resume nodes show up in search results
enky - September 19, 2006 - 13:19
| Project: | Job Search |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | needs work |
Description
hi,
i love this module, but, the resume nodes are showing up in search results,
i think patches are required for the drupal 4.7.3 node.module, to exclude
the 'resume' node type from being indexed by the search module.
any ideas?
#1
Has this issue been dealt with? Please let users know if still represent a security issue for the resume poster.
#2
I'm glad I looked at this bug report, because I didn't realize it was doing that. One of my modules was doing the same thing, and I had to implement hook_db_rewrite_sql to overcome this problem. In this case it would look something like this:
/** Implementation of hook_db_rewrite_sql().
*/
function job_db_rewrite_sql($query, $primary_table, $primary_field, $args) {
switch ($primary_field) {
case 'nid':
// this query deals with node objects
$return = array();
if (!user_access('view resumes')) {
if ($primary_table != 'n') {
$return['join'] = "LEFT JOIN {node} n ON $primary_table.nid = n.nid";
}
$return['where'] = "n.type <> 'resume'";
return $return;
}
break;
case 'tid':
// this query deals with taxonomy objects
break;
case 'vid':
// this query deals with vocabulary objects
break;
}
}
#3
#4
@klance
There are two modules included with the job search module for node access stuff.
Can you please check if your function should go into the resume_access or job_access module rather than the main? Also please test the results with the new change for regression (current access permissions are not affected).
Thanks
#5
Cut the code from job.module and paste it into resume.module. Same effect, more appropriate location.
#6
Yeesh... that gets it out of the search results, but it causes an SQL error that prevents views from showing up. Oh well...