public static function getLists($listId, $listType, $author = null, $order = 'listnameA', $autoAdd = false, $onlyPublished = true, $onlyName = false, $notification = false, $onlyVisible = false, $listsearch = '', $setLimit = null, $setSort = null, $ownedlists = 0, $ownerid = 0) { $db = JFactory::getDBO(); $acl = JFactory::getACL(); $my = JFactory::getUser(); $mainframe = JFactory::getApplication(); $gid = !empty($GLOBALS[JNEWS . 'list_creatorfe']) ? $GLOBALS[JNEWS . 'list_creatorfe'] : 0; $gids = array(); $gids = explode(',', $gid); if (empty($gids)) { $gids = $gid; } if ($onlyName) { $query = 'SELECT `id` AS id, `list_name` AS list_name, `list_desc` AS list_desc, `list_type` AS list_type, `hidden` FROM `#__jnews_lists` '; } else { $query = 'SELECT * FROM `#__jnews_lists` '; } $where = array(); if ($listId > 0) { $where[] = ' `id`=' . intval($listId); } if ($listType > 0) { // $where[] = ' `list_type`='.intval($listType); if (is_array($listType)) { $where[] = ' `list_type` IN (' . jnews::implode(',', $listType) . ') '; } else { $where[] = ' `list_type`=' . intval($listType); } } if ($autoAdd) { $where[] = ' `auto_add`=1 '; } if ($onlyPublished == true) { $where[] = ' `published`=1 '; } if ($onlyVisible == true) { $where[] = ' `hidden`=1 '; } if (!empty($listsearch)) { if (is_numeric($listsearch)) { $where[] = ' `id`=' . $listsearch; } else { $where[] = ' (list_name LIKE \'%' . $listsearch . '%\' OR sendername LIKE \'%' . $listsearch . '%\')'; } } if (class_exists('jNews_Pro') && isset($author)) { static $accIds = array(); if (!isset($accIds[$my->id])) { if ($mainframe->isAdmin()) { if (version_compare(JVERSION, '1.6.0', '<')) { $acl = JFactory::getACL(); $usergroups = $acl->get_group_children_tree(null, 'USERS', false); } else { $db->setQuery('SELECT a.*, a.title as text, a.id as value FROM #__usergroups AS a ORDER BY a.lft ASC'); $usergroups = $db->loadObjectList(); } foreach ($usergroups as $usergroup) { $allgroups[] = $usergroup->value; } $accIds[$my->id] = implode(',', $allgroups); $subaccess = $accIds[$my->id]; //$where[] = " (`acc_id` IN ($subaccess) OR `acc_id` LIKE '%all%' )"; //we should not have this where clause since this is the backend 8855445 } else { if (version_compare(JVERSION, '1.6.0', '>=')) { //j16 $my->gid = JAccess::getGroupsByUser($my->id, false); $accIds[$my->id] = $my->gid[0]; } else { $accIds[$my->id] = $my->gid; } $subaccess = $accIds[$my->id]; $where[] = " (`acc_id` LIKE '%{$subaccess},%' OR `acc_id` LIKE '%all%' )"; } } } if (!empty($my->id)) { $ownedlists = jNews_Lists::getOwnedlists($my->id); } $gidAdmins = array(24, 25, 7, 8); if (version_compare(JVERSION, '1.6.0', '>=')) { //j16 $gid = JAccess::getGroupsByUser($my->id, false); $my->gid = $gid[0]; } if (JRequest::getVar('act', '', '', 'WORD') != 'show') { //we don't filter the lists in the "My Subscriptions" //filter lists by ownerid if (!empty($my->id) && !$mainframe->isAdmin() && !in_array($my->gid, $gidAdmins) && !empty($ownedlists)) { $allUserAccessA = jNews_Lists::getUserGroups($my); //$my->getAuthorisedGroups(); // $where[] = "( `acc_level` LIKE '%" . implode( ",%' OR `acc_level` LIKE '%", $allUserAccessA ) . ",%' OR `owner`=".$my->id.")"; $where[] = "( `acc_level` LIKE '%" . implode(",%' OR `acc_level` LIKE '%", $allUserAccessA) . ",%' OR `acc_level` LIKE '%" . implode("%' OR `acc_level` LIKE '%", $allUserAccessA) . "%' OR `owner`=" . $my->id . ")"; } //filter lists by acclevel if (!empty($my->id) && !$mainframe->isAdmin() && !in_array($my->gid, $gidAdmins) && empty($ownedlists)) { $allUserAccessA = jNews_Lists::getUserGroups($my); //$my->getAuthorisedGroups(); //$where[] = "( `acc_level` LIKE '%all%' OR `acc_level` LIKE '%" . implode( ",%' OR `acc_level` LIKE '%", $allUserAccessA ) . ",%' )"; } if (!$mainframe->isAdmin() && (!empty($ownedlists) or $ownedlists != 0) && !empty($my->id) && !in_array($my->gid, $gidAdmins) && in_array($my->gid, $gids)) { $allUserAccessA = jNews_Lists::getUserGroups($my); //$my->getAuthorisedGroups(); // $where[] = " ( `acc_level` LIKE '%" . implode( ",%' OR `acc_level` LIKE '%", $allUserAccessA ) . ",%' )"; $where[] = " ( `acc_level` LIKE '%" . implode(",%' OR `acc_level` LIKE '%", $allUserAccessA) . ",%' OR `acc_level` LIKE '%" . implode("%' OR `acc_level` LIKE '%", $allUserAccessA) . "%' )"; } } if (JRequest::getVar('act', '', '', 'WORD') == 'show') { //filter lists by acclevel if (!empty($my->id) && !$mainframe->isAdmin() && !in_array($my->gid, $gidAdmins)) { $where[] = "(`acc_id` LIKE '%{$my->gid},%' OR `acc_id` LIKE '%all%')"; } } $wheretag = count($where) ? ' WHERE ' . implode(' AND ', $where) : ''; $query .= $wheretag; //sorting of columns if (!empty($setSort)) { $query .= " ORDER BY `{$setSort->orderValue}` {$setSort->orderDir}"; } else { $query .= class_exists('jnews') ? jnews::orderBy($order) : ''; } //var_dump(($setSort->orderValue)) ; die; if (!empty($setLimit)) { $limitStart = !empty($setLimit->start) ? $setLimit->start : 0; //$setLimit->start; $limitEnd = !empty($setLimit->end) ? $setLimit->end : '-1'; $db->setQuery($query, $limitStart, $limitEnd); } else { $db->setQuery($query); } $lists = $db->loadObjectList(); if (!empty($lists)) { foreach ($lists as $key => $list) { $lists[$key]->list_name = stripslashes($lists[$key]->list_name); $lists[$key]->list_desc = stripslashes($lists[$key]->list_desc); } } return $lists; }