diff options
| -rw-r--r-- | modules/forum/forum.module | 16 | ||||
| -rw-r--r-- | modules/node/node.module | 45 |
2 files changed, 36 insertions, 25 deletions
diff --git a/modules/forum/forum.module b/modules/forum/forum.module index d652eeff8..e41280b53 100644 --- a/modules/forum/forum.module +++ b/modules/forum/forum.module @@ -502,8 +502,20 @@ function forum_block_view($delta = '') { switch ($delta) { case 'active': $title = t('Active forum topics'); - $sql = db_rewrite_sql("SELECT n.nid, n.title, l.comment_count, l.last_comment_timestamp FROM {node} n INNER JOIN {term_node} tn ON tn.vid = n.vid INNER JOIN {term_data} td ON td.tid = tn.tid INNER JOIN {node_comment_statistics} l ON n.nid = l.nid WHERE n.status = 1 AND td.vid = %d ORDER BY l.last_comment_timestamp DESC"); - $result = db_query_range($sql, variable_get('forum_nav_vocabulary', ''), 0, variable_get('forum_block_num_active', '5')); + $query = db_select('node', 'n'); + $tn_alias = $query->join('term_node', 'tn', 'tn.vid = n.vid'); + $td_alias = $query->join('term_data', 'td', 'tn.tid = tn.tid'); + $l_alias = $query->join('node_comment_statistics', 'l', 'n.nid = l.nid'); + $query->addField('n', 'nid', 'nid'); + $query->addField('n', 'title', 'title'); + $query->addField($l_alias, 'comment_count', 'comment_count'); + $query->addField($l_alias, 'last_comment_timestamp'); + $query->condition("n.status", 1); + $query->condition("{$td_alias}.vid", variable_get('forum_nav_vocabulary', '')); + $query->orderBy("{$l_alias}.last_comment_timestamp", 'DESC'); + $query->range(0, variable_get('forum_block_num_active', '5')); + $query->addTag('node_access'); + $result = $query->execute(); $content = node_title_list($result); break; diff --git a/modules/node/node.module b/modules/node/node.module index adb807437..a8fd56528 100644 --- a/modules/node/node.module +++ b/modules/node/node.module @@ -2341,35 +2341,34 @@ function node_db_rewrite_sql($query, $primary_table, $primary_field) { } } - /** * Implementation of hook_query_alter(). - * @todo This doesn't quite work yet. */ -function DISABLED_node_query_alter(Query $query) { - if ($query->hasTag('node_access')) { - if (! user_access('administer nodes')) { - $query->distinct(); - $access_alias = $query->join('node_access', 'na', 'na.nid = n.nid'); - dsm('hello'); - _node_query_alter_where($query, 'view', $access_alias); +function node_query_alter(QueryAlterableInterface $query) { + if ($query->hasTag('node_access') && !node_access_view_all_nodes()) { + $query->distinct(); + if (!$op = $query->getMetaData('op')) { + $op = 'view'; } - } -} + if (!user_access('bypass node access')) { + $access_alias = $query->join('node_access', 'na', 'na.nid = n.nid'); + $or = db_or(); + foreach (node_access_grants($op, $query->getMetaData('account')) as $realm => $gids) { + foreach ($gids as $gid) { + $or->condition(db_and() + ->condition("{$access_alias}.gid", $gid) + ->condition("{$access_alias}.realm", $realm) + ); + } + } -function _node_query_alter_where($query, $op = 'view', $node_access_alias = 'na', $account = NULL) { - $or = db_or(); - foreach (node_access_grants($op, $account) as $realm => $gids) { - foreach ($gids as $gid) { - $or->condition("{$node_access_alias}.gid = :gid AND {$node_access_alias}.realm = :realm", array(':gid' => $gid, ':realm' => $realm)); + if (count($or->conditions())) { + $query->condition($or); + } + + $query->condition("{$access_alias}.grant_$op", 1, '>='); } - } - - if (count($or->conditions())) { - $query->condition($or); - } - - $query->condition("$node_access_alias.grant_$op", '>=', 1); + } } /** |