Version 0.9.2 ()
------------------------------------------------------------------------
+ * Fix bug #1371893: Category write permissions are not properly
+ evaluated when writing into a category that a user has no
+ access to. Thanks to cydvicious! (garvinhicking)
+
* Fix bug #1371630: Write permissions to category are stored with
input data of the 'Read permissions' author listing.
# README #
########################################################################
+
+
+
+
+
For the most up-to-date information on documentation, creating styles,
plugins and so on, please visit our Wiki on http://www.s9y.org/!
+
+
+
+
+
+
+
+
+
+
+
+
########################################################################
# NOTES FOR CONDITIONAL GET IN RSS FEEDS #
########################################################################
$where = '';
if ($authorid != 'all' && is_numeric($authorid)) {
+ $sql_authorid = $authorid;
if (!serendipity_checkPermission('adminCategoriesMaintainOthers', $authorid)) {
$where = " WHERE (c.authorid = $authorid OR c.authorid = 0)";
$where .= "OR (
acl.artifact_type = 'category'
AND acl.artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'
- )";
+ ) ";
}
} else {
+ $sql_authorid = 'c.authorid';
$where = '';
}
LEFT OUTER JOIN {$serendipity['dbPrefix']}authors AS a
ON c.authorid = a.authorid
LEFT OUTER JOIN {$serendipity['dbPrefix']}authorgroups AS ag
- ON ag.authorid = a.authorid
+ ON ag.authorid = $sql_authorid
LEFT OUTER JOIN {$serendipity['dbPrefix']}access AS acl
ON (ag.groupid = acl.groupid AND acl.artifact_id = c.categoryid)
$where
$group";
-
if (!empty($order)) {
$querystring .= "\n ORDER BY $order";
}
projects / s9y.git / commitdiff