/** * restrict the scope of SQL query * * @return string to be inserted into a SQL statement */ private static function get_sql_where() { // display active items $where = "sections.active='Y'"; // add restricted items to members and for trusted hosts, or if teasers are allowed if (Surfer::is_logged() || Surfer::is_trusted() || Surfer::is_teased()) { $where .= " OR sections.active='R'"; } // include hidden items for associates and for trusted hosts, or if teasers are allowed if (Surfer::is_associate() || Surfer::is_trusted() || Surfer::is_teased()) { $where .= " OR sections.active='N'"; } else { // include content from managed sections if ($my_sections = Surfer::assigned_sections()) { $where .= " OR sections.anchor IN ('section:" . join("', 'section:", $my_sections) . "')" . " OR sections.id IN (" . join(", ", $my_sections) . ")"; } } // end of active filter $where = '(' . $where . ')'; // job done return $where; }
/** * check that the surfer is allowed to display the anchor * * This function is used to control the authority delegation from the anchor. * * To be overloaded into derived class if field has a different name * * @param int optional reference to some user profile * @return TRUE or FALSE */ function is_viewable($user_id = NULL) { global $context; // we need some data to proceed if (!isset($this->item['id'])) { return FALSE; } // surfer is a trusted host if (Surfer::is_trusted()) { return TRUE; } // section is public if (isset($this->item['active']) && $this->item['active'] == 'Y') { return TRUE; } // id of requesting user if (!$user_id) { $user_id = Surfer::get_id(); } // anonymous is allowed if (!$user_id) { $user_id = 0; } // section is opened to members if ($user_id && isset($this->item['active']) && $this->item['active'] == 'R') { return TRUE; } // anchor has to be assigned return $this->is_assigned($user_id) || Surfer::is_associate(); }
/** * restrict the scope of SQL query * * @return string to be inserted into a SQL statement */ private static function get_sql_where() { // display active items $where = "files.active='Y'"; // add restricted items to members and for trusted hosts, or if teasers are allowed if (Surfer::is_logged() || Surfer::is_trusted() || Surfer::is_teased()) { $where .= " OR files.active='R'"; } // include hidden items for associates and for trusted hosts, or if teasers are allowed if (Surfer::is_empowered('S') || Surfer::is_trusted() || Surfer::is_teased()) { $where .= " OR files.active='N'"; } // end of active filter $where = '(' . $where . ')'; // job done return $where; }