Fehler in grouppermission Teil2

Please report bugs here!

Moderator: Thorsten

Post Reply
Thorsten
Posts: 15729
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:
Contact Thorsten

Post by Thorsten »

Hi,

nein... es ist auch nur eine Methode: PMF_Faq::getRecord():

Code: Select all

Index: phpmyfaq/inc/Faq.php
===================================================================
--- phpmyfaq/inc/Faq.php	(revision 3658)
+++ phpmyfaq/inc/Faq.php	(working copy)
@@ -574,6 +574,18 @@
     {
         global $PMF_LANG;
 
+        if ($this->groupSupport) {
+            $permPart = sprintf("( fdg.group_id IN (%s)
+            OR
+                (fdu.user_id = %d AND fdg.group_id IN (%s)))",
+                implode(', ', $this->groups),
+                $this->user,
+                implode(', ', $this->groups));
+        } else {
+            $permPart = sprintf("( fdu.user_id = %d OR fdu.user_id = -1 )",
+                $this->user);
+        }
+        
         $query = sprintf(
             "SELECT
                  id, lang, solution_id, revision_id, active, keywords, thema,
@@ -593,18 +605,22 @@
                 id = %d
             %s
             AND
-                lang = '%s'",
+                lang = '%s'
+            AND
+                %s",
             SQLPREFIX,
             isset($revision_id) ? 'faqdata_revisions': 'faqdata',
-
             SQLPREFIX,
             SQLPREFIX,
             SQLPREFIX,
             SQLPREFIX,
             $id,
             isset($revision_id) ? 'AND revision_id = '.$revision_id : '',
-            $this->language);
+            $this->language,
+            $permPart);
 
         $result = $this->db->query($query);
 
         if ($row = $this->db->fetch_object($result)) {
Schau mal bitte, ob das so bei dir passt.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Top
tobgo
Posts: 52
Joined: Fri Sep 15, 2006 1:54 pm

Post by tobgo »

da steht bei mir leider was komplett anderes drinnen....

Code: Select all

    /**
     * Returns an array with all data from a FAQ record
     *
     * @param    integer    record id
     * @param    integer    revision id
     * @param    boolean    must be true if it is called by an admin/author context
     * @return   void
     * @access   public
     * @since    2005-12-20
     * @author   Thorsten Rinne <thorsten@phpmyfaq.de>
     * @author   Matteo Scaramuccia <matteo@scaramuccia.com>
     */
    function getRecord($id, $revision_id = null, $admin = false)
    {
        global $PMF_LANG;

        $query = sprintf(
            "SELECT
                 id, lang, solution_id, revision_id, active, keywords, thema,
                 content, author, email, comment, datum, links_state,
                 links_check_date, date_start, date_end
            FROM
                %s%s fd
            LEFT JOIN
                %sfaqdata_group
            ON
                fd.id = %sfaqdata_group.record_id
            LEFT JOIN
                %sfaqdata_user
            ON
                fd.id = %sfaqdata_user.record_id
            WHERE
                id = %d
            %s
            AND
                lang = '%s'",
            SQLPREFIX,
            isset($revision_id) ? 'faqdata_revisions': 'faqdata',

            SQLPREFIX,
            SQLPREFIX,
            SQLPREFIX,
            SQLPREFIX,
            $id,
            isset($revision_id) ? 'AND revision_id = '.$revision_id : '',
            $this->language);

        $result = $this->db->query($query);

        if ($row = $this->db->fetch_object($result)) {

            $content        = $row->content;
            $active         = ('yes' == $row->active);
            $expired        = (date('YmdHis') > $row->date_end);

            if (!$admin) {
                if (!$active) {
                    $content = $this->pmf_lang['err_inactiveArticle'];
                }
                if ($expired) {
                    $content = $this->pmf_lang['err_expiredArticle'];
                }
            }

            $this->faqRecord = array(
                'id'            => $row->id,
                'lang'          => $row->lang,
                'solution_id'   => $row->solution_id,
                'revision_id'   => $row->revision_id,
                'active'        => $row->active,
                'keywords'      => $row->keywords,
                'title'         => $row->thema,
                'content'       => $content,
                'author'        => $row->author,
                'email'         => $row->email,
                'comment'       => $row->comment,
                'date'          => makeDate($row->datum),
                'dateStart'     => $row->date_start,
                'dateEnd'       => $row->date_end,
                'linkState'     => $row->links_state,
                'linkCheckDate' => $row->links_check_date
                );
        } else {
            $this->faqRecord = array(
                'id'            => $id,
                'lang'          => $this->language,
                'solution_id'   => 42,
                'revision_id'   => 0,
                'active'        => 'no',
                'keywords'      => '',
                'title'         => '',
                'content'       => $PMF_LANG['err_inactiveArticle'],
                'author'        => '',
                'email'         => '',
                'comment'       => '',
                'date'          => makeDate(date('YmdHis')),
                'dateStart'     => '',
                'dateEnd'       => '',
                'linkState'     => '',
                'linkCheckDate' => ''
                );
        }
    }
Top
Thorsten
Posts: 15729
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:
Contact Thorsten

Post by Thorsten »

Hi,

das ist auch nur ein diff...

+ bedeutet, dass ich das hinzugefügt habe

- bedeutet, dass es entfernt wurde

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Top
tobgo
Posts: 52
Joined: Fri Sep 15, 2006 1:54 pm

Post by tobgo »

ok, wer lesen kann ist klar im Vorteil :)

Aber wenn ich das nun ändere, dann erscheint beim Aufruf aller Artikels folgende Meldung: Der Artikel wird zur Zeit überarbeitet und kann leider nicht angezeigt werden.


Hier nochmals ein Auszug von meiner Änderung:

Code: Select all

    function getRecord($id, $revision_id = null, $admin = false)
    {
        global $PMF_LANG;

        if ($this->groupSupport) { 
            $permPart = sprintf("( fdg.group_id IN (%s) 
            OR 
                (fdu.user_id = %d AND fdg.group_id IN (%s)))", 
                implode(', ', $this->groups), 
                $this->user, 
                implode(', ', $this->groups)); 
        } else { 
            $permPart = sprintf("( fdu.user_id = %d OR fdu.user_id = -1 )", 
                $this->user); 
        } 
      


        $query = sprintf(
            "SELECT
                 id, lang, solution_id, revision_id, active, keywords, thema,
                 content, author, email, comment, datum, links_state,
                 links_check_date, date_start, date_end
            FROM
                %s%s fd
            LEFT JOIN
                %sfaqdata_group
            ON
                fd.id = %sfaqdata_group.record_id
            LEFT JOIN
                %sfaqdata_user
            ON
                fd.id = %sfaqdata_user.record_id
            WHERE
                id = %d
            %s
            AND
                lang = '%s' 
            AND 
                %s",
            SQLPREFIX,
            isset($revision_id) ? 'faqdata_revisions': 'faqdata',
            SQLPREFIX,
            SQLPREFIX,
            SQLPREFIX,
            SQLPREFIX,
            $id,
            isset($revision_id) ? 'AND revision_id = '.$revision_id : '',
            $this->language, 
            $permPart); 

        $result = $this->db->query($query);

        if ($row = $this->db->fetch_object($result)) {

            $content        = $row->content;
            $active         = ('yes' == $row->active);
            $expired        = (date('YmdHis') > $row->date_end);
Top
Thorsten
Posts: 15729
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:
Contact Thorsten

Post by Thorsten »

Hi,

ja, die Meldung ist nicht so wirklich gut, aber der Schutz ist da. Ich muss das mal besser überarbeiten...

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Top
tobgo
Posts: 52
Joined: Fri Sep 15, 2006 1:54 pm

Post by tobgo »

kannst ja hier nochmals reinposten :)
Danke!
Top
Thorsten
Posts: 15729
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:
Contact Thorsten

Post by Thorsten »

Hi,

ich hab noch einen Fehler gefunden. Hier die gefixte Methode:

Code: Select all

    /**
     * Returns an array with all data from a FAQ record
     *
     * @param    integer    record id
     * @param    integer    revision id
     * @param    boolean    must be true if it is called by an admin/author context
     * @return   void
     * @access   public
     * @since    2005-12-20
     * @author   Thorsten Rinne <thorsten@phpmyfaq.de>
     * @author   Matteo Scaramuccia <matteo@scaramuccia.com>
     */
    function getRecord($id, $revision_id = null, $admin = false)
    {
        global $PMF_LANG;

        if ($this->groupSupport) {
            $permPart = sprintf("( fdg.group_id IN (%s)
            OR
                (fdu.user_id = %d AND fdg.group_id IN (%s)))",
                implode(', ', $this->groups),
                $this->user,
                implode(', ', $this->groups));
        } else {
            $permPart = sprintf("( fdu.user_id = %d OR fdu.user_id = -1 )",
                $this->user);
        }
        
        $query = sprintf(
            "SELECT
                 id, lang, solution_id, revision_id, active, keywords, thema,
                 content, author, email, comment, datum, links_state,
                 links_check_date, date_start, date_end
            FROM
                %s%s fd
            LEFT JOIN
                %sfaqdata_group fdg
            ON
                fd.id = fdg.record_id
            LEFT JOIN
                %sfaqdata_user fdu
            ON
                fd.id = fdu.record_id
            WHERE
                fd.id = %d
            %s
            AND
                fd.lang = '%s'
            AND
                %s",
            SQLPREFIX,
            isset($revision_id) ? 'faqdata_revisions': 'faqdata',
            SQLPREFIX,
            SQLPREFIX,
            $id,
            isset($revision_id) ? 'AND revision_id = '.$revision_id : '',
            $this->language,
            $permPart);

        $result = $this->db->query($query);

        if ($row = $this->db->fetch_object($result)) {

            $content        = $row->content;
            $active         = ('yes' == $row->active);
            $expired        = (date('YmdHis') > $row->date_end);

            if (!$admin) {
                if (!$active) {
                    $content = $this->pmf_lang['err_inactiveArticle'];
                }
                if ($expired) {
                    $content = $this->pmf_lang['err_expiredArticle'];
                }
            }

            $this->faqRecord = array(
                'id'            => $row->id,
                'lang'          => $row->lang,
                'solution_id'   => $row->solution_id,
                'revision_id'   => $row->revision_id,
                'active'        => $row->active,
                'keywords'      => $row->keywords,
                'title'         => $row->thema,
                'content'       => $content,
                'author'        => $row->author,
                'email'         => $row->email,
                'comment'       => $row->comment,
                'date'          => makeDate($row->datum),
                'dateStart'     => $row->date_start,
                'dateEnd'       => $row->date_end,
                'linkState'     => $row->links_state,
                'linkCheckDate' => $row->links_check_date
                );
        } else {
            $this->faqRecord = array(
                'id'            => $id,
                'lang'          => $this->language,
                'solution_id'   => 42,
                'revision_id'   => 0,
                'active'        => 'no',
                'keywords'      => '',
                'title'         => '',
                'content'       => $PMF_LANG['err_inactiveArticle'],
                'author'        => '',
                'email'         => '',
                'comment'       => '',
                'date'          => makeDate(date('YmdHis')),
                'dateStart'     => '',
                'dateEnd'       => '',
                'linkState'     => '',
                'linkCheckDate' => ''
                );
        }
    }
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Top
tobgo
Posts: 52
Joined: Fri Sep 15, 2006 1:54 pm

Post by tobgo »

ok, habe ich komplett geändert, aber ich habe trotzdem noch Zugriff auf den geschützten Beitrag, wenn ich nicht angemeldet bin...
Top
Thorsten
Posts: 15729
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:
Contact Thorsten

Post by Thorsten »

Hi,

ich hier nicht auf meinem Testsystem, die Query passt nun auch... evtl fehlen dir dann Fixes von 2.0.7 und später.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Top
Post Reply

Return to “Bug reports”