private function getPhotosWhereSql($addwhere = true) { $uid = Utils::pg('uid', 0); $cid = Utils::pg('cid', 0); $scid = Utils::pg('scid', 0); $approved = Utils::pg('approved', ''); $rejected = Utils::pg('rejected', ''); $waiting = Utils::pg('waiting', ''); $user_login = Utils::pg('user_login', ''); if (!empty($user_login)) { $db = Database::singletone()->db(); $sth = $db->prepare('SELECT user_id FROM phph_users WHERE user_login = :login'); $sth->bindParam(':login', $user_login); $sth->execute(); $row = $sth->fetch(); if ($row) { $uid = $row['user_id']; } } $sql = ''; if (!is_numeric($uid)) { $uid = 0; } if (!is_numeric($cid)) { $cid = 0; } if (!empty($approved) || !empty($rejected) || !empty($waiting)) { $ssql = ' (0=1 '; if (!empty($approved)) { $ssql .= " OR pm.moderation_mode = 'approve'"; } if (!empty($rejected)) { $ssql .= " OR pm.moderation_mode = 'reject'"; } if (!empty($waiting)) { $ssql .= " OR p.moderation_id IS NULL"; } $ssql .= ') '; $sql .= (empty($sql) ? "" : " AND ") . $ssql; } if ($uid > 0) { $sql .= (empty($sql) ? "" : " AND ") . " p.user_id = {$uid}"; } if ($cid > 0) { if (!empty($scid)) { $cids = array(); $cids = Category::getSubCategoriesCIDs($cid, true); $cids[] = $cid; $scids = implode(', ', $cids); $sql .= (empty($sql) ? "" : " AND ") . "p.photo_id IN (SELECT c.photo_id FROM phph_photos_categories c WHERE c.category_id IN ({$scids}))"; } else { $sql .= (empty($sql) ? "" : " AND ") . "p.photo_id IN (SELECT c.photo_id FROM phph_photos_categories c WHERE c.category_id = {$cid})"; } } if ($addwhere) { if (empty($sql)) { $sql = 'WHERE 1=1 '; } else { $sql = 'WHERE ' . $sql; } } return $sql; }