Phoca Forum

Posted: **17 Nov 2011, 09:58**

Hi!

A while ago I posted a bug viewtopic.php?f=1&t=14419 when the random preview feature would show unauthorized pictures from protected sub-categories.

That is kind of fixed, but now (Phoca Gallery 3.1.0, Joomla 1.7.2), in those circumstances when in the old version the unauthorized image would be shown, sometimes the standard folder image is shown instead even if there were sub-categories with sufficient view levels.

This is because the function PhocaGalleryImageFront::getRandomCategory() does not check for access levels and can return a unauthorized sub-category which is only checked afterwards.

I propose this little fix:

file: \administrator\components\com_phocagallery\libraries\phocagallery\image\imagefront.php
line: 475

Code: Select all

function getRandomCategory($parentid, $ordering = ' ORDER BY RAND()') {
        $db 	=& JFactory::getDBO();
        $groups = JFactory::getUser()->getAuthorisedViewLevels();
        if (count($groups)) {
            $access = ' AND a.access IN(' . implode(',', $groups) . ')';
        } else {
            $access = '';
        }
		$query = 'SELECT a.id, a.extid' .
            ' FROM #__phocagallery_categories AS a' .
            ' WHERE a.parent_id = '.(int) $parentid.
            ' AND a.published = 1 ' . $access .
            $ordering;
		$db->setQuery($query);
	    $images = $db->loadObjectList();

        return $images;
    }

Kind regards,
Simon

Posted: **17 Nov 2011, 23:29**

Hi, thank you for this info.

I will take a look at it for next release.

Jan

Phoca Forum

[Bug report] [Fix] Random previews, inaccessible sub-cat

[Bug report] [Fix] Random previews, inaccessible sub-cat

Re: [Bug report] [Fix] Random previews, inaccessible sub-cat