diff options
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/annotations.php | 8 | ||||
-rw-r--r-- | engine/lib/metadata.php | 29 |
2 files changed, 19 insertions, 18 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 11e2bfcc2..22a8d247e 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -154,7 +154,7 @@ $annotation_id = (int) $annotation_id; $access = get_access_list(); - return row_to_elggannotation(get_data_row("select * from {$CONFIG->dbprefix}annotations where id=$annotation_id and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))")); + return row_to_elggannotation(get_data_row("select a.*, v.string as value from {$CONFIG->dbprefix}annotations a JOIN JOIN {$CONFIG->dbprefix}metastrings v on a.value_id = v.id where a.id=$annotation_id and (a.access_id in {$access} or (a.access_id = 0 and a.owner_guid = {$_SESSION['id']}))")); } /** @@ -188,7 +188,7 @@ if (!$value) return false; // If ok then add it - return insert_data("INSERT into {$CONFIG->dbprefix}annotations (entity_guid, name, value, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid,'$name',$value,'$value_type', $owner_guid, $time, $access_id)"); + return insert_data("INSERT into {$CONFIG->dbprefix}annotations (entity_guid, name, value_id, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid,'$name',$value,'$value_type', $owner_guid, $time, $access_id)"); } /** @@ -222,7 +222,7 @@ if (!$value) return false; // If ok then add it - return update_data("UPDATE {$CONFIG->dbprefix}annotations set value='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$annotation_id and name='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"); + return update_data("UPDATE {$CONFIG->dbprefix}annotations set value_id='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$annotation_id and name='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"); } /** @@ -274,7 +274,7 @@ if ($value != "") $where[] = "a.value='$value'"; - $query = "SELECT * from {$CONFIG->dbprefix}annotations a JOIN {$CONFIG->dbprefix}entities e on a.entity_guid = e.guid where "; + $query = "SELECT a.*,v.string as value from {$CONFIG->dbprefix}annotations a JOIN {$CONFIG->dbprefix}entities e on a.entity_guid = e.guid JOIN {$CONFIG->dbprefix}metastrings v on a.value_id=v.id where "; foreach ($where as $w) $query .= " $w and "; $query .= " (a.access_id in {$access} or (a.access_id = 0 and a.owner_guid = {$_SESSION['id']}))"; // Add access controls diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index e91842302..6ef104dbb 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -156,7 +156,7 @@ $id = (int)$id; $access = get_access_list(); - return row_to_elggmetadata(get_data_row("SELECT * from {$CONFIG->dbprefix}metadata where id=$id and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))")); + return row_to_elggmetadata(get_data_row("SELECT m.*, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id where m.id=$id and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))")); } /** @@ -176,16 +176,16 @@ $entity_guid = (int)$entity_guid; $name = sanitise_string(trim($name)); $value = sanitise_string(trim($value)); - $value_type = detect_metadata_valuetype(sanitise_string(trim($value_type))); - $time = time(); - + $value_type = detect_metadata_valuetype($value, sanitise_string(trim($value_type))); + $time = time(); $owner_guid = (int)$owner_guid; + if ($owner_guid==0) $owner_guid = $_SESSION['id']; $access_id = (int)$access_id; $id = false; - + $existing = get_data_row("SELECT * from {$CONFIG->dbprefix}metadata WHERE entity_guid = $entity_guid and name='$name' limit 1"); if ($existing) { @@ -201,7 +201,7 @@ if (!$value) return false; // If ok then add it - $id = insert_data("INSERT into {$CONFIG->dbprefix}metadata (entity_guid, name, value, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid, '$name','$value','$value_type', $owner_guid, $time, $access_id)"); + $id = insert_data("INSERT into {$CONFIG->dbprefix}metadata (entity_guid, name, value_id, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid, '$name','$value','$value_type', $owner_guid, $time, $access_id)"); } return $id; @@ -224,7 +224,7 @@ $id = (int)$id; $name = sanitise_string(trim($name)); $value = sanitise_string(trim($value)); - $value_type = detect_metadata_valuetype(sanitise_string(trim($value_type))); + $value_type = detect_metadata_valuetype($value, sanitise_string(trim($value_type))); $owner_guid = (int)$owner_guid; if ($owner_guid==0) $owner_guid = $_SESSION['id']; @@ -239,7 +239,7 @@ if (!$value) return false; // If ok then add it - return update_data("UPDATE {$CONFIG->dbprefix}metadata set value='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$id and name='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"); + return update_data("UPDATE {$CONFIG->dbprefix}metadata set value_id='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$id and name='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"); } @@ -264,14 +264,15 @@ * * @param string $meta_name */ - function get_metadata_byname($meta_name) + function get_metadata_byname($entity_guid, $meta_name) { global $CONFIG; - + $meta_name = sanitise_string($meta_name); + $entity_guid = (int)$entity_guid; $access = get_access_list(); - return row_to_elggmetadata(get_data_row("SELECT * from {$CONFIG->dbprefix}metadata where name='$meta_name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))")); + return row_to_elggmetadata(get_data_row("SELECT m.*, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id where m.entity_guid=$entity_guid and m.name='$meta_name' and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))")); } /** @@ -325,13 +326,13 @@ * * @param int $guid */ - function clear_metadata($guid) + function clear_metadata($entity_guid) { global $CONFIG; - $guid = (int)$guid; + $entity_guid = (int)$entity_guid; - return delete_data("DELETE from {$CONFIG->dbprefix}metadata where access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']})"); + return delete_data("DELETE from {$CONFIG->dbprefix}metadata where entity_guid=$entity_guid and access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']})"); } ?>
\ No newline at end of file |