/[drupal]/contributions/modules/userpoints/userpoints.module
ViewVC logotype

Diff of /contributions/modules/userpoints/userpoints.module

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

revision 1.67.2.47, Thu Oct 1 20:22:30 2009 UTC revision 1.67.2.48, Wed Oct 21 17:55:23 2009 UTC
# Line 1  Line 1 
1  <?php  <?php
2  //$Id: userpoints.module,v 1.67.2.46 2009/09/07 23:11:57 kbahey Exp $  //$Id: userpoints.module,v 1.67.2.47 2009/10/01 20:22:30 kbahey Exp $
3    
4  // Copyright 2005-2007 Khalid Baheyeldin http://2bits.com  // Copyright 2005-2007 Khalid Baheyeldin http://2bits.com
5    
# Line 1668  function userpoints_list_my_userpoints() Line 1668  function userpoints_list_my_userpoints()
1668    $approved_total = 0;    $approved_total = 0;
1669    
1670    global $user;    global $user;
1671    //First which user are we displaying?  
1672    $uid = db_escape_string(arg(1));    // User which are displaying points for
1673    if (!$uid) {    $uid = (int)arg(1);
1674      if ($uid) {
1675        if ($uid != $user->uid) {
1676          // If not the same as logged in user
1677                      drupal_access_denied();
1678          return;
1679        }
1680      }
1681      else {
1682        // Default to currently logged in user
1683      $uid = $user->uid;      $uid = $user->uid;
1684    }    }
1685    $point_user = user_load(array('uid' => $uid));    $point_user = user_load(array('uid' => $uid));
1686    /* //Removed as the newly introduced permission "view own userpoints" means that "view userpoints" allows users to  
1687       //view the user transactions of other users (i.e. line 1632 changed dramatically with the new permission)    // Check permissions
1688    if (!$point_user || !_userpoints_user_exists($uid)) {    if(!user_access(USERPOINTS_PERM_VIEW)) {
1689                  drupal_not_found();      // User has no access to view points
1690                  return;                  drupal_access_denied();
1691        return;
1692    }    }
1693    */  
1694    if(!user_access(USERPOINTS_PERM_VIEW) && !(user_access(USERPOINTS_PERM_VIEW_OWN) && $user->uid == $point_user->uid) ) {    if (!user_access(USERPOINTS_PERM_VIEW_OWN)) {
1695        // User has no access to view own points
1696                  drupal_access_denied();                  drupal_access_denied();
1697        return;
1698    }    }
1699    
1700    $title = t('!Points for ', userpoints_translation()) . $point_user->name;    $title = t('!Points for ', userpoints_translation()) . check_plain($point_user->name);
1701    drupal_set_title($title);    drupal_set_title($title);
1702    
1703     //Grab all tids for this user     //Grab all tids for this user
# Line 1727  function userpoints_list_my_userpoints() Line 1739  function userpoints_list_my_userpoints()
1739      array('data' => t('Category'), 'field' => 'cat'),      array('data' => t('Category'), 'field' => 'cat'),
1740      array('data' => t('Description'), 'field' => 'description'),      array('data' => t('Description'), 'field' => 'description'),
1741    );    );
1742    $sql  = "SELECT p.points, p.time_stamp, p.operation, p.description, p.status, p.tid,    $sql  = "SELECT p.points, p.time_stamp, p.operation, p.description, p.status, p.tid, t.name as cat , p.entity_id, p.entity_type
                   t.name as cat , p.entity_id, p.entity_type  
1743             FROM {userpoints_txn} p             FROM {userpoints_txn} p
1744             LEFT JOIN {term_data} t on p.tid = t.tid             LEFT JOIN {term_data} t on p.tid = t.tid
1745             WHERE p.uid = %d";             WHERE p.uid = %d";
Legend:
Removed from v.1.67.2.47  
changed lines
  Added in v.1.67.2.48
  ViewVC Help
Powered by ViewVC 1.1.2