Collections functions
General functions
Render functions
Theme permission functions
Resource functions

featured_collections_permissions_filter_sql()

Description

Build appropriate SQL (for WHERE clause) to filter out featured collections for the user. The function will use either an
IN or NOT IN depending which list is smaller to increase performance of the search

this is part of.

Parameters

ColumnTypeDefaultDescription
$prefix string SQL WHERE clause element. Mostly should be either WHERE, AND -or- OR depending on the SQL statement
$column string SQL column on which to apply the filter for
$returnstring bool false (temporary) Will return the legacy string version until do_search() and others are migrated to use prepared statements. This can be removed once all functions use prepared statements

Return

array|string Returns "" if user should see all featured collections or a SQL filter (e.g AND ref IN("32", "34") ) with the placholders as the first element and the collection IDs as params for the second - for use in e.g. ps_query(), ps_value()

Location

include/collections_functions.php lines 5417 to 5469

Definition

 
function featured_collections_permissions_filter_sql(string $prefixstring $columnbool $returnstring =false)
    {
    global 
$CACHE_FC_PERMS_FILTER_SQL;
    
$CACHE_FC_PERMS_FILTER_SQL = (!is_null($CACHE_FC_PERMS_FILTER_SQL) && is_array($CACHE_FC_PERMS_FILTER_SQL) ? $CACHE_FC_PERMS_FILTER_SQL : array());
    
$cache_id md5("{$prefix}-{$column}");
    if(isset(
$CACHE_FC_PERMS_FILTER_SQL[$cache_id]) && is_string($CACHE_FC_PERMS_FILTER_SQL[$cache_id]) && $returnstring)
        {
        return 
$CACHE_FC_PERMS_FILTER_SQL[$cache_id];
        }
    elseif(isset(
$CACHE_FC_PERMS_FILTER_SQL[$cache_id]) && is_array($CACHE_FC_PERMS_FILTER_SQL[$cache_id]))
        {
        return 
$CACHE_FC_PERMS_FILTER_SQL[$cache_id];
        }
    
// $prefix & $column are used to generate the right SQL (e.g AND ref IN(list of IDs)). If developer/code, passes empty strings,
    // that's not this functions' responsibility. We could error here but the code will error anyway because of the bad SQL so
    // we might as well fix the problem at its root (ie. where we call this function with bad input arguments).
    
$prefix " " trim($prefix);
    
$column trim($column);

    
$computed_fcs compute_featured_collections_access_control();

    if(
$computed_fcs === true)
        {
        
$return ""# No access control needed! User should see all featured collections
        
}
    else if(
is_array($computed_fcs))
        {
        if(
$returnstring)
            {
            
$fcs_list "'" join("', '"$computed_fcs) . "'";
            
$return "{$prefix} {$column} IN ({$fcs_list})";
            }
        else
            {
            
$return = array("{$prefix} {$column} IN (" ps_param_insert(count($computed_fcs)) . ")",ps_param_fill($computed_fcs,"i"));
            }
        }
    else
        {
        
// User is not allowed to see any of the available FCs if($returnstring)
        
if($returnstring)
            {
            
$return "{$prefix} 1 = 0";
            }
        else
            {
            
$return = [$prefix " 1 = 0",[]];
            }
        }

    
$CACHE_FC_PERMS_FILTER_SQL[$cache_id] = $return;
    return 
$return;
    }

This article was last updated 4th October 2022 11:05 Europe/London time based on the source file dated 4th October 2022 09:50 Europe/London time.