/**
* Returns the SQL where clause for a table with a access_id and enabled columns.
*
* This handles returning where clauses for ACCESS_FRIENDS and the currently
* unused block and filter lists in addition to using get_access_list() for
* access collections and the standard access levels.
*
* @param string $table_prefix Optional table. prefix for the access code.
* @param int $owner The guid to check access for. Defaults to logged in user.
*
* @return string The SQL for a where clause
* @access private
*/
function get_access_sql_suffix($table_prefix = '', $owner = null)
{
global $ENTITY_SHOW_HIDDEN_OVERRIDE, $CONFIG;
$sql = "";
$friends_bit = "";
$enemies_bit = "";
if ($table_prefix) {
$table_prefix = sanitise_string($table_prefix) . ".";
}
if (!isset($owner)) {
$owner = elgg_get_logged_in_user_guid();
}
if (!$owner) {
$owner = -1;
}
$ignore_access = elgg_check_access_overrides($owner);
$access = get_access_list($owner);
if ($ignore_access) {
$sql = " (1 = 1) ";
} else {
if ($owner != -1) {
// we have an entity's guid and auto check for friend relationships
$friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . "\n\t\t\tAND {$table_prefix}owner_guid IN (\n\t\t\t\tSELECT guid_one FROM {$CONFIG->dbprefix}entity_relationships\n\t\t\t\tWHERE relationship='friend' AND guid_two={$owner}\n\t\t\t)";
$friends_bit = '(' . $friends_bit . ') OR ';
// @todo untested and unsupported at present
if (isset($CONFIG->user_block_and_filter_enabled) && $CONFIG->user_block_and_filter_enabled) {
// check to see if the user is in the entity owner's block list
// or if the entity owner is in the user's filter list
// if so, disallow access
$enemies_bit = get_access_restriction_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false);
$enemies_bit = '(' . $enemies_bit . ' AND ' . get_access_restriction_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false) . ')';
}
}
}
if (empty($sql)) {
$sql = " {$friends_bit} ({$table_prefix}access_id IN {$access}\n\t\t\tOR ({$table_prefix}owner_guid = {$owner})\n\t\t\tOR (\n\t\t\t\t{$table_prefix}access_id = " . ACCESS_PRIVATE . "\n\t\t\t\tAND {$table_prefix}owner_guid = {$owner}\n\t\t\t)\n\t\t)";
}
if ($enemies_bit) {
$sql = "{$enemies_bit} AND ({$sql})";
}
if (!$ENTITY_SHOW_HIDDEN_OVERRIDE) {
$sql .= " and {$table_prefix}enabled='yes'";
}
return '(' . $sql . ')';
}
/**
* Returns the SQL where clause for a table with a access_id and enabled columns.
*
* This handles returning where clauses for ACCESS_FRIENDS and the currently
* unused block and filter lists in addition to using get_access_list() for
* access collections and the standard access levels.
*
* @param string $table_prefix Optional table. prefix for the access code.
* @param int $owner The guid to check access for. Defaults to logged in user.
*
* @return string The SQL for a where clause
* @access private
*/
function get_access_sql_suffix($table_prefix = '', $owner = null)
{
global $ENTITY_SHOW_HIDDEN_OVERRIDE, $CONFIG;
static $friends_cache;
$sql = "";
$friends_bit = "";
$enemies_bit = "";
if ($table_prefix) {
$table_prefix = sanitise_string($table_prefix) . ".";
}
if (!isset($owner)) {
$owner = elgg_get_logged_in_user_guid();
}
if (!$owner) {
$owner = -1;
}
$ignore_access = elgg_check_access_overrides($owner);
$access = get_access_list($owner);
if ($ignore_access) {
$sql = " (1 = 1) ";
} else {
if ($owner != -1) {
// we have an entity's guid and auto check for friend relationships
// $friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . "
// AND {$table_prefix}owner_guid IN (
// SELECT guid_one FROM {$CONFIG->dbprefix}entity_relationships
// WHERE relationship='friend' AND guid_two=$owner
// )";
// $friends_bit = '(' . $friends_bit . ') OR ';
if (!isset($friends_cache)) {
$friends_cache = array();
}
if (!isset($friends_cache[$owner])) {
$friends_cache[$owner] = array();
$friends_query = "SELECT guid_one";
$friends_query .= " FROM {$CONFIG->dbprefix}entity_relationships";
$friends_query .= " WHERE relationship='friend'";
$friends_query .= " AND guid_two={$owner}";
if ($friends_result = get_data($friends_query, "elgg_row_to_array")) {
foreach ($friends_result as $friend_row) {
$friends_cache[$owner][] = $friend_row["guid_one"];
}
}
}
if (!empty($friends_cache[$owner])) {
$friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . " AND {$table_prefix}owner_guid IN (" . implode(",", $friends_cache[$owner]) . ")";
$friends_bit = '(' . $friends_bit . ') OR ';
}
// @todo untested and unsupported at present
if (isset($CONFIG->user_block_and_filter_enabled) && $CONFIG->user_block_and_filter_enabled) {
// check to see if the user is in the entity owner's block list
// or if the entity owner is in the user's filter list
// if so, disallow access
$enemies_bit = get_access_restriction_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false);
$enemies_bit = '(' . $enemies_bit . ' AND ' . get_access_restriction_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false) . ')';
}
}
}
if (empty($sql)) {
$sql = " {$friends_bit} ({$table_prefix}access_id IN {$access}\n\t\t\tOR ({$table_prefix}owner_guid = {$owner})\n\t\t\tOR (\n\t\t\t\t{$table_prefix}access_id = " . ACCESS_PRIVATE . "\n\t\t\t\tAND {$table_prefix}owner_guid = {$owner}\n\t\t\t)\n\t\t)";
// Subsite manager - extend access
$params = array("table_prefix" => $table_prefix, "owner" => $owner, "sql" => $sql, "ignore_access" => $ignore_access, "access" => $access);
$sql = elgg_trigger_plugin_hook("access:get_sql_suffix", "user", $params, $sql);
}
if ($enemies_bit) {
$sql = "{$enemies_bit} AND ({$sql})";
}
if (!$ENTITY_SHOW_HIDDEN_OVERRIDE) {
$sql .= " and {$table_prefix}enabled='yes'";
}
return '(' . $sql . ')';
}
