From d65c13ad015442a70404657ea79f1907c283309d Mon Sep 17 00:00:00 2001 From: kevinjardine Date: Wed, 25 Feb 2009 15:09:59 +0000 Subject: Added friends access level git-svn-id: https://code.elgg.org/elgg/trunk@2944 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/access.php | 37 ++++++++++++++++++++----------------- engine/lib/elgglib.php | 3 ++- 2 files changed, 22 insertions(+), 18 deletions(-) (limited to 'engine') diff --git a/engine/lib/access.php b/engine/lib/access.php index 2f9feae43..df851e7cd 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -178,31 +178,34 @@ */ function get_access_sql_suffix($table_prefix = "") { - global $ENTITY_SHOW_HIDDEN_OVERRIDE; + global $ENTITY_SHOW_HIDDEN_OVERRIDE, $CONFIG; $sql = ""; if ($table_prefix) $table_prefix = sanitise_string($table_prefix) . "."; - $access = get_access_list(); - - $owner = get_loggedin_userid(); - if (!$owner) $owner = -1; - - global $is_admin; - - if (isset($is_admin) && $is_admin == true) { - $sql = " (1 = 1) "; - } - - if (empty($sql)) - $sql = " ({$table_prefix}access_id in {$access} or ({$table_prefix}access_id = " . ACCESS_PRIVATE . " and {$table_prefix}owner_guid = $owner))"; + $access = get_access_list(); + + $owner = get_loggedin_userid(); + if (!$owner) $owner = -1; + + global $is_admin; + + if (isset($is_admin) && $is_admin == true) { + $sql = " (1 = 1) "; + } else if ($owner != -1) { + $friends_bit = $table_prefix.'access_id = '.ACCESS_FRIENDS.' AND '; + $friends_bit .= "{$table_prefix}owner_guid IN (SELECT guid_one FROM {$CONFIG->dbprefix}entity_relationships WHERE relationship='friend' AND guid_two=$owner)"; + $friends_bit = '('.$friends_bit.') OR '; + } + if (empty($sql)) + $sql = " $friends_bit ({$table_prefix}access_id in {$access} or ({$table_prefix}access_id = " . ACCESS_PRIVATE . " and {$table_prefix}owner_guid = $owner))"; + if (!$ENTITY_SHOW_HIDDEN_OVERRIDE) $sql .= " and {$table_prefix}enabled='yes'"; - - return $sql; + return '('.$sql.')'; } /** @@ -231,7 +234,7 @@ $query .= " AND (ag.owner_guid = {$user_id})"; $query .= " AND ag.id >= 3"; - $tmp_access_array = array(0 => elgg_echo("PRIVATE"), 1 => elgg_echo("LOGGED_IN"), 2 => elgg_echo("PUBLIC")); + $tmp_access_array = array(0 => elgg_echo("PRIVATE"), 1 => elgg_echo("LOGGED_IN"), 2 => elgg_echo("PUBLIC"), ACCESS_FRIENDS => elgg_echo("access:friends:label")); if ($collections = get_data($query)) { foreach($collections as $collection) $tmp_access_array[$collection->id] = $collection->name; diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index a081837fb..3bb170be9 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -2251,7 +2251,8 @@ define('ACCESS_DEFAULT',-1); define('ACCESS_PRIVATE',0); define('ACCESS_LOGGED_IN',1); - define('ACCESS_PUBLIC',2); + define('ACCESS_PUBLIC',2); + define('ACCESS_FRIENDS',-2); register_elgg_event_handler('init','system','elgg_init'); register_elgg_event_handler('boot','system','elgg_boot',1000); -- cgit v1.2.3