mirror of
https://github.com/Pathduck/gallery3.git
synced 2026-04-24 22:49:17 -04:00
Simplify the descendent logic. viewable() already joins with the
items table so there's no need for a subquery. The subquery could generate way too many ids since it didn't pay attention to permissions. This isn't a security problem since we were restricting the item ids according to permissions in the outer query, but it's wasteful.
This commit is contained in:
@@ -35,17 +35,14 @@ class comment_rss_Core {
|
||||
|
||||
$comments = ORM::factory("comment")
|
||||
->viewable()
|
||||
->where("state", "=", "published")
|
||||
->order_by("created", "DESC");
|
||||
->where("comments.state", "=", "published")
|
||||
->order_by("comments.created", "DESC");
|
||||
|
||||
if ($feed_id == "item") {
|
||||
$item = ORM::factory("item", $id);
|
||||
$subquery = db::select("id")
|
||||
->from("items")
|
||||
->where("left_ptr", ">=", $item->left_ptr)
|
||||
->where("right_ptr", "<=", $item->right_ptr);
|
||||
$comments
|
||||
->where("item_id", "in", $subquery);
|
||||
->where("items.left_ptr", ">=", $item->left_ptr)
|
||||
->where("items.right_ptr", "<=", $item->right_ptr);
|
||||
}
|
||||
|
||||
$feed = new stdClass();
|
||||
@@ -65,6 +62,8 @@ class comment_rss_Core {
|
||||
ArrayObject::ARRAY_AS_PROPS);
|
||||
}
|
||||
|
||||
Kohana_Log::add("error",print_r(Database::instance()->last_query(),1));
|
||||
|
||||
$feed->max_pages = ceil($comments->count_all() / $limit);
|
||||
$feed->title = htmlspecialchars(t("Recent Comments"));
|
||||
$feed->uri = url::abs_site("albums/" . (empty($id) ? "1" : $id));
|
||||
|
||||
Reference in New Issue
Block a user