Changeset 1757 for trunk/include/ws_functions.inc.php
- Timestamp:
- Jan 27, 2007, 9:22:12 AM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/ws_functions.inc.php
r1756 r1757 33 33 * 34 34 * - Args 35 * $params: is where clauses 36 * $img_tbl: indicates if phpwebgallery_images is selected 35 * $method: is the requested method 37 36 * $partner: is the key 38 37 * $tbl_name: is the alias_name in the query (sometimes called correlation name) 38 * null if !getting picture informations 39 39 * - Logic 40 40 * Access_control is not active: Return … … 46 46 * The additionnal in-where-clause is return 47 47 */ 48 function ws_add_controls( $ params, $img_tbl=false, $partner='', $tbl_name='')49 { 50 global $conf ;48 function ws_add_controls( $method, $tbl_name ) 49 { 50 global $conf, $partner; 51 51 if ( !$conf['ws_access_control'] ) 52 52 { 53 53 return ' 1 = 1 '; // No controls are requested 54 54 } 55 // Step 1 - Found Partner 55 56 // Is it an active Partner? 56 57 $query = ' 57 SELECT FROM '.WEB_SERVICES_ACCESS_TABLE." 58 WHERE `name` = '$partner';"; 58 SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE." 59 WHERE `name` = '$partner' 60 AND NOW() <= end; "; 59 61 $result = pwg_query($query); 60 if ( mysql_num_rows( pwg_query($query)) = 0 )62 if ( mysql_num_rows( $result ) = 0 ) 61 63 { 62 return ' 0 = 1 '; // Unknown partner 63 } 64 // Step 2 - Clauses / Request matching 65 // Restrict Request has to be redefined first 66 // Step 3 - Target restrict 67 return $addings; 64 return ' 0 = 1 '; // Unknown partner or Obsolate agreement 65 } 66 67 $row = mysql_fetch_array($result); 68 69 // Method / Request matching 70 // Generic is not ready 71 // For generic you can say... tags. or categories. or images. maybe? 72 $filter = $row['request']; 73 $request_method = substr($method, 0, strlen($filter)) ; 74 if ( $filter !== $filter_method ) 75 { 76 return ' 0 = 1'; // Unauthorized method request 77 } 78 79 // Target restrict 80 // 3 cases: list, cat or tag 81 // Behind / we could found img-ids, cat-ids or tag-ids 82 $target = $row['access']; 83 list($type, $str_ids) = explode('/',$target); // Find type list 84 85 $ids = explode( ',',$str_ids ); 86 // (array) 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6, 87 $arr_ids = expand_id_list( $ids ); 88 $addings = implode(',', $arr_ids); 89 // (string) 1,2,3,4,5,6,9,10,11,12,13,21,22, 90 if ( $type = 'list') 91 { 92 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 93 } 94 95 if ( $type = 'cat' ) 96 { 97 $addings = implode(',', get_image_ids_for_cats($arr_ids)); 98 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 99 } 100 101 if ( $type = 'tag' ) 102 { 103 $addings = implode(',', get_image_ids_for_tags($arr_ids, 'OR')); 104 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 105 } 106 // Unmanaged new type? 107 return ' 0 = 1 '; // ??? 68 108 } 69 109 … … 191 231 function ws_getVersion($params, &$service) 192 232 { 233 // Needed for security reason... Maybe??? 234 // $where_clause[] = 235 // ws_add_controls( 'getVersion', null ); 193 236 return PHPWG_VERSION; 194 237 } … … 250 293 .')'; 251 294 252 // example of ws_add_controls call295 // Mandatory 253 296 // $where_clause[] = 254 // ws_add_controls call( $params, true, $partner, $tbl_name='i.' );297 // ws_add_controls( 'categories.getImages', 'i.' ); 255 298 256 299 $order_by = ws_std_image_sql_order($params, 'i.'); … … 372 415 } 373 416 417 // To ONLY build external links maybe ??? 418 // $where_clause[] = 419 // ws_add_controls( 'categories.getList', null ); 420 // Making links in a Blog... 421 374 422 $query = ' 375 423 SELECT id, name, uppercats, global_rank, … … 417 465 return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id"); 418 466 } 467 // Mandatory (No comment) 468 // $where_clause[] = 469 // ws_add_controls( 'images.getInfo', '' ); 419 470 $query=' 420 471 SELECT * FROM '.IMAGES_TABLE.' … … 649 700 $image_ids = array(); 650 701 $image_tag_map = array(); 651 702 652 703 if ( !empty($tag_ids) ) 653 704 { // build list of image ids with associated tags per image … … 687 738 ); 688 739 $where_clauses[] = 'id IN ('.implode(',',$image_ids).')'; 740 // Mandatory 741 // $where_clause[] = 742 // ws_add_controls( 'tags.getImages', '' ); 743 689 744 $order_by = ws_std_image_sql_order($params); 690 745 if (empty($order_by))
Note: See TracChangeset
for help on using the changeset viewer.