$term_visibility = FALSE;
// the terms this user is allowed to see
$tids = array();
for ($i = 1; $i <= $schemes; $i++) {
$config = _tac_lite_config($i);
if ($config['term_visibility']) {
$tids = array_merge($tids, _tac_lite_user_tids($user, $i));
$term_visibility = TRUE;
}
}
if ($term_visibility) {
// Prevent query from finding terms the current user does not have permission to see.
$join = "LEFT JOIN {term_data} tac_td ON $primary_table.tid = tac_td.tid";
$where = "$primary_table.tid IN (" . implode(', ', $tids) .
") OR tac_td.vid NOT IN (" . implode(',', $vids) .")";
return array('join' => $join, 'where' => $where);
}
This code is erroneous! It is possible for $tids to be an empty array, which then results in the SQL containing the clause "WHERE t.tid IN ()" which throws a syntax error. An older version includes the check
if (count($tids) && is_array($vids) && count($vids))
which prevents the risk of that error. It probably needs to be reinstated. Was there a reason for trying to remove it?
Comments
Comment #1
martin_qPatch attached.
Comment #2
damienmckennaThank you for your contribution to this module. Support for Drupal 6 ended a decade ago, so I'm closing out this issue.