diff options
| author | Dries Buytaert <dries@buytaert.net> | 2004-09-27 20:10:29 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2004-09-27 20:10:29 +0000 |
| commit | fc3676d50b9c50f471f8591bcaf07b864e86bf4b (patch) | |
| tree | 2d9404949540b99c376173f436fa10af1b6aadbc /modules/comment.module | |
| parent | 8d2eb9a55f19045d3a5e6fd352cdc3f0946740ae (diff) | |
| download | brdo-fc3676d50b9c50f471f8591bcaf07b864e86bf4b.tar.gz brdo-fc3676d50b9c50f471f8591bcaf07b864e86bf4b.tar.bz2 | |
- Patch #10977 by Gerhard: added node permission checks to the SQL queries.
NOTE: I had to modify the book module patch for it to work -- it was throwing SQL errors at me.
Diffstat (limited to 'modules/comment.module')
| -rw-r--r-- | modules/comment.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/comment.module b/modules/comment.module index acb9679c0..d50e34532 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -304,7 +304,7 @@ function comment_search($keys = NULL) { print theme('page', search_type('comment', url('admin/comment/search'), $_POST['keys'])); } else if ($keys) { - $find = do_search(array("keys" => $keys, "type" => 'comment', "select" => "select s.lno as lno, c.nid as nid, c.subject as title, c.timestamp as created, u.uid as uid, u.name as name, s.count as count FROM {search_index} s, {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE s.lno = c.cid AND s.type = 'comment' AND c.status = 0 AND s.word like '%'")); + $find = do_search(array('keys' => $keys, 'type' => 'comment', 'select' => 'SELECT s.lno AS lno, c.nid AS nid, c.subject AS title, c.timestamp AS created, u.uid AS uid, u.name AS name, s.count AS count FROM {search_index} s, {comments} c INNER JOIN {users} u ON c.uid = u.uid '. node_access_join_sql('c') .' WHERE '. node_access_where_sql() ." AND s.lno = c.cid AND s.type = 'comment' AND c.status = 0 AND s.word like '%'")); return array(t('Matching comments ranked in order of relevance'), $find); } } |