本文整理汇总了PHP中_elgg_get_access_where_sql函数的典型用法代码示例。如果您正苦于以下问题:PHP _elgg_get_access_where_sql函数的具体用法?PHP _elgg_get_access_where_sql怎么用?PHP _elgg_get_access_where_sql使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了_elgg_get_access_where_sql函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: tag_tools_create_metadata_event_handler
/**
* Listen to the creation of metadata
*
* @param string $event the name of the event
* @param string $type the type of the event
* @param ElggMetadata $metadata supplied metadata
*
* @return void
*/
function tag_tools_create_metadata_event_handler($event, $type, $metadata)
{
if (empty($metadata) || !$metadata instanceof ElggMetadata) {
return;
}
// is it a tag
if ($metadata->name != 'tags') {
return;
}
// get the entity for further use
$ia = elgg_set_ignore_access(true);
$entity_guid = $metadata->entity_guid;
// can't use elgg get entity because cache is not correctly updated
$entity_row = get_entity_as_row($entity_guid);
elgg_set_ignore_access($ia);
// shortcut for private entities
if ($entity_row->access_id == ACCESS_PRIVATE) {
return;
}
// only send notifications on creation of the entity
$time_created_treshold = 5;
if ($entity_row->time_created < time() - $time_created_treshold) {
// assume it is an update
return;
}
// check of the entity is allowed for notifications
if (!tag_tools_is_notification_entity($entity_row->guid)) {
return;
}
$tag = $metadata->value;
$options = ['type' => 'user', 'annotation_name_value_pairs' => ['name' => 'follow_tag', 'value' => $tag], 'limit' => false];
$ia = elgg_set_ignore_access(true);
$dbprefix = elgg_get_config('dbprefix');
$entities = new ElggBatch('elgg_get_entities_from_annotations', $options);
foreach ($entities as $user) {
// check if not trying to notify the owner
if ($user->getGUID() == $entity_row->owner_guid) {
continue;
}
// force a correct access bit
elgg_set_ignore_access(false);
// check access for the user, can't use has_access_to_entity
// because that requires a full entity
$access_bit = _elgg_get_access_where_sql(['user_guid' => $user->getGUID()]);
// ignore access to get the correct next user
elgg_set_ignore_access(true);
// build correct query to check access
$query = "SELECT guid FROM {$dbprefix}entities e\n\t\t\t WHERE e.guid = {$entity_guid}\n\t\t\t AND {$access_bit}";
if (get_data($query)) {
// regsiter shutdown function because we need the full entity
// this is a workaround and should be reviewed in the near future
register_shutdown_function('tag_tools_notify_user', $user->getGUID(), $entity_row->guid, $tag);
}
}
elgg_set_ignore_access($ia);
}示例2: get_number_users
/**
* Return the number of users registered in the system.
*
* @param bool $show_deactivated Count not enabled users?
*
* @return int
*/
function get_number_users($show_deactivated = false)
{
global $CONFIG;
$access = "";
if (!$show_deactivated) {
$access = "and " . _elgg_get_access_where_sql(array('table_alias' => ''));
}
$query = "SELECT count(*) as count\n\t\tfrom {$CONFIG->dbprefix}entities where type='user' {$access}";
$result = get_data_row($query);
if ($result) {
return $result->count;
}
return false;
}示例3: get_user_by_email
/**
* Get an array of users from an email address
*
* @param string $email Email address.
*
* @return array
*/
function get_user_by_email($email)
{
global $CONFIG;
$email = sanitise_string($email);
$access = _elgg_get_access_where_sql();
$query = "SELECT e.* FROM {$CONFIG->dbprefix}entities e\n\t\tJOIN {$CONFIG->dbprefix}users_entity u ON e.guid = u.guid\n\t\tWHERE email = '{$email}' AND {$access}";
return get_data($query, 'entity_row_to_elggstar');
}示例4: elgg_solr_get_entity_guids
function elgg_solr_get_entity_guids(array $options = array())
{
global $CONFIG;
$defaults = array('types' => ELGG_ENTITIES_ANY_VALUE, 'subtypes' => ELGG_ENTITIES_ANY_VALUE, 'type_subtype_pairs' => ELGG_ENTITIES_ANY_VALUE, 'guids' => ELGG_ENTITIES_ANY_VALUE, 'owner_guids' => ELGG_ENTITIES_ANY_VALUE, 'container_guids' => ELGG_ENTITIES_ANY_VALUE, 'site_guids' => $CONFIG->site_guid, 'modified_time_lower' => ELGG_ENTITIES_ANY_VALUE, 'modified_time_upper' => ELGG_ENTITIES_ANY_VALUE, 'created_time_lower' => ELGG_ENTITIES_ANY_VALUE, 'created_time_upper' => ELGG_ENTITIES_ANY_VALUE, 'reverse_order_by' => false, 'order_by' => 'e.time_created desc', 'group_by' => ELGG_ENTITIES_ANY_VALUE, 'limit' => 10, 'offset' => 0, 'count' => false, 'selects' => array(), 'wheres' => array(), 'joins' => array(), 'callback' => false, '__ElggBatch' => null);
$options = array_merge($defaults, $options);
// can't use helper function with type_subtype_pair because
// it's already an array...just need to merge it
if (isset($options['type_subtype_pair'])) {
if (isset($options['type_subtype_pairs'])) {
$options['type_subtype_pairs'] = array_merge($options['type_subtype_pairs'], $options['type_subtype_pair']);
} else {
$options['type_subtype_pairs'] = $options['type_subtype_pair'];
}
}
$singulars = array('type', 'subtype', 'guid', 'owner_guid', 'container_guid', 'site_guid');
$options = _elgg_normalize_plural_options_array($options, $singulars);
// evaluate where clauses
if (!is_array($options['wheres'])) {
$options['wheres'] = array($options['wheres']);
}
$wheres = $options['wheres'];
$wheres[] = _elgg_get_entity_type_subtype_where_sql('e', $options['types'], $options['subtypes'], $options['type_subtype_pairs']);
$wheres[] = _elgg_get_guid_based_where_sql('e.guid', $options['guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.owner_guid', $options['owner_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.container_guid', $options['container_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.site_guid', $options['site_guids']);
$wheres[] = _elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
if ($where === false) {
return false;
} elseif (empty($where)) {
unset($wheres[$i]);
}
}
// remove identical where clauses
$wheres = array_unique($wheres);
// evaluate join clauses
if (!is_array($options['joins'])) {
$options['joins'] = array($options['joins']);
}
// remove identical join clauses
$joins = array_unique($options['joins']);
foreach ($joins as $i => $join) {
if ($join === false) {
return false;
} elseif (empty($join)) {
unset($joins[$i]);
}
}
// evalutate selects
if ($options['selects']) {
$selects = '';
foreach ($options['selects'] as $select) {
$selects .= ", {$select}";
}
} else {
$selects = '';
}
if (!$options['count']) {
$distinct = '';
if ($options['require_distinct']) {
$distinct = ' DISTINCT';
}
$query = "SELECT{$distinct} e.guid{$selects} FROM {$CONFIG->dbprefix}entities e ";
} else {
$query = "SELECT count(DISTINCT e.guid) as total FROM {$CONFIG->dbprefix}entities e ";
}
// add joins
foreach ($joins as $j) {
$query .= " {$j} ";
}
// add wheres
$query .= ' WHERE ';
foreach ($wheres as $w) {
$query .= " {$w} AND ";
}
// Add access controls
$query .= _elgg_get_access_where_sql();
// reverse order by
if ($options['reverse_order_by']) {
$options['order_by'] = _elgg_sql_reverse_order_by_clause($options['order_by']);
}
if (!$options['count']) {
if ($options['group_by']) {
$query .= " GROUP BY {$options['group_by']}";
}
if ($options['order_by']) {
$query .= " ORDER BY {$options['order_by']}";
}
if ($options['limit']) {
$limit = sanitise_int($options['limit'], false);
$offset = sanitise_int($options['offset'], false);
$query .= " LIMIT {$offset}, {$limit}";
}
if ($options['callback'] === 'entity_row_to_elggstar') {
$dt = _elgg_fetch_entities_from_sql($query, $options['__ElggBatch']);
} else {
$dt = get_data($query, $options['callback']);
//.........这里部分代码省略.........
示例5: testAccessPluginHookAddAnd
public function testAccessPluginHookAddAnd()
{
elgg_register_plugin_hook_handler('get_sql', 'access', array($this, 'addAndCallback'));
$sql = _elgg_get_access_where_sql();
$ans = "((1 = 1) AND (e.enabled = 'yes' AND 57 > 32))";
$this->assertTrue($this->assertSqlEqual($ans, $sql), "{$sql} does not match {$ans}");
}示例6: _elgg_get_entity_metadata_where_sql
/**
* Returns metadata name and value SQL where for entities.
* NB: $names and $values are not paired. Use $pairs for this.
* Pairs default to '=' operand.
*
* This function is reused for annotations because the tables are
* exactly the same.
*
* @param string $e_table Entities table name
* @param string $n_table Normalized metastrings table name (Where entities,
* values, and names are joined. annotations / metadata)
* @param array|null $names Array of names
* @param array|null $values Array of values
* @param array|null $pairs Array of names / values / operands
* @param string $pair_operator ("AND" or "OR") Operator to use to join the where clauses for pairs
* @param bool $case_sensitive Case sensitive metadata names?
* @param array|null $order_by_metadata Array of names / direction
* @param array|null $owner_guids Array of owner GUIDs
*
* @return false|array False on fail, array('joins', 'wheres')
* @since 1.7.0
* @access private
*/
function _elgg_get_entity_metadata_where_sql($e_table, $n_table, $names = null, $values = null, $pairs = null, $pair_operator = 'AND', $case_sensitive = true, $order_by_metadata = null, $owner_guids = null)
{
global $CONFIG;
// short circuit if nothing requested
// 0 is a valid (if not ill-conceived) metadata name.
// 0 is also a valid metadata value for false, null, or 0
// 0 is also a valid(ish) owner_guid
if (!$names && $names !== 0 && (!$values && $values !== 0) && (!$pairs && $pairs !== 0) && (!$owner_guids && $owner_guids !== 0) && !$order_by_metadata) {
return '';
}
// join counter for incremental joins.
$i = 1;
// binary forces byte-to-byte comparision of strings, making
// it case- and diacritical-mark- sensitive.
// only supported on values.
$binary = $case_sensitive ? ' BINARY ' : '';
$access = _elgg_get_access_where_sql(array('table_alias' => 'n_table'));
$return = array('joins' => array(), 'wheres' => array(), 'orders' => array());
// will always want to join these tables if pulling metastrings.
$return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table on\n\t\t{$e_table}.guid = n_table.entity_guid";
$wheres = array();
// get names wheres and joins
$names_where = '';
if ($names !== null) {
if (!is_array($names)) {
$names = array($names);
}
$sanitised_names = array();
foreach ($names as $name) {
// normalise to 0.
if (!$name) {
$name = '0';
}
$sanitised_names[] = '\'' . sanitise_string($name) . '\'';
}
if ($names_str = implode(',', $sanitised_names)) {
$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on n_table.name_id = msn.id";
$names_where = "(msn.string IN ({$names_str}))";
}
}
// get values wheres and joins
$values_where = '';
if ($values !== null) {
if (!is_array($values)) {
$values = array($values);
}
$sanitised_values = array();
foreach ($values as $value) {
// normalize to 0
if (!$value) {
$value = 0;
}
$sanitised_values[] = '\'' . sanitise_string($value) . '\'';
}
if ($values_str = implode(',', $sanitised_values)) {
$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on n_table.value_id = msv.id";
$values_where = "({$binary}msv.string IN ({$values_str}))";
}
}
if ($names_where && $values_where) {
$wheres[] = "({$names_where} AND {$values_where} AND {$access})";
} elseif ($names_where) {
$wheres[] = "({$names_where} AND {$access})";
} elseif ($values_where) {
$wheres[] = "({$values_where} AND {$access})";
}
// add pairs
// pairs must be in arrays.
if (is_array($pairs)) {
// check if this is an array of pairs or just a single pair.
if (isset($pairs['name']) || isset($pairs['value'])) {
$pairs = array($pairs);
}
$pair_wheres = array();
// @todo when the pairs are > 3 should probably split the query up to
// denormalize the strings table.
foreach ($pairs as $index => $pair) {
//.........这里部分代码省略.........
示例7: get_access_sql_suffix
/**
* Returns the SQL where clause for a table with access_id and enabled columns.
*
* This handles returning where clauses for ACCESS_FRIENDS in addition to using
* get_access_list() for access collections and the standard access levels.
*
* Note that if this code is executed in privileged mode it will return (1=1).
*
* @param string $table_prefix Optional table prefix for the access code.
* @param int $owner Optional user guid to get access information for. Defaults
* to logged in user.
* @return string
* @access private
* @deprecated 1.9 Use _elgg_get_access_where_sql()
*/
function get_access_sql_suffix($table_prefix = '', $owner = null)
{
elgg_deprecated_notice(__FUNCTION__ . ' is deprecated by _elgg_get_access_where_sql()', 1.9);
return _elgg_get_access_where_sql(array('table_alias' => $table_prefix, 'user_guid' => (int) $owner));
}示例8: getDates
/**
* Returns a list of months in which entities were updated or created.
*
* @tip Use this to generate a list of archives by month for when entities were added or updated.
*
* @todo document how to pass in array for $subtype
*
* @warning Months are returned in the form YYYYMM.
*
* @param string $type The type of entity
* @param string $subtype The subtype of entity
* @param int $container_guid The container GUID that the entities belong to
* @param int $site_guid The site GUID
* @param string $order_by Order_by SQL order by clause
*
* @return array|false Either an array months as YYYYMM, or false on failure
*/
function getDates($type = '', $subtype = '', $container_guid = 0, $site_guid = 0, $order_by = 'time_created')
{
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = $this->CONFIG->site_guid;
}
$where = array();
if ($type != "") {
$type = sanitise_string($type);
$where[] = "type='{$type}'";
}
if (is_array($subtype)) {
$tempwhere = "";
if (sizeof($subtype)) {
foreach ($subtype as $typekey => $subtypearray) {
foreach ($subtypearray as $subtypeval) {
$typekey = sanitise_string($typekey);
if (!empty($subtypeval)) {
if (!($subtypeval = (int) get_subtype_id($typekey, $subtypeval))) {
return false;
}
} else {
$subtypeval = 0;
}
if (!empty($tempwhere)) {
$tempwhere .= " or ";
}
$tempwhere .= "(type = '{$typekey}' and subtype = {$subtypeval})";
}
}
}
if (!empty($tempwhere)) {
$where[] = "({$tempwhere})";
}
} else {
if ($subtype) {
if (!($subtype_id = get_subtype_id($type, $subtype))) {
return false;
} else {
$where[] = "subtype={$subtype_id}";
}
}
}
if ($container_guid !== 0) {
if (is_array($container_guid)) {
foreach ($container_guid as $key => $val) {
$container_guid[$key] = (int) $val;
}
$where[] = "container_guid in (" . implode(",", $container_guid) . ")";
} else {
$container_guid = (int) $container_guid;
$where[] = "container_guid = {$container_guid}";
}
}
if ($site_guid > 0) {
$where[] = "site_guid = {$site_guid}";
}
$where[] = _elgg_get_access_where_sql(array('table_alias' => ''));
$sql = "SELECT DISTINCT EXTRACT(YEAR_MONTH FROM FROM_UNIXTIME(time_created)) AS yearmonth\n\t\t\tFROM {$this->CONFIG->dbprefix}entities where ";
foreach ($where as $w) {
$sql .= " {$w} and ";
}
$sql .= "1=1 ORDER BY {$order_by}";
if ($result = _elgg_services()->db->getData($sql)) {
$endresult = array();
foreach ($result as $res) {
$endresult[] = $res->yearmonth;
}
return $endresult;
}
return false;
}示例9: populateFromEntities
/**
* Populate the cache from a set of entities
*
* @param int|array $guids Array of or single GUIDs
* @return void
*/
public function populateFromEntities($guids)
{
if (empty($guids)) {
return;
}
$version = (int) elgg_get_config('version');
if (!empty($version) && $version < 2016110900) {
// can't use this during upgrade from 2.x to 3.0
return;
}
$access_key = $this->getAccessKey();
if (!is_array($guids)) {
$guids = array($guids);
}
$guids = array_unique($guids);
// could be useful at some point in future
//$guids = $this->filterMetadataHeavyEntities($guids);
$db_prefix = _elgg_services()->db->prefix;
$options = array('guids' => $guids, 'limit' => 0, 'callback' => false, 'distinct' => false, 'order_by' => 'n_table.entity_guid, n_table.time_created ASC, n_table.id ASC', 'wheres' => array(_elgg_get_access_where_sql(array('table_alias' => 'n_table', 'guid_column' => 'entity_guid'))));
$data = _elgg_services()->metadataTable->getAll($options);
// make sure we show all entities as loaded
foreach ($guids as $guid) {
$this->values[$access_key][$guid] = null;
}
// build up metadata for each entity, save when GUID changes (or data ends)
$last_guid = null;
$metadata = array();
$last_row_idx = count($data) - 1;
foreach ($data as $i => $row) {
$name = $row->name;
$value = $row->value_type === 'text' ? $row->value : (int) $row->value;
$guid = $row->entity_guid;
if ($guid !== $last_guid) {
if ($last_guid) {
$this->values[$access_key][$last_guid] = $metadata;
}
$metadata = array();
}
if (isset($metadata[$name])) {
$metadata[$name] = (array) $metadata[$name];
$metadata[$name][] = $value;
} else {
$metadata[$name] = $value;
}
if ($i == $last_row_idx) {
$this->values[$access_key][$guid] = $metadata;
}
$last_guid = $guid;
}
}示例10: getByEmail
/**
* Get an array of users from an email address
*
* @param string $email Email address.
*
* @return array
*/
function getByEmail($email)
{
$email = sanitise_string($email);
$access = _elgg_get_access_where_sql();
$query = "SELECT e.* FROM {$this->CONFIG->dbprefix}entities e\n\t\t\tJOIN {$this->CONFIG->dbprefix}users_entity u ON e.guid = u.guid\n\t\t\tWHERE email = '{$email}' AND {$access}";
return _elgg_services()->db->getData($query, 'entity_row_to_elggstar');
}示例11: elgg_get_group_river
//.........这里部分代码省略.........
* @return array|int
* @since 1.8.0
*/
function elgg_get_group_river(array $options = array())
{
global $CONFIG;
//error_log("group river");
$defaults = array('ids' => ELGG_ENTITIES_ANY_VALUE, 'subject_guids' => ELGG_ENTITIES_ANY_VALUE, 'object_guids' => ELGG_ENTITIES_ANY_VALUE, 'target_guids' => ELGG_ENTITIES_ANY_VALUE, 'annotation_ids' => ELGG_ENTITIES_ANY_VALUE, 'action_types' => ELGG_ENTITIES_ANY_VALUE, 'relationship' => null, 'relationship_guid' => null, 'inverse_relationship' => false, 'types' => ELGG_ENTITIES_ANY_VALUE, 'subtypes' => ELGG_ENTITIES_ANY_VALUE, 'type_subtype_pairs' => ELGG_ENTITIES_ANY_VALUE, 'posted_time_lower' => ELGG_ENTITIES_ANY_VALUE, 'posted_time_upper' => ELGG_ENTITIES_ANY_VALUE, 'limit' => 20, 'offset' => 0, 'count' => false, 'distinct' => false, 'order_by' => 'u.posted desc', 'group_by' => ELGG_ENTITIES_ANY_VALUE, 'wheres' => array(), 'wheres1' => array(), 'wheres2' => array(), 'joins' => array());
$options = array_merge($defaults, $options);
$singulars = array('id', 'subject_guid', 'object_guid', 'target_guid', 'annotation_id', 'action_type', 'type', 'subtype');
$options = _elgg_normalize_plural_options_array($options, $singulars);
$wheres1 = $options['wheres1'];
$wheres2 = $options['wheres2'];
/*
$wheres[] = _elgg_get_guid_based_where_sql('rv.id', $options['ids']);
$wheres[] = _elgg_get_guid_based_where_sql('rv.subject_guid', $options['subject_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('rv.object_guid', $options['object_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('rv.target_guid', $options['target_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('rv.annotation_id', $options['annotation_ids']);
$wheres[] = _elgg_river_get_action_where_sql($options['action_types']);
$wheres[] = _elgg_get_river_type_subtype_where_sql('rv', $options['types'],
$options['subtypes'], $options['type_subtype_pairs']);
*/
/*if ($options['posted_time_lower'] && is_int($options['posted_time_lower'])) {
$wheres1[] = "rv.posted >= {$options['posted_time_lower']}";
$wheres2[] = "rv.posted >= {$options['posted_time_lower']}";
}
if ($options['posted_time_upper'] && is_int($options['posted_time_upper'])) {
$wheres1[] = "rv.posted <= {$options['posted_time_upper']}";
$wheres2[] = "rv.posted <= {$options['posted_time_upper']}";
}*/
if (!access_get_show_hidden_status()) {
$wheres1[] = "rv.enabled = 'yes'";
$wheres2[] = "rv.enabled = 'yes'";
}
$dbprefix = elgg_get_config('dbprefix');
$join1 = "JOIN {$dbprefix}entities oe ON rv.object_guid = oe.guid";
// LEFT JOIN is used because all river items do not necessarily have target
$join2 = "LEFT JOIN {$dbprefix}entities te ON rv.target_guid = te.guid";
// see if any functions failed
// remove empty strings on successful functions
/*foreach ($wheres1 as $i => $where) {
if ($where === false) {
return false;
} elseif (empty($where)) {
unset($wheres1[$i]);
}
}
foreach ($wheres2 as $i => $where) {
if ($where === false) {
return false;
} elseif (empty($where)) {
unset($wheres2[$i]);
}
}
// remove identical where clauses
$wheres1 = array_unique($wheres1);
$wheres2 = array_unique($wheres2);
*/
// Wheres for the 2 parts of the union query
$w1 = "";
foreach ($wheres1 as $w) {
$w1 .= " {$w} AND ";
}
$w2 = "";
foreach ($wheres2 as $w) {
$w2 .= " {$w} AND ";
}
// Make sure that user has access to all the entities referenced by each river item
$object_access_where = _elgg_get_access_where_sql(array('table_alias' => 'oe'));
$target_access_where = _elgg_get_access_where_sql(array('table_alias' => 'te'));
if (!$options['count']) {
$GOL = "";
// Group by / order / limit
$options['group_by'] = sanitise_string($options['group_by']);
if ($options['group_by']) {
$GOL .= " GROUP BY {$options['group_by']}";
}
$options['order_by'] = sanitise_string($options['order_by']);
$GOL .= " ORDER BY {$options['order_by']}";
if ($options['limit']) {
$limit = sanitise_int($options['limit']);
$offset = sanitise_int($options['offset'], false);
$GOL .= " LIMIT {$offset}, {$limit}";
}
// custom UNION - based query
$query = "SELECT u.* FROM ( ( SELECT rv.* FROM {$CONFIG->dbprefix}river rv {$join1} WHERE {$w1} {$object_access_where} ) UNION " . "( SELECT rv.* FROM {$CONFIG->dbprefix}river rv {$join2} WHERE {$w2} ({$target_access_where} OR te.guid IS NULL) ) ) u {$GOL}";
$river_items = get_data($query, '_elgg_row_to_elgg_river_item');
_elgg_prefetch_river_entities($river_items);
// error_log($query);
return $river_items;
} else {
$query = "SELECT sum(count) as total FROM ( ( SELECT count(*) as count FROM {$CONFIG->dbprefix}river rv {$join1} WHERE {$w1} {$object_access_where} ) UNION " . "( SELECT count(*) as count FROM {$CONFIG->dbprefix}river rv {$join2} WHERE {$w2} ({$target_access_where} OR te.guid IS NULL) ) ) u";
// error_log($query);
$total = get_data_row($query);
return (int) $total->total;
}
}示例12: has_access_to_entity
/**
* Can a user access an entity.
*
* @warning If a logged in user doesn't have access to an entity, the
* core engine will not load that entity.
*
* @tip This is mostly useful for checking if a user other than the logged in
* user has access to an entity that is currently loaded.
*
* @todo This function would be much more useful if we could pass the guid of the
* entity to test access for. We need to be able to tell whether the entity exists
* and whether the user has access to the entity.
*
* @param ElggEntity $entity The entity to check access for.
* @param ElggUser $user Optionally user to check access for. Defaults to
* logged in user (which is a useless default).
*
* @return bool
*/
function has_access_to_entity($entity, $user = null)
{
global $CONFIG;
// See #7159. Must not allow ignore access to affect query
$ia = elgg_set_ignore_access(false);
if (!isset($user)) {
$access_bit = _elgg_get_access_where_sql();
} else {
$access_bit = _elgg_get_access_where_sql(array('user_guid' => $user->getGUID()));
}
elgg_set_ignore_access($ia);
$query = "SELECT guid from {$CONFIG->dbprefix}entities e WHERE e.guid = " . $entity->getGUID();
// Add access controls
$query .= " AND " . $access_bit;
if (get_data($query)) {
return true;
} else {
return false;
}
}示例13: WHERE
$offset = 0;
$limit = (int) $widget->num_display;
if ($limit < 1) {
$limit = 10;
}
$sql = "SELECT {$dbprefix}river.*";
$sql .= " FROM {$dbprefix}river";
$sql .= " INNER JOIN {$dbprefix}entities AS entities1 ON {$dbprefix}river.object_guid = entities1.guid";
$sql .= ' WHERE (entities1.container_guid in (' . implode(',', $group_guid) . ')';
$sql .= " OR {$dbprefix}river.object_guid IN (" . implode(',', $group_guid) . '))';
if (!empty($activity_filter) && is_string($activity_filter)) {
list($type, $subtype) = explode(',', $activity_filter);
if (!empty($type)) {
$filter_where = " ({$dbprefix}river.type = '" . sanitise_string($type) . "'";
if (!empty($subtype)) {
$filter_where .= " AND {$dbprefix}river.subtype = '" . sanitise_string($subtype) . "'";
}
$filter_where .= ')';
$sql .= ' AND ' . $filter_where;
}
}
$sql .= ' AND ' . _elgg_get_access_where_sql(['table_alias' => 'entities1']);
$sql .= " ORDER BY {$dbprefix}river.posted DESC";
$sql .= " LIMIT {$offset},{$limit}";
$items = get_data($sql, '_elgg_row_to_elgg_river_item');
if (empty($items)) {
echo elgg_echo('widgets:group_river_widget:view:noactivity');
return;
}
$options = ['pagination' => false, 'count' => count($items), 'items' => $items, 'list_class' => 'elgg-list-river elgg-river', 'limit' => $limit, 'offset' => $offset];
echo elgg_view('page/components/list', $options);示例14: has_access_to_entity
/**
* Can a user access an entity.
*
* @warning If a logged in user doesn't have access to an entity, the
* core engine will not load that entity.
*
* @tip This is mostly useful for checking if a user other than the logged in
* user has access to an entity that is currently loaded.
*
* @todo This function would be much more useful if we could pass the guid of the
* entity to test access for. We need to be able to tell whether the entity exists
* and whether the user has access to the entity.
*
* @param ElggEntity $entity The entity to check access for.
* @param ElggUser $user Optionally user to check access for. Defaults to
* logged in user (which is a useless default).
*
* @return bool
*/
function has_access_to_entity($entity, $user = null)
{
global $CONFIG;
if (!isset($user)) {
$access_bit = _elgg_get_access_where_sql();
} else {
$access_bit = _elgg_get_access_where_sql(array('user_guid' => $user->getGUID()));
}
$query = "SELECT guid from {$CONFIG->dbprefix}entities e WHERE e.guid = " . $entity->getGUID();
// Add access controls
$query .= " AND " . $access_bit;
if (get_data($query)) {
return true;
} else {
return false;
}
}示例15: getEntityMetadataWhereSql
/**
* Returns metadata name and value SQL where for entities.
* NB: $names and $values are not paired. Use $pairs for this.
* Pairs default to '=' operand.
*
* This function is reused for annotations because the tables are
* exactly the same.
*
* @param string $e_table Entities table name
* @param string $n_table Normalized metastrings table name (Where entities,
* values, and names are joined. annotations / metadata)
* @param array|null $names Array of names
* @param array|null $values Array of values
* @param array|null $pairs Array of names / values / operands
* @param string $pair_operator ("AND" or "OR") Operator to use to join the where clauses for pairs
* @param bool $case_sensitive Case sensitive metadata names?
* @param array|null $order_by_metadata Array of names / direction
* @param array|null $owner_guids Array of owner GUIDs
*
* @return false|array False on fail, array('joins', 'wheres')
* @access private
*/
function getEntityMetadataWhereSql($e_table, $n_table, $names = null, $values = null, $pairs = null, $pair_operator = 'AND', $case_sensitive = true, $order_by_metadata = null, $owner_guids = null)
{
// short circuit if nothing requested
// 0 is a valid (if not ill-conceived) metadata name.
// 0 is also a valid metadata value for false, null, or 0
// 0 is also a valid(ish) owner_guid
if (!$names && $names !== 0 && (!$values && $values !== 0) && (!$pairs && $pairs !== 0) && (!$owner_guids && $owner_guids !== 0) && !$order_by_metadata) {
return '';
}
// join counter for incremental joins.
$i = 1;
// binary forces byte-to-byte comparision of strings, making
// it case- and diacritical-mark- sensitive.
// only supported on values.
$binary = $case_sensitive ? ' BINARY ' : '';
$access = _elgg_get_access_where_sql(array('table_alias' => 'n_table', 'guid_column' => 'entity_guid'));
$return = array('joins' => array(), 'wheres' => array(), 'orders' => array());
$return['joins'][] = "JOIN {$this->db->prefix}{$n_table} n_table on\n\t\t\t{$e_table}.guid = n_table.entity_guid";
$wheres = array();
// get names wheres and joins
$names_where = '';
if ($names !== null) {
if (!is_array($names)) {
$names = array($names);
}
$sanitised_names = array();
foreach ($names as $name) {
// normalise to 0.
if (!$name) {
$name = '0';
}
$sanitised_names[] = '\'' . $this->db->sanitizeString($name) . '\'';
}
if ($names_str = implode(',', $sanitised_names)) {
$names_where = "(n_table.name IN ({$names_str}))";
}
}
// get values wheres and joins
$values_where = '';
if ($values !== null) {
if (!is_array($values)) {
$values = array($values);
}
$sanitised_values = array();
foreach ($values as $value) {
// normalize to 0
if (!$value) {
$value = 0;
}
$sanitised_values[] = '\'' . $this->db->sanitizeString($value) . '\'';
}
if ($values_str = implode(',', $sanitised_values)) {
$values_where = "({$binary}n_table.value IN ({$values_str}))";
}
}
if ($names_where && $values_where) {
$wheres[] = "({$names_where} AND {$values_where} AND {$access})";
} elseif ($names_where) {
$wheres[] = "({$names_where} AND {$access})";
} elseif ($values_where) {
$wheres[] = "({$values_where} AND {$access})";
}
// add pairs
// pairs must be in arrays.
if (is_array($pairs)) {
// check if this is an array of pairs or just a single pair.
if (isset($pairs['name']) || isset($pairs['value'])) {
$pairs = array($pairs);
}
$pair_wheres = array();
// @todo when the pairs are > 3 should probably split the query up to
// denormalize the strings table.
foreach ($pairs as $index => $pair) {
// @todo move this elsewhere?
// support shortcut 'n' => 'v' method.
if (!is_array($pair)) {
$pair = array('name' => $index, 'value' => $pair);
}
//.........这里部分代码省略.........