From 43828480d83cff68ba2963719858fabc69b2c831 Mon Sep 17 00:00:00 2001 From: icewing Date: Tue, 3 Jun 2008 10:50:45 +0000 Subject: Marcus Povey * Fixed annotations not returning anything * Access control on db now disabled when run from privileged code block. git-svn-id: https://code.elgg.org/elgg/trunk@780 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/entities.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'engine/lib/entities.php') diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 3ae68a685..4507c2bb0 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -812,9 +812,9 @@ $guid = (int) $guid; - $access = get_access_list(); + $access = get_access_sql_suffix(); - return get_data_row("SELECT * from {$CONFIG->dbprefix}entities where guid=$guid and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"); + return get_data_row("SELECT * from {$CONFIG->dbprefix}entities where guid=$guid and $access"); } /** @@ -893,9 +893,7 @@ $site_guid = (int) $site_guid; if ($site_guid == 0) $site_guid = $CONFIG->site_guid; - - $access = get_access_list(); - + $where = array(); if ($type != "") @@ -923,7 +921,7 @@ } foreach ($where as $w) $query .= " $w and "; - $query .= " (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))"; // Add access controls + $query .= get_access_sql_suffix(); // Add access controls if (!$count) { $query .= " order by $order_by"; if ($limit) $query .= " limit $offset, $limit"; // Add order and limit -- cgit v1.2.3