--- includes/module.inc.1 2005-01-06 22:37:26.000000000 +0100
+++ includes/module.inc 2005-01-06 22:51:35.000000000 +0100
@@ -137,6 +137,30 @@
}
/**
+ * Determine which modules are implementing a hook.
+ *
+ * @param $hook
+ * The name of the hook (e.g. "help" or "menu").
+ * @return
+ * An array with the names of the modules which are implementing this hook.
+ */
+function module_implements($hook) {
+ static $implementations;
+
+ if (!isset($hooks[$hook])) {
+ $implementations[$hook] = array();
+ $list = module_list();
+ foreach ($list as $module) {
+ if (module_hook($module, $hook)) {
+ $implementations[$hook][] = $module;
+ }
+ }
+ }
+
+ return $implementations[$hook];
+}
+
+/**
* Invoke a hook in a particular module.
*
* @param $module
--- modules/node.module.1 2005-01-04 07:38:17.000000000 +0100
+++ modules/node.module 2005-01-08 12:40:10.000000000 +0100
@@ -578,7 +578,8 @@
variable_del('node_cron_last');
return;
case 'search':
- $find = do_search($keys, 'node', 'INNER JOIN {node} n ON n.nid = i.sid '. node_access_join_sql() .' INNER JOIN {users} u ON n.uid = u.uid', 'n.status = 1 AND '. node_access_where_sql());
+ list($join, $where) = _node_rewrite_sql(array('search'));
+ $find = do_search($keys, 'node', 'INNER JOIN {node} n ON n.nid = i.sid '. $join .' INNER JOIN {users} u ON n.uid = u.uid', 'n.status = 1 AND '. $where);
$results = array();
foreach ($find as $item) {
$node = node_load(array('nid' => $item));
@@ -1012,7 +1013,7 @@
global $base_url, $locale;
if (!$nodes) {
- $nodes = db_query_range('SELECT n.nid FROM {node} n '. node_access_join_sql() .' WHERE '. node_access_where_sql() .' AND n.promote = 1 AND n.status = 1 ORDER BY n.created DESC', 0, 15);
+ $nodes = db_query_range(node_rewrite_sql('SELECT n.nid FROM {node} n WHERE n.promote = 1 AND n.status = 1 ORDER BY n.created DESC'), 0, 15);
}
while ($node = db_fetch_object($nodes)) {
@@ -1463,7 +1464,7 @@
* Generate a listing of promoted nodes.
*/
function node_page_default() {
- $result = pager_query('SELECT DISTINCT(n.nid), n.sticky, n.created FROM {node} n '. node_access_join_sql() .' WHERE n.promote = 1 AND n.status = 1 AND '. node_access_where_sql() .' ORDER BY n.sticky DESC, n.created DESC', variable_get('default_nodes_main', 10));
+ $result = pager_query(node_rewrite_sql('SELECT n.nid, n.sticky, n.created FROM {node} n WHERE n.promote = 1 AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC',array('list')), variable_get('default_nodes_main', 10));
if (db_num_rows($result)) {
drupal_set_html_head('');
@@ -1719,7 +1720,7 @@
* An SQL join clause.
*/
function node_access_join_sql($node_alias = 'n', $node_access_alias = 'na') {
- if (user_access('administer nodes')) {
+ if (module_implements('access_grants')==array('node') || user_access('administer nodes')) {
return '';
}
@@ -1740,7 +1741,7 @@
* An SQL where clause.
*/
function node_access_where_sql($op = 'view', $node_access_alias = 'na', $uid = NULL) {
- if (user_access('administer nodes')) {
+ if (module_implements('access_grants')==array('node') || user_access('administer nodes')) {
// This number is being used in a SQL query as a boolean.
// It is "'1'" instead of "1" for database compatibility, as both
// PostgreSQL and MySQL treat it as boolean in this case.
@@ -1790,4 +1791,101 @@
* @} End of "defgroup node_access".
*/
+/**
+ * Implementation of hook_node_rewrite_sql
+ */
+function node_node_rewrite_sql () {
+ $return['join'] = node_access_join_sql();
+ $return['where'] = node_access_where_sql();
+ $return['distinct'] = !empty($return['join']);
+ return $return;
+}
+
+/*
+ * Helper function for node_rewrite_sql.
+ *
+ * Collects JOIN and WHERE statements via hook_sql.
+ * Decides whether to select nid or DISTINCT(nid)
+ *
+ * @param $hint
+ * An array of hint strings about the query, passed on to hook_sql handlers.
+ * @param $node_alias
+ * If the node table has been given an SQL alias other than the default
+ * "n", that must be passed here.
+ * @return
+ * An associative array: join => join statements, where => where statements, nid_to_select => nid or DISTINCT(nid)
+ */
+function _node_rewrite_sql($hint = array(), $node_alias = 'n') {
+
+ $where = array();
+ $join = array();
+ $distinct = FALSE;
+ foreach (module_implements('node_rewrite_sql') as $module) {
+ $result = module_invoke($module, 'node_rewrite_sql', $hint, $node_alias);
+ if (is_array($result)) {
+ if (isset($result['where'])) {
+ $where[] .= $result['where'];
+ }
+ if (isset($result['join'])) {
+ $join[] .= $result['join'];
+ }
+ if (isset($result['distinct']) && $result['distinct']) {
+ $distinct = TRUE;
+ }
+ }
+ elseif (isset($result)) {
+ $where[] .= $result;
+ }
+ }
+
+ $swhere = empty($where) ? '' : '('. implode(') AND (',$where).')';
+ $sjoin = empty($join) ? '' : implode(' ',$join);
+
+ return array($sjoin, $swhere, $distinct ? 'DISTINCT('.$node_alias.'.nid)' : $node_alias.'.nid');
+}
+
+/*
+ * Rewrites node queries.
+ *
+ * @param $query
+ * query to be rewritten
+ * @param $hint
+ * An array of hint strings about the query, passed on to hook_sql handlers.
+ * @param $node_alias
+ * If the node table has been given an SQL alias other than the default
+ * "n", that must be passed here.
+ * @return
+ * The original query with JOIN and WHERE statements inserted from hook_node_rewrite_sql implementations. nid is rewritten if needed.
+ */
+function node_rewrite_sql($query, $hint = array(), $node_alias = 'n') {
+
+ list($join, $where,$nid_to_select) = _node_rewrite_sql($hint, $node_alias);
+
+ $query = preg_replace('/(SELECT.*)('.$node_alias.'\.)?nid(.*FROM)/AUs', '\1'. $nid_to_select .'\3', $query);
+
+ $query = preg_replace('|FROM[^[:upper:]/,]+|','\0 '.$join.' ', $query);
+ if (strpos($query, 'WHERE')) {
+ $replace = 'WHERE';
+ $add = 'AND';
+ }
+ elseif (strpos($query, 'GROUP')) {
+ $replace = 'GROUP';
+ $add = 'GROUP';
+ }
+ elseif (strpos($query, 'ORDER')) {
+ $replace = 'ORDER';
+ $add = 'ORDER';
+ }
+ elseif (strpos($query, 'LIMIT')) {
+ $replace = 'LIMIT';
+ $add = 'LIMIT';
+ }
+ else
+ $query .= 'WHERE '. $where;
+ if (isset($replace)) {
+ $query = str_replace($replace, 'WHERE '.$where.' '.$add, $query);
+ }
+ return $query;
+}
+
?>
--- modules/archive.module.1 2005-01-08 12:54:11.000000000 +0100
+++ modules/archive.module 2005-01-08 12:44:12.000000000 +0100
@@ -72,7 +72,9 @@
$nextmonth = mktime(23, 59, 59, $month + 1, 1, $year);
$next = mktime(23, 59, 59, $month + 1, min(date('t', $nextmonth), $day), $year);
- $result = db_query('SELECT DISTINCT(n.nid), n.created FROM {node} n '. node_access_join_sql() .' WHERE n.status = 1 AND n.created > %d AND n.created < %d AND '. node_access_where_sql() .' ORDER BY n.created', $start_of_month, $end_of_month);
+ $sql = 'SELECT n.nid, n.created FROM {node} n WHERE n.status = 1 AND n.created > %d AND n.created < %d ORDER BY n.created';
+ $sql = node_rewrite_sql($sql);
+ $result = db_query($sql, $start_of_month, $end_of_month);
$days_with_posts = array();
while ($day_with_post = db_fetch_object($result)) {
@@ -239,7 +241,9 @@
if ($year && $month && $day) {
// Fetch nodes for the selected date, if one was specified.
- $result = db_query_range('SELECT DISTINCT(n.nid), n.created FROM {node} n '. node_access_join_sql() .' WHERE n.status = 1 AND n.created > %d AND n.created < %d AND '. node_access_where_sql() .' ORDER BY n.created', $date, $date_end, 0, 20);
+ $sql = 'SELECT n.nid, n.created FROM {node} n WHERE n.status = 1 AND n.created > %d AND n.created < %d ORDER BY n.created';
+ $sql = node_rewrite_sql($sql);
+ $result = db_query_range($sql, $date, $date_end, 0, 20);
while ($nid = db_fetch_object($result)) {
$output .= node_view(node_load(array('nid' => $nid->nid)), 1);
--- modules/comment.module.1 2004-12-03 09:50:55.000000000 +0100
+++ modules/comment.module 2005-01-08 09:18:42.000000000 +0100
@@ -157,7 +157,7 @@
return $blocks;
}
else if ($op == 'view' && user_access('access comments')) {
- $result = db_query_range('SELECT * FROM {comments} WHERE status = 0 ORDER BY timestamp DESC', 0, 10);
+ $result = db_query_range(node_rewrite_sql('SELECT c.nid,c.* FROM {comments} c WHERE status = 0 ORDER BY timestamp DESC',array('comment','related_list'),'c'), 0, 10);
$items = array();
while ($comment = db_fetch_object($result)) {
$items[] = l($comment->subject, 'node/'. $comment->nid, NULL, NULL, 'comment-'. $comment->cid) .' '. t('%time ago', array('%time' => format_interval(time() - $comment->timestamp)));
--- modules/forum.module.1 2005-01-06 22:44:31.000000000 +0100
+++ modules/forum.module 2005-01-08 09:43:40.000000000 +0100
@@ -135,9 +135,13 @@
case 'view':
if (user_access('access content')) {
- $content = node_title_list(db_query_range("SELECT DISTINCT(n.nid), n.title, l.last_comment_timestamp, l.comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid ". node_access_join_sql() ." WHERE n.status = 1 AND n.type='forum' AND ". node_access_where_sql() ." ORDER BY l.last_comment_timestamp DESC", 0, variable_get('forum_block_num', '5')), t('Active forum topics:'));
-
- $content .= node_title_list(db_query_range("SELECT DISTINCT(n.nid), n.title, l.comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid ". node_access_join_sql() ." WHERE n.type = 'forum' AND n.status = 1 AND ". node_access_where_sql() ." ORDER BY n.nid DESC", 0, variable_get('forum_block_num', '5')), t('New forum topics:'));
+ $sql = "SELECT n.nid, n.title, l.last_comment_timestamp, l.comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid WHERE n.status = 1 AND n.type='forum' ORDER BY l.last_comment_timestamp DESC";
+ $sql = node_rewrite_sql($sql, array('forum', 'block'));
+ $content = node_title_list(db_query_range($sql, 0, variable_get('forum_block_num', '5')), t('Active forum topics:'));
+
+ $sql = "SELECT n.nid, n.title, l.comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid WHERE n.type = 'forum' AND n.status = 1 ORDER BY n.nid DESC";
+ $sql = node_rewrite_sql($sql, array('forum', 'block'));
+ $content .= node_title_list(db_query_range($sql, 0, variable_get('forum_block_num', '5')), t('New forum topics:'));
if ($content) {
$content .= '
'. l(t('more'), 'forum', array('title' => t('Read the latest forum topics.'))) .'
';
@@ -162,7 +166,9 @@
if (!$main && $type == 'node' && $node->type == 'forum') {
// get previous and next topic
- $result = db_query("SELECT DISTINCT(n.nid), n.title, n.sticky, l.comment_count, l.last_comment_timestamp FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid " . node_access_join_sql() . " INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.status = 1 AND n.type='forum' AND " . node_access_where_sql() . ' ORDER BY n.sticky DESC, '. _forum_get_topic_order_sql(variable_get('forum_order', 1)), $node->tid);
+ $sql = "SELECT n.nid, n.title, n.sticky, l.comment_count, l.last_comment_timestamp FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.status = 1 AND n.type='forum' ORDER BY n.sticky DESC, ". _forum_get_topic_order_sql(variable_get('forum_order', 1));
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $result = db_query($sql, $node->tid);
while ($topic = db_fetch_object($result)) {
if ($stop == 1) {
@@ -356,7 +362,9 @@
$counts = array();
- $_counts = db_query("SELECT r.tid, COUNT(n.nid) AS topic_count, SUM(l.comment_count) AS comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid INNER JOIN {term_node} r ON n.nid = r.nid " . node_access_join_sql() . " WHERE n.status = 1 AND n.type = 'forum' AND " . node_access_where_sql() . " GROUP BY r.tid", $forum->tid);
+ $sql = "SELECT r.tid, COUNT(n.nid) AS topic_count, SUM(l.comment_count) AS comment_count FROM {node} n INNER JOIN {node_comment_statistics} l ON n.nid = l.nid INNER JOIN {term_node} r ON n.nid = r.nid WHERE n.status = 1 AND n.type = 'forum' GROUP BY r.tid";
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $_counts = db_query($sql, $forum->tid);
while ($count = db_fetch_object($_counts)) {
$counts[$count->tid] = $count;
}
@@ -379,7 +387,9 @@
// This query does not use full ANSI syntax since MySQL 3.x does not support
// table1 INNER JOIN table2 INNER JOIN table3 ON table2_criteria ON table3_criteria
// used to join node_comment_statistics to users.
- $topic = db_fetch_object(db_query_range('SELECT DISTINCT(n.nid), l.last_comment_timestamp, IF(l.last_comment_uid, cu.name, l.last_comment_name) as last_comment_name, l.last_comment_uid FROM {node} n ' . node_access_join_sql() . ", {node_comment_statistics} l /*! USE INDEX (node_comment_timestamp) */, {users} cu, {term_node} r WHERE n.nid = r.nid AND r.tid = %d AND n.status = 1 AND n.type = 'forum' AND l.last_comment_uid = cu.uid AND n.nid = l.nid AND " . node_access_where_sql() . ' ORDER BY l.last_comment_timestamp DESC', $forum->tid, 0, 1));
+ $sql = "SELECT n.nid, l.last_comment_timestamp, IF(l.last_comment_uid, cu.name, l.last_comment_name) as last_comment_name, l.last_comment_uid FROM {node} n, {node_comment_statistics} l /*! USE INDEX (node_comment_timestamp) */, {users} cu, {term_node} r WHERE n.nid = r.nid AND r.tid = %d AND n.status = 1 AND n.type = 'forum' AND l.last_comment_uid = cu.uid AND n.nid = l.nid ORDER BY l.last_comment_timestamp DESC";
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $topic = db_fetch_object(db_query_range($sql, $forum->tid, 0, 1));
$last_post = new StdClass();
$last_post->timestamp = $topic->last_comment_timestamp;
@@ -397,8 +407,12 @@
// Calculate the number of topics the user has read. Assume all entries older
// than NODE_NEW_LIMIT are read, and include the recent posts that user has
// read.
- $ancient = db_result(db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d ". node_access_join_sql() ." WHERE n.created <= %d AND n.status = 1 AND n.type = 'forum' AND ". node_access_where_sql(), $term, NODE_NEW_LIMIT));
- $recent = db_result(db_query("SELECT COUNT(n.nid) FROM {node} n ". node_access_join_sql() ." INNER JOIN {history} h ON n.nid = h.nid AND h.uid = %d INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.status = 1 AND n.type = 'forum' AND n.created > %d AND ". node_access_where_sql(), $uid, $term, NODE_NEW_LIMIT));
+ $sql = "SELECT COUNT(n.nid) FROM {node} n INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.created <= %d AND n.status = 1 AND n.type = 'forum'";
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $ancient = db_result(db_query($sql, $term, NODE_NEW_LIMIT));
+ $sql = "SELECT COUNT(n.nid) FROM {node} n INNER JOIN {history} h ON n.nid = h.nid AND h.uid = %d INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.status = 1 AND n.type = 'forum' AND n.created > %d";
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $recent = db_result(db_query($sql, $uid, $term, NODE_NEW_LIMIT));
return $ancient + $recent;
}
@@ -424,10 +438,10 @@
$term = taxonomy_get_term($tid);
$check_tid = $tid ? "'". db_escape_string($tid) ."'" : 'NULL';
- $sql = "SELECT DISTINCT(n.nid), f.tid, n.title, n.sticky, u.name, u.uid, n.created AS timestamp, n.comment AS comment_mode, l.last_comment_timestamp, IF(l.last_comment_uid, cu.name, l.last_comment_name) as last_comment_name, l.last_comment_uid, l.comment_count AS num_comments FROM {node} n ". node_access_join_sql() .", {node_comment_statistics} l, {users} cu, {term_node} r, {users} u, {forum} f WHERE n.status = 1 AND l.last_comment_uid = cu.uid AND n.nid = l.nid AND n.nid = r.nid AND r.tid = $check_tid AND n.uid = u.uid AND n.nid = f.nid AND ". node_access_where_sql();
+ $sql = node_rewrite_sql("SELECT n.nid, f.tid, n.title, n.sticky, u.name, u.uid, n.created AS timestamp, n.comment AS comment_mode, l.last_comment_timestamp, IF(l.last_comment_uid, cu.name, l.last_comment_name) as last_comment_name, l.last_comment_uid, l.comment_count AS num_comments FROM {node} n, {node_comment_statistics} l, {users} cu, {term_node} r, {users} u, {forum} f WHERE n.status = 1 AND l.last_comment_uid = cu.uid AND n.nid = l.nid AND n.nid = r.nid AND r.tid = $check_tid AND n.uid = u.uid AND n.nid = f.nid", array('forum'));
$sql .= tablesort_sql($forum_topic_list_header, 'n.sticky DESC,');
- $sql_count = "SELECT COUNT(DISTINCT(n.nid)) FROM {node} n ". node_access_join_sql() ." INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = $check_tid WHERE n.status = 1 AND n.type = 'forum' AND ". node_access_where_sql();
+ $sql_count = node_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = $check_tid WHERE n.status = 1 AND n.type = 'forum'", array('forum'));
$result = pager_query($sql, $forum_per_page, 0, $sql_count);
@@ -468,7 +482,9 @@
function _forum_new($tid) {
global $user;
- $nid = db_result(db_query_range("SELECT DISTINCT(n.nid) FROM {node} n LEFT JOIN {history} h ON n.nid = h.nid AND h.uid = %d INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d " . node_access_join_sql() . " WHERE n.status = 1 AND n.type = 'forum' AND h.nid IS NULL AND n.created > %d AND " . node_access_where_sql() . " ORDER BY created", $user->uid, $tid, NODE_NEW_LIMIT, 0, 1));
+ $sql = "SELECT n.nid FROM {node} n LEFT JOIN {history} h ON n.nid = h.nid AND h.uid = %d INNER JOIN {term_node} r ON n.nid = r.nid AND r.tid = %d WHERE n.status = 1 AND n.type = 'forum' AND h.nid IS NULL AND n.created > %d ORDER BY created";
+ $sql = node_rewrite_sql($sql, array('forum'));
+ $nid = db_result(db_query_range($sql, $user->uid, $tid, NODE_NEW_LIMIT, 0, 1));
return $nid ? $nid : 0;
}
--- modules/poll.module.1 2005-01-08 12:59:21.000000000 +0100
+++ modules/poll.module 2005-01-08 13:05:37.000000000 +0100
@@ -51,7 +51,8 @@
}
else if ($op == 'view') {
// Retrieve the latest poll.
- $timestamp = db_result(db_query('SELECT MAX(n.created) FROM {node} n '. node_access_join_sql() ." WHERE n.type = 'poll' AND n.status = 1 AND ". node_access_where_sql() .' AND n.moderate = 0'));
+ $sql = node_rewrite_sql("SELECT MAX(n.created) FROM {node} n WHERE n.type = 'poll' AND n.status = 1 AND n.moderate = 0");
+ $timestamp = db_result(db_query($sql));
if ($timestamp) {
$poll = node_load(array('type' => 'poll', 'created' => $timestamp, 'moderate' => 0, 'status' => 1));
@@ -264,7 +265,9 @@
function poll_page() {
// List all polls
- $result = pager_query("SELECT DISTINCT(n.nid), n.title, p.active, n.created, SUM(c.chvotes) AS votes FROM {node} n ". node_access_join_sql() ." INNER JOIN {poll} p ON n.nid=p.nid INNER JOIN {poll_choices} c ON n.nid=c.nid WHERE type = 'poll' AND status = 1 AND ". node_access_where_sql() ." AND moderate = 0 GROUP BY n.nid, n.title, p.active, n.created ORDER BY n.created DESC", 15);
+ $sql = "SELECT n.nid, n.title, p.active, n.created, SUM(c.chvotes) AS votes FROM {node} n INNER JOIN {poll} p ON n.nid=p.nid INNER JOIN {poll_choices} c ON n.nid=c.nid WHERE type = 'poll' AND status = 1 AND moderate = 0 GROUP BY n.nid, n.title, p.active, n.created ORDER BY n.created DESC";
+ $sql = node_rewrite_sql($sql);
+ $result = pager_query($sql, 15);
$output = '
';
while ($node = db_fetch_object($result)) {
$output .= '