aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/includes/acp/acp_permissions.php62
-rw-r--r--phpBB/includes/auth.php124
-rw-r--r--phpBB/includes/db/dbal.php61
-rw-r--r--phpBB/includes/db/firebird.php13
-rw-r--r--phpBB/includes/db/mssql.php10
-rw-r--r--phpBB/includes/db/mssql_odbc.php10
-rw-r--r--phpBB/includes/db/mysql.php15
-rw-r--r--phpBB/includes/db/mysql4.php15
-rw-r--r--phpBB/includes/db/mysqli.php15
-rw-r--r--phpBB/includes/db/oracle.php6
-rw-r--r--phpBB/includes/db/postgres.php15
-rw-r--r--phpBB/includes/db/sqlite.php10
-rw-r--r--phpBB/includes/functions_admin.php32
-rw-r--r--phpBB/includes/mcp/mcp_front.php38
-rw-r--r--phpBB/includes/ucp/ucp_main.php72
-rw-r--r--phpBB/mcp.php26
-rw-r--r--phpBB/memberlist.php27
-rwxr-xr-xphpBB/ucp.php29
-rw-r--r--phpBB/viewtopic.php122
19 files changed, 529 insertions, 173 deletions
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index f42a03ba15..1059629863 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -344,14 +344,29 @@ class acp_permissions
$sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')' : 'AND a.forum_id <> 0');
$sql_permission_option = "AND o.auth_option LIKE '" . $db->sql_escape($permission_type) . "%'";
- $sql = 'SELECT DISTINCT u.username, u.user_regdate, u.user_id
- FROM (' . USERS_TABLE . ' u, ' . ACL_OPTIONS_TABLE . ' o, ' . ACL_USERS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . " r ON (a.auth_role_id = r.role_id)
- WHERE (a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
- $sql_permission_option
- $sql_forum_id
- AND u.user_id = a.user_id
- ORDER BY u.username, u.user_regdate ASC";
+ $sql = $db->sql_build_query('SELECT_DISTINCT', array(
+ 'SELECT' => 'u.username, u.user_regdate, u.user_id',
+
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ ACL_OPTIONS_TABLE => 'o',
+ ACL_USERS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ )
+ ),
+
+ 'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
+ $sql_permission_option
+ $sql_forum_id
+ AND u.user_id = a.user_id",
+
+ 'ORDER_BY' => 'u.username, u.user_regdate ASC'
+ ));
$result = $db->sql_query($sql);
$s_defined_user_options = '';
@@ -363,14 +378,29 @@ class acp_permissions
}
$db->sql_freeresult($result);
- $sql = 'SELECT DISTINCT g.group_type, g.group_name, g.group_id
- FROM (' . GROUPS_TABLE . ' g, ' . ACL_OPTIONS_TABLE . ' o, ' . ACL_GROUPS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . " r ON (a.auth_role_id = r.role_id)
- WHERE (a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
- $sql_permission_option
- $sql_forum_id
- AND g.group_id = a.group_id
- ORDER BY g.group_type DESC, g.group_name ASC";
+ $sql = $db->sql_build_query('SELECT_DISTINCT', array(
+ 'SELECT' => 'g.group_type, g.group_name, g.group_id',
+
+ 'FROM' => array(
+ GROUPS_TABLE => 'g',
+ ACL_OPTIONS_TABLE => 'o',
+ ACL_USERS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ )
+ ),
+
+ 'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
+ $sql_permission_option
+ $sql_forum_id
+ AND g.group_id = a.group_id",
+
+ 'ORDER_BY' => 'g.group_type DESC, g.group_name ASC'
+ ));
$result = $db->sql_query($sql);
$s_defined_group_options = '';
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index d32cb0a945..c31a45bc7f 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -486,14 +486,29 @@ class auth
// First grab user settings ... each user has only one setting for each
// option ... so we shouldn't need any ACL_NO checks ... he says ...
- $sql = 'SELECT ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting
- FROM (' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . ' r ON (a.auth_role_id = r.role_id)
- WHERE (ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
- ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
+ // Grab assigned roles...
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting',
+
+ 'FROM' => array(
+ ACL_OPTIONS_TABLE => 'ao',
+ ACL_USERS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ )
+ ),
+
+ 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
+ ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
+ $sql_forum
+ $sql_opts",
+
+ 'ORDER_BY' => 'a.forum_id, ao.auth_option'
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -504,15 +519,30 @@ class auth
$db->sql_freeresult($result);
// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
- $sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting
- FROM (' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . ' r ON (a.auth_role_id = r.role_id)
- WHERE (ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
- AND a.group_id = ug.group_id
- ' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'ug.user_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting',
+
+ 'FROM' => array(
+ USER_GROUP_TABLE => 'ug',
+ ACL_OPTIONS_TABLE => 'ao',
+ ACL_GROUPS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ )
+ ),
+
+ 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
+ AND a.group_id = ug.group_id
+ ' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
+ $sql_forum
+ $sql_opts",
+
+ 'ORDER_BY' => 'a.forum_id, ao.auth_option'
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -571,14 +601,28 @@ class auth
$hold_ary = array();
// Grab user settings...
- $sql = 'SELECT ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting
- FROM (' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . ' r ON (a.auth_role_id = r.role_id)
- WHERE (ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
- ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting',
+
+ 'FROM' => array(
+ ACL_OPTIONS_TABLE => 'ao',
+ ACL_USERS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ ),
+ ),
+
+ 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
+ ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
+ $sql_forum
+ $sql_opts",
+
+ 'ORDER_BY' => 'a.forum_id, ao.auth_option'
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -616,14 +660,28 @@ class auth
$hold_ary = array();
// Grab group settings...
- $sql = 'SELECT a.group_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting
- FROM (' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . ' r ON (a.auth_role_id = r.role_id)
- WHERE (ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
- ' . (($sql_group) ? 'AND a.' . $sql_group : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'a.group_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting',
+
+ 'FROM' => array(
+ ACL_OPTIONS_TABLE => 'ao',
+ ACL_USERS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ ),
+ ),
+
+ 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
+ ' . (($sql_group) ? 'AND a.' . $sql_group : '') . "
+ $sql_forum
+ $sql_opts",
+
+ 'ORDER_BY' => 'a.forum_id, ao.auth_option'
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php
index acc64da799..1a8b8a4ddf 100644
--- a/phpBB/includes/db/dbal.php
+++ b/phpBB/includes/db/dbal.php
@@ -192,6 +192,67 @@ class dbal
}
/**
+ * Build sql statement from array for select and select distinct statements
+ *
+ * Possible query values: SELECT, SELECT_DISTINCT
+ */
+ function sql_build_query($query, $array)
+ {
+ $sql = '';
+ switch ($query)
+ {
+ case 'SELECT':
+ case 'SELECT_DISTINCT';
+
+ if ($query == 'SELECT_DISTINCT')
+ {
+ $sql .= 'SELECT DISTINCT';
+ }
+ else
+ {
+ $sql .= 'SELECT';
+ }
+
+ $sql .= ' ' . $array['SELECT'];
+ $sql .= ' FROM ';
+
+ $table_array = array();
+ foreach ($array['FROM'] as $table_name => $alias)
+ {
+ $table_array[] = $table_name . ' ' . $alias;
+ }
+
+ $sql .= $this->_sql_custom_build('FROM', implode(', ', $table_array));
+
+ if (!empty($array['LEFT_JOIN']))
+ {
+ foreach ($array['LEFT_JOIN'] as $join)
+ {
+ $sql .= ' LEFT JOIN ' . key($join['FROM']) . ' ' . current($join['FROM']) . ' ON (' . $join['ON'] . ')';
+ }
+ }
+
+ if (!empty($array['WHERE']))
+ {
+ $sql .= ' WHERE ' . $this->_sql_custom_build('WHERE', $array['WHERE']);
+ }
+
+ if (!empty($array['GROUP_BY']))
+ {
+ $sql .= ' GROUP BY ' . $array['GROUP_BY'];
+ }
+
+ if (!empty($array['ORDER_BY']))
+ {
+ $sql .= ' ORDER BY ' . $array['ORDER_BY'];
+ }
+
+ break;
+ }
+ return $sql;
+ }
+
+ /**
* display sql error page
*/
function sql_error($sql = '')
diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php
index c94fd00882..e4eca60772 100644
--- a/phpBB/includes/db/firebird.php
+++ b/phpBB/includes/db/firebird.php
@@ -56,6 +56,7 @@ class dbal_firebird extends dbal
switch ($status)
{
case 'begin':
+ $result = true;
$this->transaction = true;
break;
@@ -90,7 +91,6 @@ class dbal_firebird extends dbal
{
global $cache;
- $query = preg_replace('#FROM \(([^)]*)\)(,|[\n\r\t ]+(?:WHERE|LEFT JOIN)) #', 'FROM \1\2 ', $query);
$this->last_query_text = $query;
$this->query_result = ($cache_ttl && method_exists($cache, 'sql_load')) ? $cache->sql_load($query) : false;
@@ -320,6 +320,15 @@ class dbal_firebird extends dbal
}
/**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
+ /**
* return sql error array
* @private
*/
@@ -360,7 +369,7 @@ class dbal_firebird extends dbal
{
// Take the time spent on parsing rows into account
}
- @ibase_freeresult($result);
+ @ibase_free_result($result);
$splittime = explode(' ', microtime());
$splittime = $splittime[0] + $splittime[1];
diff --git a/phpBB/includes/db/mssql.php b/phpBB/includes/db/mssql.php
index 0e7ee89196..e1082d282c 100644
--- a/phpBB/includes/db/mssql.php
+++ b/phpBB/includes/db/mssql.php
@@ -98,7 +98,6 @@ class dbal_mssql extends dbal
{
global $cache;
- $query = preg_replace('#FROM \(([^)]*)\)(,|[\n\r\t ]+(?:WHERE|LEFT JOIN)) #', 'FROM \1\2 ', $query);
// EXPLAIN only in extra debug mode
if (defined('DEBUG_EXTRA'))
@@ -334,6 +333,15 @@ class dbal_mssql extends dbal
}
/**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
+ /**
* Close sql connection
* @private
*/
diff --git a/phpBB/includes/db/mssql_odbc.php b/phpBB/includes/db/mssql_odbc.php
index 1e219f985e..a31c6074bc 100644
--- a/phpBB/includes/db/mssql_odbc.php
+++ b/phpBB/includes/db/mssql_odbc.php
@@ -101,7 +101,6 @@ class dbal_mssql_odbc extends dbal
$this->sql_report('start', $query);
}
- $query = preg_replace('#FROM \(([^)]*)\)(,|[\n\r\t ]+(?:WHERE|LEFT JOIN)) #', 'FROM \1\2 ', $query);
$this->last_query_text = $query;
$this->query_result = ($cache_ttl && method_exists($cache, 'sql_load')) ? $cache->sql_load($query) : false;
@@ -318,6 +317,15 @@ class dbal_mssql_odbc extends dbal
}
/**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
+ /**
* return sql error array
* @private
*/
diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php
index 625c6876ee..d9369f3a75 100644
--- a/phpBB/includes/db/mysql.php
+++ b/phpBB/includes/db/mysql.php
@@ -290,6 +290,21 @@ class dbal_mysql extends dbal
return @mysql_real_escape_string($msg, $this->db_connect_id);
}
+
+ /**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ switch ($stage)
+ {
+ case 'FROM':
+ $data = '(' . $data . ')';
+ break;
+ }
+ return $data;
+ }
/**
* return sql error array
diff --git a/phpBB/includes/db/mysql4.php b/phpBB/includes/db/mysql4.php
index c388987e40..47c1ebc41f 100644
--- a/phpBB/includes/db/mysql4.php
+++ b/phpBB/includes/db/mysql4.php
@@ -293,6 +293,21 @@ class dbal_mysql4 extends dbal
return @mysql_real_escape_string($msg, $this->db_connect_id);
}
+
+ /**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ switch ($stage)
+ {
+ case 'FROM':
+ $data = '(' . $data . ')';
+ break;
+ }
+ return $data;
+ }
/**
* return sql error array
diff --git a/phpBB/includes/db/mysqli.php b/phpBB/includes/db/mysqli.php
index 137ca39591..0233c7092f 100644
--- a/phpBB/includes/db/mysqli.php
+++ b/phpBB/includes/db/mysqli.php
@@ -284,6 +284,21 @@ class dbal_mysqli extends dbal
{
return @mysqli_real_escape_string($this->db_connect_id, $msg);
}
+
+ /**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ switch ($stage)
+ {
+ case 'FROM':
+ $data = '(' . $data . ')';
+ break;
+ }
+ return $data;
+ }
/**
* return sql error array
diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php
index 2a4898ca0d..72732d2a50 100644
--- a/phpBB/includes/db/oracle.php
+++ b/phpBB/includes/db/oracle.php
@@ -90,7 +90,6 @@ class dbal_oracle extends dbal
{
global $cache;
- $query = preg_replace('#FROM \(([^)]*)\)(,|[\n\r\t ]+(?:WHERE|LEFT JOIN)) #', 'FROM \1\2 ', $query);
// EXPLAIN only in extra debug mode
if (defined('DEBUG_EXTRA'))
@@ -361,6 +360,11 @@ class dbal_oracle extends dbal
return str_replace("'", "''", str_replace('\\', '\\\\', $msg));
}
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
/**
* return sql error array
* @private
diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php
index d9e8bc2bfa..eb5f2d17e8 100644
--- a/phpBB/includes/db/postgres.php
+++ b/phpBB/includes/db/postgres.php
@@ -127,10 +127,6 @@ class dbal_postgres extends dbal
{
global $cache;
- if (strpos($query, 'SELECT') === 0 && strpos($query, 'FROM (') !== false)
- {
- $query = preg_replace('#FROM \(([^)]+)\)\s#', 'FROM \1 ', $query);
- }
// EXPLAIN only in extra debug mode
if (defined('DEBUG_EXTRA'))
@@ -145,7 +141,7 @@ class dbal_postgres extends dbal
{
$this->num_queries++;
- if (($this->query_result = @pg_exec($this->db_connect_id, $query)) === false)
+ if (($this->query_result = @pg_query($this->db_connect_id, $query)) === false)
{
$this->sql_error($query);
}
@@ -179,6 +175,15 @@ class dbal_postgres extends dbal
}
/**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
+ /**
* Build LIMIT query
*/
function sql_query_limit($query, $total, $offset = 0, $cache_ttl = 0)
diff --git a/phpBB/includes/db/sqlite.php b/phpBB/includes/db/sqlite.php
index 16319aec83..f2f3ceb1f1 100644
--- a/phpBB/includes/db/sqlite.php
+++ b/phpBB/includes/db/sqlite.php
@@ -94,7 +94,6 @@ class dbal_sqlite extends dbal
{
global $cache;
- $query = preg_replace('#FROM \(([^)]*)\)(,|[\n\r\t ]+(?:WHERE|LEFT JOIN)) #', 'FROM \1\2 ', $query);
// EXPLAIN only in extra debug mode
if (defined('DEBUG_EXTRA'))
@@ -286,6 +285,15 @@ class dbal_sqlite extends dbal
}
/**
+ * Build db-specific query data
+ * @private
+ */
+ function _sql_custom_build($stage, $data)
+ {
+ return $data;
+ }
+
+ /**
* Close sql connection
* @private
*/
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index 7b3c7e68f1..2df3c37f9b 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -1733,15 +1733,29 @@ function cache_moderators()
$ug_id_ary = array_keys($hold_ary);
// Remove users who have group memberships with DENY moderator permissions
- $sql = 'SELECT a.forum_id, ug.user_id
- FROM (' . ACL_OPTIONS_TABLE . ' o, ' . ACL_GROUPS_TABLE . ' a, ' . USER_GROUP_TABLE . ' ug)
- LEFT JOIN ' . ACL_ROLES_DATA_TABLE . ' r ON (a.auth_role_id = r.role_id)
- WHERE (o.auth_option_id = a.auth_option_id OR o.auth_option_id = r.auth_option_id)
- AND ((a.auth_setting = ' . ACL_NO . ' AND r.auth_setting IS NULL)
- OR r.auth_setting = ' . ACL_NO . ')
- AND a.group_id = ug.group_id
- AND ug.user_id IN (' . implode(', ', $ug_id_ary) . ")
- AND o.auth_option LIKE 'm\_%'";
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'a.forum_id, ug.user_id',
+
+ 'FROM' => array(
+ ACL_OPTIONS_TABLE => 'o',
+ USER_GROUP_TABLE => 'ug',
+ ACL_GROUPS_TABLE => 'a'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
+ 'ON' => 'a.auth_role_id = r.role_id'
+ )
+ ),
+
+ 'WHERE' => '(o.auth_option_id = a.auth_option_id OR o.auth_option_id = r.auth_option_id)
+ AND ((a.auth_setting = ' . ACL_NO . ' AND r.auth_setting IS NULL)
+ OR r.auth_setting = ' . ACL_NO . ')
+ AND a.group_id = ug.group_id
+ AND ug.user_id IN (' . implode(', ', $ug_id_ary) . ")
+ AND o.auth_option LIKE 'm\_%'",
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php
index 653af87a45..f227dec9a6 100644
--- a/phpBB/includes/mcp/mcp_front.php
+++ b/phpBB/includes/mcp/mcp_front.php
@@ -123,16 +123,34 @@ function mcp_front_view($id, $mode, $action)
if ($total)
{
- $sql = 'SELECT r.*, p.post_id, p.post_subject, u.username, t.topic_id, t.topic_title, f.forum_id, f.forum_name
- FROM (' . REPORTS_TABLE . ' r, ' . REASONS_TABLE . ' rr,' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u)
- LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = p.forum_id)
- WHERE r.post_id = p.post_id
- AND r.report_closed = 0
- AND r.reason_id = rr.reason_id
- AND p.topic_id = t.topic_id
- AND r.user_id = u.user_id
- AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')
- ORDER BY p.post_id DESC';
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'r.*, p.post_id, p.post_subject, u.username, t.topic_id, t.topic_title, f.forum_id, f.forum_name',
+
+ 'FROM' => array(
+ REPORTS_TABLE => 'r',
+ REASONS_TABLE => 'rr',
+ TOPICS_TABLE => 't',
+ USERS_TABLE => 'u',
+ POSTS_TABLE => 'p'
+
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(FORUMS_TABLE => 'f'),
+ 'ON' => 'f.forum_id = p.forum_id'
+ )
+ ),
+
+ 'WHERE' => 'r.post_id = p.post_id
+ AND r.report_closed = 0
+ AND r.reason_id = rr.reason_id
+ AND p.topic_id = t.topic_id
+ AND r.user_id = u.user_id
+ AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')',
+
+ 'ORDER_BY' => 'p.post_id DESC'
+ ));
$result = $db->sql_query_limit($sql, 5);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php
index 7959e656de..2577e1e781 100644
--- a/phpBB/includes/ucp/ucp_main.php
+++ b/phpBB/includes/ucp/ucp_main.php
@@ -216,25 +216,36 @@ class ucp_main
}
}
+ $sql_array = array(
+ 'SELECT' => 'f.*',
+
+ 'FROM' => array(
+ FORUMS_WATCH_TABLE => 'fw',
+ FORUMS_TABLE => 'f'
+ ),
+
+ 'WHERE' => "fw.user_id = " . $user->data['user_id'] . '
+ AND f.forum_id = fw.forum_id',
+
+ 'ORDER_BY' => 'left_id'
+ );
+
if ($config['load_db_lastread'])
{
- $sql_join = ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id)';
- $lastread_select = ', ft.mark_time ';
+ $sql_array['LEFT_JOIN'] = array(
+ array(
+ 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
+ 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
+ )
+ );
+ $sql_array['SELECT'] .= ', ft.mark_time ';
}
else
{
- $sql_join = '';
- $lastread_select = '';
-
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_track'])) : array();
}
- $sql = "SELECT f.*$lastread_select
- FROM (" . FORUMS_TABLE . ' f, ' . FORUMS_WATCH_TABLE . " fw)
- $sql_join
- WHERE fw.user_id = " . $user->data['user_id'] . '
- AND f.forum_id = fw.forum_id
- ORDER BY left_id';
+ $sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -315,31 +326,34 @@ class ucp_main
);
}
- $sql_join = ($config['load_db_lastread']) ? ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.forum_id = t.forum_id AND ft.user_id = ' . $user->data['user_id'] . ')' : '';
- $sql_f_select = ($config['load_db_lastread']) ? ', ft.mark_time AS forum_mark_time' : '';
- $sql_t_select = '';
+ $sql_array = array(
+ 'SELECT' => 't.*',
- if ($config['load_db_track'])
- {
- $sql_join .= ' LEFT JOIN ' . TOPICS_POSTED_TABLE . ' tp ON (tp.topic_id = t.topic_id
- AND tp.user_id = ' . $user->data['user_id'] . ')';
- $sql_t_select .= ', tp.topic_posted';
- }
+ 'FROM' => array(
+ TOPICS_WATCH_TABLE => 'tw',
+ TOPICS_TABLE => 't'
+ ),
+
+ 'WHERE' => "tw.user_id = " . $user->data['user_id'] . '
+ AND t.topic_id = tw.topic_id',
+
+ 'ORDER_BY' => 't.topic_last_post_time DESC'
+ );
if ($config['load_db_lastread'])
{
- $sql_join .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id
- AND tt.user_id = ' . $user->data['user_id'] . ')';
- $sql_t_select .= ', tt.mark_time';
+ $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TRACK_TABLE => 'ft'), 'ON' => 'ft.forum_id = t.forum_id AND ft.user_id = ' . $user->data['user_id']);
+ $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TRACK_TABLE => 'tt'), 'ON' => 'tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id']);
+ $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time AS forum_mark_time';
}
+ if ($config['load_db_track'])
+ {
+ $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_POSTED_TABLE => 'tp'), 'ON' => 'tp.topic_id = t.topic_id AND tp.user_id = ' . $user->data['user_id']);
+ $sql_array['SELECT'] .= ', tp.topic_posted';
+ }
- $sql = "SELECT t.* $sql_f_select $sql_t_select
- FROM (" . TOPICS_WATCH_TABLE . ' tw, ' . TOPICS_TABLE . " t)
- $sql_join
- WHERE tw.user_id = " . $user->data['user_id'] . '
- AND t.topic_id = tw.topic_id
- ORDER BY t.topic_last_post_time DESC';
+ $sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$topic_list = $topic_forum_list = $global_announce_list = $rowset = array();
diff --git a/phpBB/mcp.php b/phpBB/mcp.php
index 8c6c94fa3e..eb2dd03085 100644
--- a/phpBB/mcp.php
+++ b/phpBB/mcp.php
@@ -258,12 +258,26 @@ function get_post_data($post_ids, $acl_list = false)
global $db, $auth;
$rowset = array();
- $sql = 'SELECT p.*, u.*, t.*, f.*
- FROM (' . USERS_TABLE . ' u, ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p)
- LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = p.forum_id)
- WHERE p.post_id IN (' . implode(', ', $post_ids) . ')
- AND u.user_id = p.poster_id
- AND t.topic_id = p.topic_id';
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'p.*, u.*, t.*, f.*',
+
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ TOPICS_TABLE => 't',
+ POSTS_TABLE => 'p'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(FORUMS_TABLE => 'f'),
+ 'ON' => 'f.forum_id = p.forum_id'
+ )
+ ),
+
+ 'WHERE' => 'p.post_id IN (' . implode(', ', $post_ids) . ')
+ AND u.user_id = p.poster_id
+ AND t.topic_id = p.topic_id',
+ ));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index f4f4284e36..2f276a98bb 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -113,12 +113,27 @@ switch ($mode)
}
$db->sql_freeresult($result);
- $sql = 'SELECT u.user_id, u.username, u.user_colour, u.user_rank, u.user_posts, g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id
- FROM (' . USERS_TABLE . ' u, ' . GROUPS_TABLE . ' g)
- LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.group_id = g.group_id AND ug.user_id = ' . $user->data['user_id'] . ')
- WHERE u.user_id IN (' . implode(', ', array_unique(array_merge($admin_id_ary, $mod_id_ary))) . ')
- AND u.group_id = g.group_id
- ORDER BY g.group_name ASC, u.username ASC';
+ $sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'u.user_id, u.username, u.user_colour, u.user_rank, u.user_posts, g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id',
+
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ GROUPS_TABLE => 'g'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(USER_GROUP_TABLE => 'ug'),
+ 'ON' => 'ug.group_id = g.group_id AND ug.user_id = ' . $user->data['user_id']
+ )
+ ),
+
+ 'WHERE' => 'u.user_id IN (' . implode(', ', array_unique(array_merge($admin_id_ary, $mod_id_ary))) . ')
+ AND u.group_id = g.group_id',
+
+ 'GROUP_BY' => 'g.group_name ASC, u.username ASC'
+ ));
+
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/ucp.php b/phpBB/ucp.php
index 95e2d55b78..36b7afadfc 100755
--- a/phpBB/ucp.php
+++ b/phpBB/ucp.php
@@ -244,13 +244,28 @@ if (!$user->data['is_registered'])
// Output listing of friends online
$update_time = $config['load_online_time'] * 60;
-$sql = 'SELECT DISTINCT u.user_id, u.username, u.user_allow_viewonline, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline
- FROM (' . USERS_TABLE . ' u, ' . ZEBRA_TABLE . ' z)
- LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = z.zebra_id)
- WHERE z.user_id = ' . $user->data['user_id'] . '
- AND z.friend = 1
- AND u.user_id = z.zebra_id
- GROUP BY z.zebra_id, u.user_id, u.username, u.user_allow_viewonline';
+$sql = $db->sql_build_query('SELECT_DISTINCT', array(
+ 'SELECT' => 'u.user_id, u.username, u.user_allow_viewonline, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
+
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ ZEBRA_TABLE => 'z'
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(SESSIONS_TABLE => 's'),
+ 'ON' => 's.session_user_id = z.zebra_id'
+ )
+ ),
+
+ 'WHERE' => 'z.user_id = ' . $user->data['user_id'] . '
+ AND z.friend = 1
+ AND u.user_id = z.zebra_id',
+
+ 'GROUP_BY' => 'z.zebra_id, u.user_id, u.username, u.user_allow_viewonline'
+));
+
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index 9ff1b4bd48..bf9d7e15f4 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -103,11 +103,10 @@ if ($view && !$post_id)
$sql_ordering = ($view == 'next') ? 'ASC' : 'DESC';
$sql = 'SELECT t.topic_id, t.forum_id
- FROM ' . TOPICS_TABLE . ' t, ' . TOPICS_TABLE . " t2
- WHERE t2.topic_id = $topic_id
- AND t.forum_id = t2.forum_id
+ FROM ' . TOPICS_TABLE . ' t
+ LEFT JOIN ' . TOPICS_TABLE . " t2 ON (t2.topic_id = $topic_id AND t.forum_id = t2.forum_id)
+ WHERE t.topic_last_post_time $sql_condition t2.topic_last_post_time
" . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1') . "
- AND t.topic_last_post_time $sql_condition t2.topic_last_post_time
ORDER BY t.topic_last_post_time $sql_ordering";
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
@@ -157,64 +156,81 @@ if ($view && !$post_id)
// This rather complex gaggle of code handles querying for topics but
// also allows for direct linking to a post (and the calculation of which
// page the post is on and the correct display of viewtopic)
-$join_sql_table = '';
+$group = '';
$select_sql = 't.topic_id, t.forum_id, t.topic_title, t.topic_attachment, t.topic_status, t.topic_approved, t.topic_replies_real, t.topic_replies, t.topic_first_post_id, t.topic_last_post_id, t.topic_last_poster_id, t.topic_last_post_time, t.topic_poster, t.topic_time, t.topic_time_limit, t.topic_type, t.topic_bumped, t.topic_bumper, t.poll_max_options, t.poll_start, t.poll_length, t.poll_title, t.poll_vote_change, f.forum_name, f.forum_desc, f.forum_desc_uid, f.forum_desc_bitfield, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_type, f.forum_id, f.forum_style, f.forum_password, f.forum_rules, f.forum_rules_link, f.forum_rules_uid, f.forum_rules_bitfield';
-if (!$post_id)
-{
- $join_sql = "t.topic_id = $topic_id";
-}
-else
-{
- $join_sql = "p.post_id = $post_id" . ((!$auth->acl_get('m_approve', $forum_id)) ? ' AND p.post_approved = 1' : '') . ' AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id' . ((!$auth->acl_get('m_approve', $forum_id)) ? ' AND p2.post_approved = 1' : '');
+$sql_array = array(
+ 'SELECT' => $select_sql,
+
+ 'FROM' => array(
+ FORUMS_TABLE => 'f',
+ )
+);
+
+$left_join = array();
- // This is for determining where we are (page)
- $join_sql .= ($sort_dir == 'd') ? " AND p2.post_id >= $post_id" : " AND p2.post_id <= $post_id";
-}
-$extra_fields = (!$post_id) ? '' : ', COUNT(p2.post_id) AS prev_posts';
-$extra_sql = '';
if ($user->data['is_registered'])
{
- $extra_fields .= ', tw.notify_status';
- $extra_sql .= ', tw.notify_status';
- $join_sql_table .= ' LEFT JOIN ' . TOPICS_WATCH_TABLE . ' tw ON (tw.user_id = ' . $user->data['user_id'] . '
- AND t.topic_id = tw.topic_id)';
+ $sql_array['SELECT'] .= ', tw.notify_status';
+ $group .= ', tw.notify_status';
+ $left_join[] = array(
+ 'FROM' => array(TOPICS_WATCH_TABLE => 'tw'),
+ 'ON' => 'tw.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tw.topic_id'
+ );
if ($config['allow_bookmarks'])
{
- $extra_fields .= ', bm.order_id as bookmarked';
- $extra_sql .= ', bm.order_id';
- $join_sql_table .= ' LEFT JOIN ' . BOOKMARKS_TABLE . ' bm ON (bm.user_id = ' . $user->data['user_id'] . '
- AND t.topic_id = bm.topic_id)';
+ $sql_array['SELECT'] .= ', bm.order_id as bookmarked';
+ $group .= ', bm.order_id';
+ $left_join[] = array(
+ 'FROM' => array(BOOKMARKS_TABLE => 'bm'),
+ 'ON' => 'bm.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = bm.topic_id'
+ );
}
if ($config['load_db_lastread'])
{
- $extra_fields .= ', tt.mark_time, ft.mark_time as forum_mark_time';
- $extra_sql .= ', tt.mark_time, ft.mark_time';
- $join_sql_table .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.user_id = ' . $user->data['user_id'] . '
- AND t.topic_id = tt.topic_id)';
-
- $join_sql_table .= ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . '
- AND t.forum_id = ft.forum_id)';
+ $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
+ $group .= ', tt.mark_time, ft.mark_time';
+ $left_join[] = array(
+ 'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
+ 'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
+ );
+ $left_join[] = array(
+ 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'),
+ 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND t.forum_id = ft.forum_id'
+ );
}
}
-$order_sql = (!$post_id) ? '' : 'GROUP BY p.post_id, ' . $select_sql . $extra_sql . ' ORDER BY p.post_id ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
+if (!$post_id)
+{
+ $sql_array['WHERE'] = "t.topic_id = $topic_id";
+}
+else
+{
+ $sql_array['WHERE'] = "p.post_id = $post_id AND t.topic_id = p.topic_id" . ((!$auth->acl_get('m_approve', $forum_id)) ? ' AND p.post_approved = 1' : '');
+ $sql_array['SELECT'] .= ', COUNT(p2.post_id) AS prev_posts';
+ $sql_array['GROUP_BY'] = 'p.post_id, ' . $select_sql . $group;
+ $sql_array['ORDER_BY'] = 'p.post_id ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
+ $sql_array['FROM'][POSTS_TABLE] = 'p';
+
+ $left_join[] = array(
+ 'FROM' => array(POSTS_TABLE => 'p2'),
+ 'ON' => 'p2.topic_id = t.topic_id AND p2.post_approved = 1 ' . (($sort_dir == 'd') ? "AND p2.post_id >= $post_id" : "AND p2.post_id <= $post_id")
+ );
+}
+$sql_array['LEFT_JOIN'] = $left_join;
+$sql_array['WHERE'] .= ' AND (f.forum_id = t.forum_id ' . ((!$forum_id) ? 'OR t.topic_type = ' . POST_GLOBAL : 'OR (t.topic_type = ' . POST_GLOBAL . " AND f.forum_id = $forum_id)") . ')';
+$sql_array['FROM'][TOPICS_TABLE] = 't';
// Join to forum table on topic forum_id unless topic forum_id is zero
// whereupon we join on the forum_id passed as a parameter ... this
// is done so navigation, forum name, etc. remain consistent with where
// user clicked to view a global topic
-$sql = "SELECT $select_sql $extra_fields
- FROM (" . FORUMS_TABLE . ' f' . ((!$post_id) ? '' : ', ' . POSTS_TABLE . ' p, ' . POSTS_TABLE . ' p2') . ', ' . TOPICS_TABLE . ' t) ' .
- $join_sql_table . "
- WHERE $join_sql
- AND (f.forum_id = t.forum_id
- " . ((!$forum_id) ? ' OR t.topic_type = ' . POST_GLOBAL : 'OR (t.topic_type = ' . POST_GLOBAL . " AND f.forum_id = $forum_id)") . "
- )
- $order_sql";
+$sql = $db->sql_build_query('SELECT', $sql_array);
+
$result = $db->sql_query($sql);
if (!($topic_data = $db->sql_fetchrow($result)))
@@ -775,11 +791,25 @@ if (!sizeof($post_list))
// We need to grab it because we do reverse ordering sometimes
$max_post_time = 0;
-$sql = 'SELECT u.username, u.user_id, u.user_colour, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_jabber, u.user_regdate, u.user_msnm, u.user_allow_viewemail, u.user_allow_viewonline, u.user_rank, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_warnings, z.friend, z.foe, p.*
- FROM (' . USERS_TABLE . ' u, ' . POSTS_TABLE . ' p)
- LEFT JOIN ' . ZEBRA_TABLE . ' z ON (z.user_id = ' . $user->data['user_id'] . ' AND z.zebra_id = p.poster_id)
- WHERE p.post_id IN (' . implode(', ', $post_list) . ')
- AND u.user_id = p.poster_id';
+$sql = $db->sql_build_query('SELECT', array(
+ 'SELECT' => 'u.username, u.user_id, u.user_colour, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_jabber, u.user_regdate, u.user_msnm, u.user_allow_viewemail, u.user_allow_viewonline, u.user_rank, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_warnings, z.friend, z.foe, p.*',
+
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ POSTS_TABLE => 'p',
+ ),
+
+ 'LEFT_JOIN' => array(
+ array(
+ 'FROM' => array(ZEBRA_TABLE => 'z'),
+ 'ON' => 'z.user_id = ' . $user->data['user_id'] . ' AND z.zebra_id = p.poster_id'
+ )
+ ),
+
+ 'WHERE' => 'p.post_id IN (' . implode(', ', $post_list) . ')
+ AND u.user_id = p.poster_id'
+));
+
$result = $db->sql_query($sql);
// Posts are stored in the $rowset array while $attach_list, $user_cache