Changeset 1777
- Timestamp:
- Feb 3, 2007, 4:50:07 PM (18 years ago)
- Location:
- trunk/include
- Files:
-
- 1 deleted
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/ws_functions.inc.php
r1768 r1777 52 52 53 53 /** 54 * ws_add _controls54 * ws_addControls 55 55 * returns additionnal controls if requested 56 56 * usable for 99% of Web Service methods 57 57 * 58 58 * - Args 59 * $method : is the requested method59 * $methodName: is the requested method 60 60 * $partner: is the key 61 61 * $tbl_name: is the alias_name in the query (sometimes called correlation name) … … 70 70 * The additionnal in-where-clause is return 71 71 */ 72 function ws_add _controls( $method, $tbl_name )73 { 74 global $conf, $ partner;72 function ws_addControls( $methodName, $tbl_name ) 73 { 74 global $conf, $calling_partner_id, $params; 75 75 if ( !$conf['ws_access_control'] ) 76 76 { … … 81 81 $query = ' 82 82 SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE." 83 WHERE `name` = '$ partner'83 WHERE `name` = '$calling_partner_id' 84 84 AND NOW() <= end; "; 85 85 $result = pwg_query($query); … … 95 95 // For generic you can say... tags. or categories. or images. maybe? 96 96 $filter = $row['request']; 97 $request_method = substr($method , 0, strlen($filter)) ;97 $request_method = substr($methodName, 0, strlen($filter)) ; 98 98 if ( $filter !== $filter_method ) 99 99 { 100 100 return ' 0 = 1'; // Unauthorized method request 101 101 } 102 102 // Overide general object limit 103 $params['per_page'] = $row['limit']; 104 103 105 // Target restrict 104 106 // 3 cases: list, cat or tag … … 248 250 function ws_getVersion($params, &$service) 249 251 { 250 // Needed for security reason... Maybe??? 251 // $where_clause[] = 252 // ws_add_controls( 'getVersion', null ); 252 // TODO = Version availability is under control of $conf['show_version'] 253 253 return PHPWG_VERSION; 254 254 } … … 310 310 .')'; 311 311 312 // Mandatory 313 // $where_clause[] = 314 // ws_add_controls( 'categories.getImages', 'i.' ); 312 $where_clause[] = 313 ws_addControls( 'categories.getImages', 'i.' ); 315 314 316 315 $order_by = ws_std_image_sql_order($params, 'i.'); … … 432 431 } 433 432 434 // To ONLY build external links maybe ???435 // $where_clause[] =436 // ws_add_controls( 'categories.getList', null );437 // Making links in a Blog...438 439 433 $query = ' 440 434 SELECT id, name, uppercats, global_rank, … … 482 476 return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id"); 483 477 } 484 // Mandatory (No comment) 485 // $where_clause[] = 486 // ws_add_controls( 'images.getInfo', '' ); 478 487 479 $query=' 488 480 SELECT * FROM '.IMAGES_TABLE.' … … 491 483 array('visible_images' => 'id'), 492 484 ' AND' 493 ).' 494 LIMIT 1'; 485 ).' AND '. 486 ws_addControls( 'images.getInfo', '' ).' 487 LIMIT 1;'; 495 488 496 489 $image_row = mysql_fetch_assoc(pwg_query($query)); … … 755 748 ); 756 749 $where_clauses[] = 'id IN ('.implode(',',$image_ids).')'; 757 // Mandatory 758 // $where_clause[] = 759 // ws_add_controls( 'tags.getImages', '' ); 750 $where_clause[] = 751 ws_addControls( 'tags.getImages', 'i.' ); 760 752 761 753 $order_by = ws_std_image_sql_order($params);
Note: See TracChangeset
for help on using the changeset viewer.