diff options
author | Steven Wittens <steven@10.no-reply.drupal.org> | 2005-11-24 20:54:22 +0000 |
---|---|---|
committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2005-11-24 20:54:22 +0000 |
commit | a5c43ec402cdcc1f81271009ae86960a2587b0b7 (patch) | |
tree | e1736cf071a5a2eb96748421705d3f2dc3849e32 /modules/profile | |
parent | b1bb2d5c602c63fb6e94988d33f044d2a2ab0e26 (diff) | |
download | brdo-a5c43ec402cdcc1f81271009ae86960a2587b0b7.tar.gz brdo-a5c43ec402cdcc1f81271009ae86960a2587b0b7.tar.bz2 |
- #37956: Respect weighting in profile browse pages
- Fix non-pgsql compliant ORDER BY queries
- Clean up ugly section that used db_escape_string()
Diffstat (limited to 'modules/profile')
-rw-r--r-- | modules/profile/profile.module | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/modules/profile/profile.module b/modules/profile/profile.module index 605e9ccb3..25e14299b 100644 --- a/modules/profile/profile.module +++ b/modules/profile/profile.module @@ -60,7 +60,7 @@ function profile_block($op = 'list', $delta = 0, $edit = array()) { else if ($op == 'configure' && $delta == 0) { // Compile a list of fields to show $fields = array(); - $result = db_query('SELECT name, title FROM {profile_fields} ORDER BY weight'); + $result = db_query('SELECT name, title, weight FROM {profile_fields} ORDER BY weight'); while ($record = db_fetch_object($result)) { $fields[$record->name] = $record->title; } @@ -80,10 +80,10 @@ function profile_block($op = 'list', $delta = 0, $edit = array()) { if ($use_fields = variable_get('profile_block_author_fields', array())) { // Compile a list of fields to show $fields = array(); - $result = db_query('SELECT name, title, type, visibility FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); - while ($record = db_fetch_object($result)) { - // Endure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions. - if (in_array($record->name, $use_fields)) { + $result = db_query('SELECT name, title, type, visibility, weight FROM {profile_fields} WHERE visibility IN (%d, %d) ORDER BY weight', PROFILE_PUBLIC, PROFILE_PUBLIC_LISTINGS); + while ($record = db_fetch_object($result)) { + // Ensure that field is displayed only if it is among the defined block fields and, if it is private, the user has appropriate permissions. + if (in_array($record->name, $use_fields)) { $fields[] = $record; } } @@ -159,21 +159,24 @@ function profile_browse() { // Compile a list of fields to show $fields = array(); - $result = db_query('SELECT name, title, type FROM {profile_fields} WHERE fid != %d AND visibility = %d ORDER BY weight', $field->fid, PROFILE_PUBLIC_LISTINGS); + $result = db_query('SELECT name, title, type, weight FROM {profile_fields} WHERE fid != %d AND visibility = %d ORDER BY weight', $field->fid, PROFILE_PUBLIC_LISTINGS); while ($record = db_fetch_object($result)) { $fields[] = $record; } // Determine what query to use: + $arguments = array($field->fid); switch ($field->type) { case 'checkbox': $query = 'v.value = 1'; break; case 'selection': - $query = "v.value = '". db_escape_string($value) ."'"; + $query = "v.value = '%s'"; + $arguments[] = $value; break; case 'list': - $query = "v.value LIKE '%%". db_escape_string($value) ."%%'"; + $query = "v.value LIKE '%%%s%%'"; + $arguments[] = $value; break; default: drupal_not_found(); @@ -181,7 +184,7 @@ function profile_browse() { } // Extract the affected users: - $result = pager_query("SELECT u.uid FROM {users} u INNER JOIN {profile_values} v ON u.uid = v.uid WHERE v.fid = %d AND $query ORDER BY u.access DESC", 20, 0, NULL, $field->fid); + $result = pager_query("SELECT u.uid, u.access FROM {users} u INNER JOIN {profile_values} v ON u.uid = v.uid WHERE v.fid = %d AND $query ORDER BY u.access DESC", 20, 0, NULL, $arguments); $output = '<div id="profile">'; while ($account = db_fetch_object($result)) { @@ -208,13 +211,13 @@ function profile_browse() { else { // Compile a list of fields to show $fields = array(); - $result = db_query('SELECT name, title, type FROM {profile_fields} WHERE visibility = %d', PROFILE_PUBLIC_LISTINGS); + $result = db_query('SELECT name, title, type, weight FROM {profile_fields} WHERE visibility = %d ORDER BY weight', PROFILE_PUBLIC_LISTINGS); while ($record = db_fetch_object($result)) { $fields[] = $record; } // Extract the affected users: - $result = pager_query("SELECT uid FROM {users} WHERE uid > 0 ORDER BY access DESC", 20, 0, NULL); + $result = pager_query("SELECT uid, access FROM {users} WHERE uid > 0 ORDER BY access DESC", 20, 0, NULL); $output = '<div id="profile">'; while ($account = db_fetch_object($result)) { @@ -634,7 +637,7 @@ function theme_profile_listing($account, $fields = array()) { foreach ($fields as $field) { if ($field->value) { - $output .= " <div class=\"field\">$value</div>\n"; + $output .= " <div class=\"field\">$field->value</div>\n"; } } |