diff options
Diffstat (limited to 'include/ws_functions.inc.php')
-rw-r--r-- | include/ws_functions.inc.php | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 61310265b..e4eddd18e 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -27,6 +27,47 @@ /**** IMPLEMENTATION OF WEB SERVICE METHODS ***********************************/ /** + * ws_add_controls + * returns additionnal controls if requested + * usable for 99% of Web Service methods + * + * - Args + * $params: is where clauses + * $img_tbl: indicates if phpwebgallery_images is selected + * $partner: is the key + * $tbl_name: is the alias_name in the query (sometimes called correlation name) + * - Logic + * Access_control is not active: Return + * Key is incorrect: Return 0 = 1 (False condition for MySQL) + * One of Params doesn't match with type of request: return 0 = 1 again + * Access list(id/cat/tag) is converted in expended image-id list + * image-id list: converted to an in-where-clause + * + * The additionnal in-where-clause is return + */ +function ws_add_controls( $params, $img_tbl=false, $partner='', $tbl_name='' ) +{ + global $conf; + if ( !$conf['ws_access_control'] ) + { + return ' 1 = 1 '; // No controls are requested + } + // Step 1 - Found Partner + $query = ' +SELECT FROM '.WEB_SERVICES_ACCESS_TABLE." + WHERE `name` = '$partner';"; +$result = pwg_query($query); + if ( mysql_num_rows( pwg_query($query) ) = 0 ) + { + return ' 0 = 1 '; // Unknown partner + } + // Step 2 - Clauses / Request matching + // Restrict Request has to be redefined first + // Step 3 - Target restrict + return $addings; +} + +/** * returns a "standard" (for our web service) array of sql where clauses that * filters the images (images table only) */ @@ -77,6 +118,13 @@ function ws_std_image_sql_filter( $params, $tbl_name='' ) { $clauses[] = $tbl_name.'tn_ext IS NOT NULL'; } + // Squared picture to show to rvelices how to solve that kind of request + if ( $params['f_square_ratio'] ) + { + $clauses[] = $tbl_name.'width/'.$tbl_name.'height BETWEEN ' + . $params['f_square_ratio'] . ' AND ' + . (2 - $params['f_square_ratio']) ; + } return $clauses; } @@ -200,6 +248,11 @@ SELECT id, name, image_order $where_clauses[] = 'category_id IN (' .implode(',', array_keys($cats) ) .')'; + +// example of ws_add_controls call +// $where_clause[] = +// ws_add_controls call( $params, true, $partner, $tbl_name='i.' ); + $order_by = ws_std_image_sql_order($params, 'i.'); if (empty($order_by)) {// TODO check for category order by (image_order) |