Index: branches/5.2.x/core/kernel/db/cat_tag_processor.php =================================================================== diff -u -N -r15360 -r15761 --- branches/5.2.x/core/kernel/db/cat_tag_processor.php (.../cat_tag_processor.php) (revision 15360) +++ branches/5.2.x/core/kernel/db/cat_tag_processor.php (.../cat_tag_processor.php) (revision 15761) @@ -1,6 +1,6 @@ ItemCount($this->Prefix, $today_only); } - function CategorySelector($params) + /** + * Displays list of allowed categories on "Suggest Link" and similar forms. + * + * @param array $params Tag params. + * + * @return string + * @access protected + */ + protected function CategorySelector($params) { $category_id = isset($params['category_id']) && is_numeric($params['category_id']) ? $params['category_id'] : false; - if ($category_id === false) { + + if ( $category_id === false ) { // if category id not given use module root category $category_id = $this->Application->findModule('Var', $this->Prefix, 'RootCat'); } $id_field = $this->Application->getUnitOption('c', 'IDField'); - $title_field = $this->Application->getUnitOption('c', 'TitleField'); - $table_name = $this->Application->getUnitOption('c', 'TableName'); - $count_helper = $this->Application->recallObject('CountHelper'); - /* @var $count_helper kCountHelper */ - - list ($view_perm, $view_filter) = $count_helper->GetPermissionClause('c', 'perm_cache'); - // get category list (permission based) - $sql = 'SELECT c.'.$title_field.' AS CategoryName, c.'.$id_field.', c.l' . $this->Application->GetVar('m_lang') . '_CachedNavbar AS CachedNavbar - FROM '.$table_name.' c - INNER JOIN '.TABLE_PREFIX.'CategoryPermissionsCache perm_cache ON c.CategoryId = perm_cache.CategoryId - WHERE (ParentId = '.$category_id.') AND ('.$view_filter.') AND (perm_cache.PermId = '.$view_perm.') AND (c.Status = '.STATUS_ACTIVE.') - ORDER BY c.'.$title_field.' ASC'; - $categories = $this->Conn->Query($sql, $id_field); + $categories = $this->Conn->Query($this->getCategorySelectorQuery($category_id), $id_field); $block_params = $this->prepareTagParams($params); $block_params['name'] = $params['render_as']; $block_params['strip_nl'] = 2; $ret = ''; + foreach ($categories as $category_id => $category_data) { // print category $block_params['separator'] = isset($params['category_id']) ? $params['separator'] : ''; // return original separator, remove separator for top level categories @@ -727,13 +725,44 @@ $ret .= $this->Application->ParseBlock($block_params); // print it's children - $block_params['separator'] = '   '.$params['separator']; + $block_params['separator'] = '   ' . $params['separator']; $ret .= $this->CategorySelector($block_params); } return $ret; } + /** + * Returns given category sub-categories, that user have rights to view. + * + * @param int $category_id Category. + * + * @return array + * @access protected + */ + protected function getCategorySelectorQuery($category_id) + { + $id_field = $this->Application->getUnitOption('c', 'IDField'); + $title_field = $this->Application->getUnitOption('c', 'TitleField'); + + $where_clause = Array ( + 'c.ParentId = ' . $category_id, + 'c.Status = ' . STATUS_ACTIVE, + ); + + $sql = 'SELECT c.' . $title_field . ' AS CategoryName, + c.' . $id_field . ', + c.l' . $this->Application->GetVar('m_lang') . '_CachedNavbar AS CachedNavbar + FROM ' . $this->Application->getUnitOption('c', 'TableName') . ' c'; + + $count_helper = $this->Application->recallObject('CountHelper'); + /* @var $count_helper kCountHelper */ + + list ($sql, $where_clause) = $count_helper->attachViewPermissionCheck('c', $sql, $where_clause); + + return $sql . ' WHERE (' . implode(') AND (', $where_clause) . ') ORDER BY c.' . $title_field . ' ASC'; + } + function PrintMoreCategories($params) { $object = $this->getObject($params);