flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added permission checks to the recursive read status and last post function.

Browse source
This commit is contained in:
flash 2019-04-11 20:37:51 +02:00
parent 3686429df9
commit deda5b1996
1 changed files with 47 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
src/Forum/forum.php
View file

@ -270,7 +270,6 @@ function forum_get_child_ids(int $forumId): array
return $memoized[$forumId] = array_column($children, 'forum_id'); return $memoized[$forumId] = array_column($children, 'forum_id');
} }
// TODO: Permissions checks
function forum_topics_unread(int $forumId, int $userId): int function forum_topics_unread(int $forumId, int $userId): int
{ {
if ($userId < 1 || $forumId < 1) { if ($userId < 1 || $forumId < 1) {
@ -291,27 +290,33 @@ function forum_topics_unread(int $forumId, int $userId): int
$memoized[$memoId] += forum_topics_unread($child, $userId); $memoized[$memoId] += forum_topics_unread($child, $userId);
} }
$countUnread = db_prepare(' $countUnread = db_prepare(sprintf(
'
SELECT COUNT(ti.`topic_id`) SELECT COUNT(ti.`topic_id`)
FROM `msz_forum_topics` AS ti FROM `msz_forum_topics` AS ti
LEFT JOIN `msz_forum_topics_track` AS tt LEFT JOIN `msz_forum_topics_track` AS tt
ON tt.`topic_id` = ti.`topic_id` AND tt.`user_id` = :user_id ON tt.`topic_id` = ti.`topic_id` AND tt.`user_id` = :user_id
WHERE ti.`forum_id` = :forum_id WHERE ti.`forum_id` = :forum_id
AND (%s) > %d
AND ti.`topic_deleted` IS NULL AND ti.`topic_deleted` IS NULL
AND ti.`topic_bumped` >= NOW() - INTERVAL 1 MONTH AND ti.`topic_bumped` >= NOW() - INTERVAL 1 MONTH
AND ( AND (
tt.`track_last_read` IS NULL tt.`track_last_read` IS NULL
OR tt.`track_last_read` < ti.`topic_bumped` OR tt.`track_last_read` < ti.`topic_bumped`
) )
'); ',
forum_perms_get_user_sql(MSZ_FORUM_PERMS_GENERAL, 'ti.`forum_id`'),
MSZ_FORUM_PERM_SET_READ
));
$countUnread->bindValue('forum_id', $forumId); $countUnread->bindValue('forum_id', $forumId);
$countUnread->bindValue('user_id', $userId); $countUnread->bindValue('user_id', $userId);
$countUnread->bindValue('perm_user_id_user', $userId);
$countUnread->bindValue('perm_user_id_role', $userId);
$memoized[$memoId] += (int)($countUnread->execute() ? $countUnread->fetchColumn() : 0); $memoized[$memoId] += (int)($countUnread->execute() ? $countUnread->fetchColumn() : 0);
return $memoized[$memoId]; return $memoized[$memoId];
} }
// TODO: Permission checks
function forum_latest_post(int $forumId, int $userId): array function forum_latest_post(int $forumId, int $userId): array
{ {
if ($forumId < 1) { if ($forumId < 1) {
@ -325,7 +330,8 @@ function forum_latest_post(int $forumId, int $userId): array
return $memoized[$memoId]; return $memoized[$memoId];
} }
$getLastPost = db_prepare(' $getLastPost = db_prepare(sprintf(
'
SELECT SELECT
p.`post_id` AS `recent_post_id`, t.`topic_id` AS `recent_topic_id`, p.`post_id` AS `recent_post_id`, t.`topic_id` AS `recent_topic_id`,
t.`topic_title` AS `recent_topic_title`, t.`topic_bumped` AS `recent_topic_bumped`, t.`topic_title` AS `recent_topic_title`, t.`topic_bumped` AS `recent_topic_bumped`,
@ -343,9 +349,15 @@ function forum_latest_post(int $forumId, int $userId): array
ON r.`role_id` = u.`display_role` ON r.`role_id` = u.`display_role`
WHERE p.`forum_id` = :forum_id WHERE p.`forum_id` = :forum_id
AND p.`post_deleted` IS NULL AND p.`post_deleted` IS NULL
AND (%s) > %d
ORDER BY p.`post_id` DESC ORDER BY p.`post_id` DESC
'); ',
forum_perms_get_user_sql(MSZ_FORUM_PERMS_GENERAL, 't.`forum_id`'),
MSZ_FORUM_PERM_SET_READ
));
$getLastPost->bindValue('forum_id', $forumId); $getLastPost->bindValue('forum_id', $forumId);
$getLastPost->bindValue('perm_user_id_user', $userId);
$getLastPost->bindValue('perm_user_id_role', $userId);
$currentLast = db_fetch($getLastPost); $currentLast = db_fetch($getLastPost);
$children = forum_get_child_ids($forumId); $children = forum_get_child_ids($forumId);