diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2017-01-04 17:44:07 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2017-01-04 17:44:07 +0100 |
| commit | 3d93fd40edb627dafeede3b5ae3780885e2264fe (patch) | |
| tree | b6aaad7cebd68a5fa4819f5ea59bccbfaae6c354 /phpBB/phpbb/feed/attachments_base.php | |
| parent | f2c4bf176d7aaa18f143894643851a73cfd7df06 (diff) | |
| parent | dd89a369f3166ed4a3730ac8a2fb6eb5608ac284 (diff) | |
| download | forums-3d93fd40edb627dafeede3b5ae3780885e2264fe.tar forums-3d93fd40edb627dafeede3b5ae3780885e2264fe.tar.gz forums-3d93fd40edb627dafeede3b5ae3780885e2264fe.tar.bz2 forums-3d93fd40edb627dafeede3b5ae3780885e2264fe.tar.xz forums-3d93fd40edb627dafeede3b5ae3780885e2264fe.zip | |
Merge pull request #4611 from marc1706/ticket/14838
[icket/14838] Do not query full attachments table in feeds
Diffstat (limited to 'phpBB/phpbb/feed/attachments_base.php')
| -rw-r--r-- | phpBB/phpbb/feed/attachments_base.php | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/phpBB/phpbb/feed/attachments_base.php b/phpBB/phpbb/feed/attachments_base.php index 04812f1570..df8f29a626 100644 --- a/phpBB/phpbb/feed/attachments_base.php +++ b/phpBB/phpbb/feed/attachments_base.php @@ -25,8 +25,11 @@ abstract class attachments_base extends \phpbb\feed\base /** * Retrieve the list of attachments that may be displayed + * + * @param array $post_ids Specify for which post IDs to fetch the attachments (optional) + * @param array $topic_ids Specify for which topic IDs to fetch the attachments (optional) */ - protected function fetch_attachments() + protected function fetch_attachments($post_ids = array(), $topic_ids = array()) { $sql_array = array( 'SELECT' => 'a.*', @@ -37,7 +40,20 @@ abstract class attachments_base extends \phpbb\feed\base 'ORDER_BY' => 'a.filetime DESC, a.post_msg_id ASC', ); - if (isset($this->topic_id)) + if (!empty($post_ids)) + { + $sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.post_msg_id', $post_ids); + } + else if (!empty($topic_ids)) + { + if (isset($this->topic_id)) + { + $topic_ids[] = $this->topic_id; + } + + $sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.topic_id', $topic_ids); + } + else if (isset($this->topic_id)) { $sql_array['WHERE'] .= 'AND a.topic_id = ' . (int) $this->topic_id; } @@ -51,6 +67,11 @@ abstract class attachments_base extends \phpbb\feed\base ); $sql_array['WHERE'] .= 'AND t.forum_id = ' . (int) $this->forum_id; } + else + { + // Do not allow querying the full attachments table + throw new \RuntimeException($this->user->lang('INVALID_FEED_ATTACHMENTS')); + } $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); @@ -64,15 +85,6 @@ abstract class attachments_base extends \phpbb\feed\base } /** - * {@inheritDoc} - */ - public function open() - { - parent::open(); - $this->fetch_attachments(); - } - - /** * Get attachments related to a given post * * @param $post_id int Post id |