You are here

Home » API reference » Flag 6.2 » flag.module

function flag_flag_access_multiple in Flag 6.2

Same name and namespace in other branches
  1. 7.3 flag.module \flag_flag_access_multiple()
  2. 7.2 flag.module \flag_flag_access_multiple()

Implementation of hook_flag_access_multiple().

File

./flag.module, line 844
The Flag module.

Code

function flag_flag_access_multiple($flag, $content_ids, $account) {
  $access = array();

  // Do nothing if there is no restriction by authorship.
  if (empty($flag->access_author)) {
    return $access;
  }
  if ($flag->content_type == 'node') {

    // Restrict access by authorship. This is similar to flag_flag_access()
    // above, but returns an array of 'nid' => $access values. Similarly, we
    // should never return TRUE in any of these access values, only FALSE if we
    // want to deny access, or use the current access value provided by Flag.
    $nids = implode(',', array_map('intval', array_keys($content_ids)));
    $placeholders = implode(',', array_fill(0, sizeof($flag->types), "'%s'"));
    $result = db_query("SELECT nid, uid FROM {node} WHERE nid IN ({$nids}) AND type in ({$placeholders})", $flag->types);
    while ($row = db_fetch_object($result)) {
      if ($flag->access_author == 'own') {
        $access[$row->nid] = $row->uid != $account->uid ? FALSE : NULL;
      }
      elseif ($flag->access_author == 'others') {
        $access[$row->nid] = $row->uid == $account->uid ? FALSE : NULL;
      }
    }
  }
  if ($flag->content_type == 'comment') {

    // Restrict access by comment ownership.
    $cids = implode(',', array_map('intval', array_keys($content_ids)));
    $result = db_query("SELECT c.cid, c.nid, c.uid as comment_uid, n.nid as node_uid FROM {comments} c LEFT JOIN {node} n ON c.nid = n.nid WHERE cid IN ({$cids})");
    while ($row = db_fetch_object($result)) {
      if ($flag->access_author == 'node_own') {
        $access[$row->cid] = $row->node_uid != $account->uid ? FALSE : NULL;
      }
      elseif ($flag->access_author == 'node_others') {
        $access[$row->cid] = $row->node_uid == $account->uid ? FALSE : NULL;
      }
      elseif ($flag->access_author == 'comment_own') {
        $access[$row->cid] = $row->comment_uid != $account->uid ? FALSE : NULL;
      }
      elseif ($flag->access_author == 'comment_others') {
        $access[$row->cid] = $row->comment_uid == $account->uid ? FALSE : NULL;
      }
    }
  }

  // Always return an array (even if empty) of accesses.
  return $access;
}