = 0; $n < count($where); $n++) + { + if ($n > 0) $query .= " and "; + $query .= $where[$n]; + } return get_data($query); } |