Index: branches/5.2.x/core/units/helpers/count_helper.php
===================================================================
diff -u -N -r15012 -r15761
--- branches/5.2.x/core/units/helpers/count_helper.php	(.../count_helper.php)	(revision 15012)
+++ branches/5.2.x/core/units/helpers/count_helper.php	(.../count_helper.php)	(revision 15761)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: count_helper.php 15012 2012-01-06 20:38:49Z alex $
+* @version	$Id: count_helper.php 15761 2013-05-16 15:49:10Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -170,39 +170,42 @@
 		}
 
 		/**
-		 * Counts items (of specific type) from all categories
+		 * Counts items (of specific type) from all categories.
 		 *
-		 * @param string $prefix
-		 * @param bool $today
-		 * @param string $count_sql
+		 * @param string $prefix Prefix.
+		 * @param boolean $today Count only items added today.
+		 * @param string|null $count_sql Sql.
+		 *
 		 * @return int
+		 * @access public
 		 */
-		function ItemCount($prefix, $today = false, $count_sql = null)
+		public function ItemCount($prefix, $today = false, $count_sql = null)
 		{
-		  	$table_name = $this->Application->getUnitOption($prefix, 'TableName');
+			$table_name = $this->Application->getUnitOption($prefix, 'TableName');
 
-		  	if (!isset($count_sql)) {
-		  		$count_sql = 'COUNT(*)';
-		  	}
+			if ( !isset($count_sql) ) {
+				$count_sql = 'COUNT(*)';
+			}
 
-		  	$sql = 'SELECT '.$count_sql.'
-		  			FROM '.$table_name.' item_table
-		  			INNER JOIN '.TABLE_PREFIX.'CategoryItems ci ON ci.ItemResourceId = item_table.ResourceId
-		    		INNER JOIN '.TABLE_PREFIX.'Categories c ON c.CategoryId = ci.CategoryId
-		    		INNER JOIN '.TABLE_PREFIX.'CategoryPermissionsCache perm_cache ON ci.CategoryId = perm_cache.CategoryId';
-
-		  	list ($view_perm, $view_filter) = $this->GetPermissionClause($prefix, 'perm_cache');
-		  	$where_clauses = Array (
-		  		$view_filter, 'perm_cache.PermId = '.$view_perm, 'ci.PrimaryCat = 1', 'c.Status = '.STATUS_ACTIVE,
+			$where_clause = array(
+				'ci.PrimaryCat = 1',
+				'c.Status = ' . STATUS_ACTIVE,
 			);
 
-		  	if ($today) {
-		  		$today_date = adodb_mktime(0, 0, 0, adodb_date('m'), adodb_date('d'), adodb_date('Y'));
-		  		$where_clauses[] = 'item_table.CreatedOn >= '.$today_date;
-		  	}
+			$sql = 'SELECT ' . $count_sql . '
+		  			FROM ' . $table_name . ' item_table
+		  			INNER JOIN ' . TABLE_PREFIX . 'CategoryItems ci ON ci.ItemResourceId = item_table.ResourceId
+		    		INNER JOIN ' . TABLE_PREFIX . 'Categories c ON c.CategoryId = ci.CategoryId';
 
-		  	$sql .= ' WHERE ('.implode(') AND (', $where_clauses).')';
+			list ($sql, $where_clause) = $this->attachViewPermissionCheck($prefix, $sql, $where_clause, 'ci.CategoryId');
 
+			if ( $today ) {
+				$today_date = adodb_mktime(0, 0, 0, adodb_date('m'), adodb_date('d'), adodb_date('Y'));
+				$where_clause[] = 'item_table.CreatedOn >= ' . $today_date;
+			}
+
+			$sql .= ' WHERE (' . implode(') AND (', $where_clause) . ')';
+
 			return (int)$this->Conn->GetOne($sql);
 		}
 
@@ -214,45 +217,69 @@
 		 */
 		function CategoryCount($today = false)
 		{
-		  	$cache_key = 'category_count[%CSerial%]';
+			$cache_key = 'category_count[%CSerial%]';
 
-			if ($today) {
-		  		$today_date = adodb_mktime(0, 0, 0, adodb_date('m'), adodb_date('d'), adodb_date('Y'));
-		  		$cache_key .= ':date=' . $today_date;
-		  	}
+			if ( $today ) {
+				$today_date = adodb_mktime(0, 0, 0, adodb_date('m'), adodb_date('d'), adodb_date('Y'));
+				$cache_key .= ':date=' . $today_date;
+			}
 
-		  	$count = $this->Application->getCache($cache_key);
+			$count = $this->Application->getCache($cache_key);
 
-		  	if ($count === false) {
+			if ( $count === false ) {
+				$where_clause = Array(
+					'c.Status = ' . STATUS_ACTIVE,
+				);
+
 				$sql = 'SELECT COUNT(*)
-			  			FROM ' . $this->Application->getUnitOption('c', 'TableName') . ' c
-			    		INNER JOIN ' . TABLE_PREFIX . 'CategoryPermissionsCache perm_cache ON c.CategoryId = perm_cache.CategoryId';
+			  			FROM ' . $this->Application->getUnitOption('c', 'TableName') . ' c';
 
-			  	list ($view_perm, $view_filter) = $this->GetPermissionClause('c', 'perm_cache');
+				list ($sql, $where_clause) = $this->attachViewPermissionCheck('c', $sql, $where_clause);
 
-			  	$where_clauses = Array (
-			  		$view_filter,
-			  		'perm_cache.PermId = ' . $view_perm,
-			  		'c.Status = ' . STATUS_ACTIVE,
-				);
+				if ( $today ) {
+					$where_clause[] = 'c.CreatedOn >= ' . $today_date;
+				}
 
-			  	if ($today) {
-			  		$where_clauses[] = 'c.CreatedOn >= ' . $today_date;
-			  	}
+				$sql .= ' WHERE (' . implode(') AND (', $where_clause) . ')';
 
-			    $sql .= ' WHERE ('.implode(') AND (', $where_clauses).')';
-
 				$count = $this->Conn->GetOne($sql);
 
-				if ($count !== false) {
+				if ( $count !== false ) {
 					$this->Application->setCache($cache_key, $count);
 				}
-		  	}
+			}
 
-		  	return $count;
+			return $count;
 		}
 
 		/**
+		 * Updates given data to make SQL use view permission check.
+		 *
+		 * @param string $prefix Unit config prefix.
+		 * @param string $sql Sql.
+		 * @param array $where_clause Where clause.
+		 * @param string $category_field Field, where to get Category ID.
+		 *
+		 * @return array
+		 * @access public
+		 */
+		public function attachViewPermissionCheck($prefix, $sql, $where_clause, $category_field = 'c.CategoryId')
+		{
+			if ( !$this->Application->ConfigValue('CheckViewPermissionsInCatalog') ) {
+				return array($sql, $where_clause);
+			}
+
+			list ($view_perm, $view_filter) = $this->GetPermissionClause($prefix, 'perm_cache');
+
+			$where_clause[] = $view_filter;
+			$where_clause[] = 'perm_cache.PermId = ' . $view_perm;
+
+			$sql .= ' INNER JOIN ' . TABLE_PREFIX . 'CategoryPermissionsCache perm_cache ON ' . $category_field . ' = perm_cache.CategoryId';
+
+			return array($sql, $where_clause);
+		}
+
+		/**
 		 * Returns permission limitation clause for category item lists
 		 *
 		 * @param string $prefix