%%editor%%
2002-11-08 10:07

%%prequery%%
$this->policyId= '$Id: editor,v 1.14 2003/03/17 20:14:07 csnyder Exp $';

global $session;
// create SQL safety nets
if ($session->p_showDeleted==1) $this->statuswhere= " AND obj.status LIKE '%'  ";
else $this->statuswhere= " AND obj.status!= 'deleted' ";
$this->publicwhere= " AND obj.public LIKE '%' ";
$this->statusfolder= " AND folder.status!='deleted' ";
$this->publicfolder= " AND folder.public LIKE '%' ";

$this->sqlSafe= "$session->statuswhere $session->publicwhere";
$this->sqlSafeFolder= "$session->statusfolder $session->publicfolder";
berror("applyPolicy: created sqlSafe ($this->sqlSafe) and sqlSafeFolder ($this->sqlSafeFolder) from session:$session->id.",1);

// publishing settings controls
if ($sitemember->role=="admin" || $sitemember->rank >= 10000) $this->rankAllowed= 10000;
else $this->rankAllowed= $sitemember->rank;
$this->publicAllowed= 1;
$this->statusAllowed= "new,posted,hidden,deleted";

// why is this here???
if ($this->orderby!= "") {
	// do nothing
	}
elseif ($getvars[orderby]!="") {
if ($getvars[direction]!="") $direction= strtoupper(addslashes($getvars[direction]));
	$orderby= strtoupper(addslashes($getvars[orderby]));
	$this->orderby= "ORDER BY obj.$orderby $direction";
	}
else $this->orderby= "ORDER BY obj.id ASC";
if ($getvars[limit]!="") {
	$offset= strtoupper(addslashes($getvars[offset]));
	$limit= strtoupper(addslashes($getvars[limit]));
	if ($offset!="") $this->limit= "LIMIT $offset, $limit ";
	else $this->limit= "LIMIT $limit ";
	}
else $this->limit= "LIMIT 30 ";


%%addons%%
$this->canAddChild=1;
$this->canCreate=1;
$this->canSave[document]=1;
$this->canSave[image]=1;
$this->canSave[audio]=1;
$this->canSave[video]=1;
$this->canSave[comment]=1;
$this->canSave[sitemember]=1;
$this->canSave[member]=1;
$this->canSave[event]=1;

// these override the above...
$this->canSave[all]=1;
$this->canSavenew[all]=1;

%%end of policy%%
