Changeset 867

Timestamp:

03/03/10 20:57:52 (5 months ago)

Author:

frans

Message:

update: flag to 6.x-2.x-dev version

Location:

drupal-6/sites/all/modules/flag

Files:

• CVS (added)
• CVS/Entries (added)
• CVS/Repository (added)
• CVS/Root (added)
• CVS/Tag (added)
• CVS/Template (added)
• LICENSE.txt (added)
• README.txt (modified) (3 diffs)
• flag.inc (modified) (48 diffs)
• flag.info (modified) (1 diff)
• flag.install (modified) (11 diffs)
• flag.module (modified) (45 diffs)
• flag_actions.info (modified) (1 diff)
• flag_actions.install (modified) (3 diffs)
• flag_actions.module (modified) (18 diffs)
• includes/CVS (added)
• includes/CVS/Entries (added)
• includes/CVS/Repository (added)
• includes/CVS/Root (added)
• includes/CVS/Tag (added)
• includes/CVS/Template (added)
• includes/flag.actions.inc (added)
• includes/flag.activity.inc (added)
• includes/flag.admin.inc (added)
• includes/flag.export.inc (added)
• includes/flag.features.inc (added)
• includes/flag.rules.inc (modified) (6 diffs)
• includes/flag.services.inc (added)
• includes/flag.views_default.inc (modified) (2 diffs)
• includes/flag_handler_field_ops.inc (modified) (4 diffs)
• includes/flag_handler_filter_flagged.inc (modified) (2 diffs)
• includes/flag_handler_relationships.inc (modified) (3 diffs)
• includes/flag_plugin_argument_validate_flaggability.inc (modified) (2 diffs)
• tests/flag.test (modified) (4 diffs)
• theme/CVS (added)
• theme/CVS/Entries (added)
• theme/CVS/Repository (added)
• theme/CVS/Root (added)
• theme/CVS/Tag (added)
• theme/CVS/Template (added)
• theme/flag-admin.css (added)
• theme/flag-admin.js (added)
• theme/flag.js (modified) (4 diffs)
• theme/flag.tpl.php (modified) (2 diffs)
• translations/CVS (added)
• translations/CVS/Entries (added)
• translations/CVS/Repository (added)
• translations/CVS/Root (added)
• translations/CVS/Tag (added)
• translations/CVS/Template (added)
• translations/da.po (added)
• translations/fr.po (added)

drupal-6/sites/all/modules/flag/README.txt

@@ -1 @@
-// $Id: README.txt,v 1.1.4.6 2008/10/07 16:41:26 mooffie Exp $
+// $Id: README.txt,v 1.1.4.6.2.1 2009/10/28 00:01:31 quicksketch Exp $
 
 You may want to visit the handbook of this module, at:
@@ -46 +46 @@
 displays possible relating to the number of times an item has been flagged.
 
-This module was formerly known as Views Bookmark.
+This module was formerly known as Views Bookmark, which was originally was
+written by Earl Miles. Flag was written by Nathan Haug and mystery man Mooffie.
 
-Ongoing development by Nathan Haug and mystery man Mooffie.
-
-Originally written by Earl Miles.
+This module built by robots: http://www.lullabot.com
 
 Recommended Modules
 -------------------
 - Views
+- Session API
 
 Installation
@@ -61 +61 @@
 
 2) Enable the module using Administer -> Modules (/admin/build/modules)
+
+Optional Installation
+---------------------
+1) The ability for anonymous users to flag content is provided by the Session
+   API module, available at http://drupal.org/project/session_api.
 
 Configuration

drupal-6/sites/all/modules/flag/flag.inc

@@ -1 +1 @@
 <?php
-// $Id: flag.inc,v 1.1.2.32 2010/01/08 05:00:45 quicksketch Exp $
+// $Id: flag.inc,v 1.1.2.30.2.20 2010/01/08 05:14:24 quicksketch Exp $
 
 /**
@@ -110 +110 @@
   // database columns.
   var $title = '';
-  var $roles = array(DRUPAL_AUTHENTICATED_RID);
   var $global = FALSE;
   // The sub-types, e.g. node types, this flag applies to.
@@ -137 +136 @@
     unset($flag->options, $flag->type);
 
-    $options = (array)unserialize($row->options);
+    // Populate the options with the defaults.
+    $options = (array) unserialize($row->options);
+    $options += $flag->options();
+
     // Make the unserialized options accessible as normal properties.
     foreach ($options as $option => $value) {
@@ -148 +150 @@
     }
 
-    $flag->roles = empty($row->roles) ? array() : explode(',', $row->roles);
-
     return $flag;
   }
@@ -185 +185 @@
    * Derived classes should want to override this.
    */
-  function default_options() {
-    return array(
+  function options() {
+    $options = array(
       'flag_short' => '',
       'flag_long' => '',
       'flag_message' => '',
-      'flag_confirmation' => '',
       'unflag_short' => '',
       'unflag_long' => '',
       'unflag_message' => '',
-      'unflag_confirmation' => '',
+      'unflag_denied_text' => '',
       'link_type' => 'toggle',
-    );
+      'roles' => array(
+        'flag' => array(DRUPAL_AUTHENTICATED_RID),
+        'unflag' => array(DRUPAL_AUTHENTICATED_RID),
+      ),
+    );
+
+    // Merge in options from the current link type.
+    $link_type = $this->get_link_type();
+    $options = array_merge($options, $link_type['options']);
+
+    // Allow other modules to change the flag options.
+    drupal_alter('flag_options', $options, $this);
+    return $options;
   }
 
@@ -211 +222 @@
    */
   function construct() {
-    $options = $this->default_options();
+    $options = $this->options();
     foreach ($options as $option => $value) {
       $this->$option = $value;
@@ -227 +238 @@
     }
     // But checkboxes need some massaging:
-    $this->roles = array_values(array_filter($this->roles));
+    $this->roles['flag'] = array_values(array_filter($this->roles['flag']));
+    $this->roles['unflag'] = array_values(array_filter($this->roles['unflag']));
     $this->types = array_values(array_filter($this->types));
     // Clear internal titles cache:
@@ -234 +246 @@
 
   /**
-   * Validates a flag settings
+   * Validates this flag's options.
+   *
+   * @return
+   *   A list of errors encountered while validating this flag's options.
    */
   function validate() {
-    $this->validate_name();
-  }
-
+    // TODO: It might be nice if this used automatic method discovery rather
+    // than hard-coding the list of validate functions.
+    return array_merge_recursive(
+      $this->validate_name(),
+      $this->validate_access()
+    );
+  }
+
+  /**
+   * Validates that the current flag's name is valid.
+   */
   function validate_name() {
+    $errors = array();
+
     // Ensure a safe machine name.
     if (!preg_match('/^[a-z_][a-z0-9_]*$/', $this->name)) {
-      form_set_error('name', t('The flag name may only contain lowercase letters, underscores, and numbers.'));
+      $errors['name'][] = array(
+        'error' => 'flag_name_characters',
+        'message' => t('The flag name may only contain lowercase letters, underscores, and numbers.'),
+      );
     }
     // Ensure the machine name is unique.
-    if (!isset($this->fid)) {
-      $flag = flag_get_flag($this->name);
-      if (!empty($flag)) {
-        form_set_error('name', t('Flag names must be unique. This flag name is already in use.'));
-      }
-    }
+    $flag = flag_get_flag($this->name);
+    if (!empty($flag) && (!isset($this->fid) || $flag->fid != $this->fid)) {
+      $errors['name'][] = array(
+        'error' => 'flag_name_unique',
+        'message' => t('Flag names must be unique. This flag name is already in use.'),
+      );
+    }
+
+    return $errors;
+  }
+
+  /**
+   * Validates that the current flag's access settings are valid.
+   */
+  function validate_access() {
+    $errors = array();
+
+    // Require an unflag access denied message a role is not allowed to unflag.
+    if (empty($this->unflag_denied_text)) {
+      foreach ($this->roles['flag'] as $key => $rid) {
+        if ($rid && empty($this->roles['unflag'][$key])) {
+          $errors['unflag_denied_text'][] = array(
+            'error' => 'flag_denied_text_required',
+            'message' => t('The "Unflag not allowed text" is required if any user roles are not allowed to unflag.'),
+          );
+          break;
+        }
+      }
+    }
+
+    // Do not allow unflag access without flag access.
+    foreach ($this->roles['unflag'] as $key => $rid) {
+      if ($rid && empty($this->roles['flag'][$key])) {
+        $errors['roles'][] = array(
+          'error' => 'flag_roles_unflag',
+          'message' => t('Any user role that has the ability to unflag must also have the ability to flag.'),
+        );
+        break;
+      }
+    }
+
+    return $errors;
   }
 
@@ -294 +358 @@
 
   /**
+   * @defgroup access Access control
+   * @{
+   */
+
+  /**
    * Returns TRUE if the flag applies to the given content.
    * Derived classes must implement this.
@@ -315 +384 @@
 
   /**
+   * Returns TRUE if user has access to use this flag.
+   *
+   * @param $action
+   *   Optional. The action to test, either "flag" or "unflag". If none given,
+   *   "flag" will be tested, which is the minimum permission to use a flag.
+   * @param $account
+   *   Optional. The user object. If none given, the current user will be used.
+   *
+   * @return
+   *   Boolean TRUE if the user is allowed to flag/unflag. FALSE otherwise.
+   */
+  function user_access($action = 'flag', $account = NULL) {
+    if (!isset($account)) {
+      $account = $GLOBALS['user'];
+    }
+
+    // Anonymous user can't use this system unless Session API is installed.
+    if ($account->uid == 0 && !module_exists('session_api')) {
+      return FALSE;
+    }
+
+    $matched_roles = array_intersect($this->roles[$action], array_keys($account->roles));
+    return !empty($matched_roles) || $account->uid == 1;
+  }
+
+  /**
+   * Returns TRUE if the user can flag, or unflag, the given content.
+   *
+   * @param $content_id
+   *   The content ID to flag/unflag.
+   * @param $account
+   *   The user on whose behalf to test the flagging action. Leave NULL for the
+   *   current user.
+   * @param $action
+   *   The action to test. Either 'flag' or 'unflag'. Leave NULL to determine
+   *   by flag status.
+   */
+  function access($content_id, $action = NULL, $account = NULL) {
+    if (!isset($account)) {
+      $account = $GLOBALS['user'];
+    }
+
+    if (isset($content_id) && !$this->applies_to_content_id($content_id) ){
+      // Flag does not apply to this content.
+      return FALSE;
+    }
+
+    if (!isset($action)) {
+      $uid = $account->uid;
+      $sid = flag_get_sid($uid);
+      $action = $this->is_flagged($content_id, $uid, $sid) ? 'unflag' : 'flag';
+    }
+
+    // Base initial access on the user's basic permission to use this flag.
+    $access = $this->user_access($action, $account);
+
+    // Allow modules to disallow (or allow) access to flagging.
+    $access_array = module_invoke_all('flag_access', $this, $content_id, $action, $account);
+
+    foreach ($access_array as $set_access) {
+      if (isset($set_access)) {
+        $access = $set_access;
+      }
+    }
+
+    return $access;
+  }
+
+  /**
+   * Similar to access() but works on multiple IDs at once. It is called in the
+   * pre_render() stage of the 'Flag links' field within Views to find out where
+   * that link applies. The reason we do a separate DB query, and not lump this
+   * test in the Views query, is to make 'many to one' tests possible without
+   * interfering with the rows, and also to reduce the complexity of the code.
+   *
+   * @param $content_ids
+   *   The array of content IDs to check. The keys are the content IDs, the
+   *   values are the actions to test: either 'flag' or 'unflag'.
+   * @param $account
+   *   Optional. The account for which the actions will be compared against.
+   *   If left empty, the current user will be used.
+   */
+  function access_multiple($content_ids, $account = NULL) {
+    $account = isset($account) ? $account : $GLOBALS['user'];
+    $access = array();
+
+    // First check basic user access for this action.
+    foreach ($content_ids as $content_id => $action) {
+      $access[$content_id] = $this->user_access($content_ids[$content_id], $account);
+    }
+
+    // Merge in module-defined access.
+    foreach (module_implements('flag_access_multiple') as $module) {
+      $module_access = module_invoke($module, 'flag_access_multiple', $this, $content_ids, $account);
+      foreach ($module_access as $content_id => $content_access) {
+        if (isset($content_access)) {
+          $access[$content_id] = $content_access;
+        }
+      }
+    }
+
+    return $access;
+  }
+
+  /**
+   * @} End of "defgroup access".
+   */
+
+  /**
    * Given a content object, returns its ID.
    * Derived classes must implement this.
@@ -333 +511 @@
 
   /**
-   * Returns TRUE if user has access to use this flag.
-   *
-   * @param $account
-   *   Optional. The user object. If none given, the current user will be used.
-   *
-   * @return
-   *   Boolean TRUE if the user is allowed to flag/unflag. FALSE otherwise.
-   */
-  function user_access($account = NULL) {
-    if (!isset($account)) {
-      $account = $GLOBALS['user'];
-    }
-    $matched_roles = array_intersect($this->roles, array_keys($account->roles));
-    return !empty($matched_roles) || empty($this->roles) || $account->uid == 1;
-  }
-
-  /**
-   * Flags, on unflags, an item.
+   * Returns TRUE if this flag requires anonymous user cookies.
+   */
+  function uses_anonymous_cookies() {
+    global $user;
+    return $user->uid == 0 && variable_get('cache', CACHE_DISABLED) > 0;
+  }
+
+  /**
+   * Flags, or unflags, an item.
    *
    * @param $action
@@ -371 +540 @@
       return FALSE;
     }
-
-    if (!$account->uid) {
-      // Anonymous users can't flag with this system. For now.
-      //
-      // @todo This is legacy code. $flag->user_access() should handle this.
-      // This will also make it posible to have flags that do support anonymous
-      // users.
-      return FALSE;
-    }
-
-    if (!$skip_permission_check && !$this->user_access($account)) {
-      // User has no permission to use this flag.
-      return FALSE;
-    }
-    if (!$this->applies_to_content_id($content_id)) {
-      // Flag does not apply to this content.
-      return FALSE;
+    if (!$skip_permission_check) {
+      if (!$this->access($content_id, $action, $account)) {
+        // User has no permission to flag/unflag this object.
+        return FALSE;
+      }
+    }
+    else {
+      // We are skipping permission checks. However, at a minimum we must make
+      // sure the flag applies to this content type:
+      if (!$this->applies_to_content_id($content_id)) {
+        return FALSE;
+      }
     }
 
@@ -393 +557 @@
     // wrong counts or false flaggings.
     flag_get_counts(NULL, NULL, TRUE);
-    flag_get_user_flags(NULL, NULL, NULL, TRUE);
+    flag_get_user_flags(NULL, NULL, NULL, NULL, TRUE);
 
     // Perform the flagging or unflagging of this flag.
     $uid = $this->global ? 0 : $account->uid;
-    $flagged = $this->_is_flagged($content_id, $uid);
-    if ($action == 'unflag' && $flagged) {
-      $this->_unflag($content_id, $uid);
-      // Let other modules perform actions.
-      module_invoke_all('flag', 'unflag', $this, $content_id, $account);
-    }
-    elseif ($action == 'flag' && !$flagged) {
-      $this->_flag($content_id, $uid);
-      // Let other modules perform actions.
-      module_invoke_all('flag', 'flag', $this, $content_id, $account);
+    $sid = $this->global ? 0 : flag_get_sid($uid);
+    $flagged = $this->_is_flagged($content_id, $uid, $sid);
+    if ($action == 'unflag') {
+      if ($this->uses_anonymous_cookies()) {
+        $this->_unflag_anonymous($content_id);
+      }
+      if ($flagged) {
+        $fcid = $this->_unflag($content_id, $uid, $sid);
+        module_invoke_all('flag', 'unflag', $this, $content_id, $account, $fcid);
+      }
+    }
+    elseif ($action == 'flag') {
+      if ($this->uses_anonymous_cookies()) {
+        $this->_flag_anonymous($content_id);
+      }
+      if (!$flagged) {
+        $fcid = $this->_flag($content_id, $uid, $sid);
+        module_invoke_all('flag', 'flag', $this, $content_id, $account, $fcid);
+      }
     }
 
@@ -422 +595 @@
    *   current user will be used.
    */
-  function is_flagged($content_id, $uid = NULL) {
-    $uid = !isset($uid) ? $GLOBALS['user']->uid : $uid;
+  function is_flagged($content_id, $uid = NULL, $sid = NULL) {
+    $uid = $this->global ? 0 : (!isset($uid) ? $GLOBALS['user']->uid : $uid);
+    $sid = $this->global ? 0 : (!isset($sid) ? flag_get_sid($uid) : $sid);
+
     // flag_get_user_flags() does caching.
-    $user_flags = flag_get_user_flags($this->content_type, $content_id, $uid);
+    $user_flags = flag_get_user_flags($this->content_type, $content_id, $uid, $sid);
     return isset($user_flags[$this->name]);
   }
@@ -441 +616 @@
    * @private
    */
-  function _is_flagged($content_id, $uid) {
-    return db_result(db_query("SELECT fid FROM {flag_content} WHERE fid = %d AND uid = %d AND content_id = %d", $this->fid, $uid, $content_id));
+  function _is_flagged($content_id, $uid, $sid) { 
+    return db_result(db_query("SELECT fid FROM {flag_content} WHERE fid = %d AND uid = %d AND sid = %d AND content_id = %d", $this->fid, $uid, $sid, $content_id));
   }
 
@@ -453 +628 @@
    * @private
    */
-  function _flag($content_id, $uid) {
-    db_query("INSERT INTO {flag_content} (fid, content_type, content_id, uid, timestamp) VALUES (%d, '%s', %d, %d, %d)", $this->fid, $this->content_type, $content_id, $uid, time());
+  function _flag($content_id, $uid, $sid) {
+    db_query("INSERT INTO {flag_content} (fid, content_type, content_id, uid, sid, timestamp) VALUES (%d, '%s', %d, %d, %d, %d)", $this->fid, $this->content_type, $content_id, $uid, $sid, time());
+    $fcid = db_last_insert_id('flag_content', 'fcid');
     $this->_update_count($content_id);
+    return $fcid;
   }
 
@@ -466 +643 @@
    * @private
    */
-  function _unflag($content_id, $uid) {
-    db_query("DELETE FROM {flag_content} WHERE fid = %d AND uid = %d AND content_id = %d", $this->fid, $uid, $content_id);
-    $this->_update_count($content_id);
+  function _unflag($content_id, $uid, $sid) {
+    $fcid = db_result(db_query("SELECT fcid FROM {flag_content} WHERE fid = %d AND content_id = %d AND uid = %d AND sid = %d", $this->fid, $content_id, $uid, $sid));
+    if ($fcid) {
+      db_query("DELETE FROM {flag_content} WHERE fcid = %d", $fcid);
+      $this->_update_count($content_id);
+    }
+    // Remove anonymous cookies (if any).
+    if (isset($_COOKIE['flag'][$this->name . '_' . $content_id])) {
+      unset($_COOKIE['flags'][$this->name . '_' . $content_id]);
+    }
+    return $fcid;
   }
 
@@ -490 +675 @@
 
   /**
+   * Set a cookie for anonymous users to record their flagging.
+   *
+   * @private
+   */
+  function _flag_anonymous($content_id) {
+    // Global flags persist for the length of the minimum cache lifetime.
+    if ($this->global) {
+      $cookie_key = 'flag_global_' . str_replace('_', '-', $this->name) . '_' . $content_id;
+      $cookie_lifetime = (variable_get('cache', 0) > CACHE_DISABLED) ? variable_get('cache_lifetime', 0) : -1;
+      // Do not let the cookie lifetime be 0 (which is the no cache limit on
+      // anonymous page caching), since it would expire immediately. Usually
+      // the no cache limit means caches are cleared on cron, which usually runs
+      // at least once an hour.
+      if ($cookie_lifetime == 0) {
+        $cookie_lifetime = 3600;
+      }
+      setcookie($cookie_key, 1, time() + $cookie_lifetime, base_path());
+      $_COOKIE[$cookie_key] = 1;
+    }
+    // The anonymous per-user flags are stored in a single cookie, so that all
+    // of them persist as long as the Drupal cookie lifetime.
+    else {
+      $cookie_flags = isset($_COOKIE['flags']) ? $_COOKIE['flags'] : '';
+      $cookie_flags = explode(' ', $cookie_flags);
+      $cookie_key = str_replace('_', '-', $this->name) . '_' . $content_id;
+      $cookie_lifetime = min((int) ini_get('session.cookie_lifetime'), (int) ini_get('session.gc_maxlifetime'));
+      if (array_search($cookie_key, $cookie_flags) === FALSE) {
+        $cookie_flags[] = $cookie_key;
+        $cookie_flags = implode(' ', array_filter($cookie_flags));
+        setcookie('flags', $cookie_flags, time() + $cookie_lifetime, base_path());
+        $_COOKIE['flags'] = $cookie_flags;
+      }
+    }
+  }
+
+  /**
+   * Remove the cookie for anonymous users to record their unflagging.
+   *
+   * @private
+   */
+  function _unflag_anonymous($content_id) {
+    // Global flags are easy, just delete the global cookie.
+    if ($this->global) {
+      $cookie_key = 'flag_global_' . str_replace('_', '-', $this->name) . '_' . $content_id;
+      $cookie_lifetime = (variable_get('cache', 0) > CACHE_DISABLED) ? variable_get('cache_lifetime', 0) : -1;
+      // Do not let the cookie lifetime be 0 (which is the no cache limit on
+      // anonymous page caching), since it would expire immediately. Usually
+      // the no cache limit means caches are cleared on cron, which usually runs
+      // at least once an hour.
+      if ($cookie_lifetime == 0) {
+        $cookie_lifetime = 3600;
+      }
+      setcookie($cookie_key, 0, time() + $cookie_lifetime, base_path());
+      $_COOKIE[$cookie_key] = 0;
+    }
+    // User flags, update the single cookie for all user-data.
+    else {
+      $cookie_flags = isset($_COOKIE['flags']) ? $_COOKIE['flags'] : '';
+      $cookie_flags = explode(' ', $cookie_flags);
+      $cookie_key = str_replace('_', '-', $this->name) . '_' . $content_id;
+      $cookie_lifetime = min((int) ini_get('session.cookie_lifetime'), (int) ini_get('session.gc_maxlifetime'));
+      $cookie_index = array_search($cookie_key, $cookie_flags);
+      if ($cookie_index !== FALSE) {
+        unset($cookie_flags[$cookie_index]);
+        $cookie_flags = implode(' ', $cookie_flags);
+        setcookie('flags', $cookie_flags, $cookie_lifetime, base_path());
+        $_COOKIE['flags'] = $cookie_flags;
+      }
+    }
+  }
+
+  /**
    * Returns the number of times an item is flagged.
    *
@@ -503 +760 @@
    * Returns the number of items a user has flagged.
    *
-   * For global flags, pass '0' as the user ID.
-   */
-  function get_user_count($uid) {
-    return db_result(db_query('SELECT COUNT(*) FROM {flag_content} WHERE fid = %d AND uid = %d', $this->fid, $uid));
+   * For global flags, pass '0' as the user ID and session ID.
+   */
+  function get_user_count($uid, $sid) {
+    return db_result(db_query('SELECT COUNT(*) FROM {flag_content} WHERE fid = %d AND uid = %d AND sid = %d', $this->fid, $uid, $sid));
   }
 
@@ -537 +794 @@
 
   /**
+   * Get the link type for this flag.
+   */
+  function get_link_type() {
+    $link_types = flag_get_link_types();
+    return (isset($this->link_type) && isset($link_types[$this->link_type])) ? $link_types[$this->link_type] : $link_types['normal'];
+  }
+
+  /**
    * Replaces tokens in a label. Only the 'global' token context is regognized
    * by default, so derived classes should override this method to add all
@@ -641 +906 @@
     return array();
   }
-  
+
   /**
    * Defines the Rules argument for flag actions or conditions
@@ -648 +913 @@
     return array();
   }
-  
+
   /**
    * @} End of "addtogroup rules".
@@ -671 +936 @@
 
   /**
-   * Similar to applies_to_content_id() but works on a bunch of IDs. It is
-   * called in the pre_render() stage of the 'Flag links' field to find out where
-   * that link applies. The reason we do a separate DB query, and not lump this
-   * test in the Views query, is to make 'many to one' tests possible without
-   * interfering with the rows, and also to reduce the complexity of the code.
-   */
-  function applies_to_content_id_array($content_ids) {
-    return array();
-  }
-
-  /**
    * @} End of "addtogroup views".
    */
@@ -691 +945 @@
     if (isset($this->fid)) {
       $this->update();
+      $this->is_new = FALSE;
     }
     else {
       $this->insert();
-    }
+      $this->is_new = TRUE;
+    }
+    // Clear the page cache for anonymous users.
+    cache_clear_all('*', 'cache_page', TRUE);
   }
 
@@ -701 +959 @@
    */
   function update() {
-    db_query("UPDATE {flags} SET name = '%s', title = '%s', roles = '%s', global = %d, options = '%s' WHERE fid = %d", $this->name, $this->title, implode(',', $this->roles), $this->global, $this->get_serialized_options(), $this->fid);
+    db_query("UPDATE {flags} SET name = '%s', title = '%s', global = %d, options = '%s' WHERE fid = %d", $this->name, $this->title, $this->global, $this->get_serialized_options(), $this->fid);
     db_query("DELETE FROM {flag_types} WHERE fid = %d", $this->fid);
     foreach ($this->types as $type) {
@@ -712 +970 @@
    */
   function insert() {
-    if (function_exists('db_last_insert_id')) {
-      // Drupal 6. We have a 'serial' primary key.
-      db_query("INSERT INTO {flags} (content_type, name, title, roles, global, options) VALUES ('%s', '%s', '%s', '%s', %d, '%s')", $this->content_type, $this->name, $this->title, implode(',', $this->roles), $this->global, $this->get_serialized_options());
-      $this->fid = db_last_insert_id('flags', 'fid');
-    }
-    else {
-      // Drupal 5. We have an 'integer' primary key.
-      $this->fid = db_next_id('{flags}_fid');
-      db_query("INSERT INTO {flags} (fid, content_type, name, title, roles, global, options) VALUES (%d, '%s', '%s', '%s', '%s', %d, '%s')", $this->fid, $this->content_type, $this->name, $this->title, implode(',', $this->roles), $this->global, $this->get_serialized_options());
-    }
+    db_query("INSERT INTO {flags} (content_type, name, title, global, options) VALUES ('%s', '%s', '%s', %d, '%s')", $this->content_type, $this->name, $this->title, $this->global, $this->get_serialized_options());
+    $this->fid = db_last_insert_id('flags', 'fid');
     foreach ($this->types as $type) {
       db_query("INSERT INTO {flag_types} (fid, type) VALUES (%d, '%s')", $this->fid, $type);
@@ -731 +981 @@
    */
   function get_serialized_options() {
-    $option_names = array_keys($this->default_options());
+    $option_names = array_keys($this->options());
     $options = array();
     foreach ($option_names as $option) {
@@ -778 +1028 @@
    */
   function theme($action, $content_id, $after_flagging = FALSE) {
-    if (!_flag_is_drupal_5()) {
-      // We're running Drupal 6.
-      return theme($this->theme_suggestions(), $this, $action, $content_id, $after_flagging);
-    }
-    else {
-      // We're running Drupal 5. Noting to do: The theme_suggestions[] are
-      // handed to phptemplate in phptemplate_flag(), if the user bothered to
-      // copy that function into her 'template.php'.
-      return theme('flag', $this, $action, $content_id, $after_flagging);
-    }
+    static $js_added = array();
+
+    // If the flagging user is anonymous and the page cache is enabled, always
+    // show the "flag" link, and then set the unflag link through JavaScript.
+    if ($this->uses_anonymous_cookies() && !$after_flagging) {
+      $js_action = $this->global ? ($action == 'flag' ? 'unflag' : 'flag') : 'flag';
+      if (!isset($js_added[$this->name . '_' . $content_id])) {
+        $js_added[$this->name . '_' . $content_id] = TRUE;
+        $js_template = theme($this->theme_suggestions(), $this, 'unflag', $content_id, $after_flagging);
+        drupal_add_js(array('flag' => array('templates' => array($this->name . '_' . $content_id => $js_template))), 'setting');
+      }
+    }
+
+    return theme($this->theme_suggestions(), $this, $action, $content_id, $after_flagging);
   }
 
@@ -805 +1059 @@
  */
 class flag_node extends flag_flag {
-  function default_options() {
-    $options = parent::default_options();
+  function options() {
+    $options = parent::options();
     $options += array(
       'show_on_page' => TRUE,
       'show_on_teaser' => TRUE,
       'show_on_form' => FALSE,
+      'access_author' => '',
       'i18n' => 0,
     );
@@ -818 +1073 @@
   function options_form(&$form) {
     parent::options_form($form);
-    // Note there isn't a translation helpers module in Drupal 5,
-    // this feature is essentially Drupal 6 only.
+    // Support for i18n flagging requires Translation helpers module.
     $form['i18n'] = array(
       '#type' => 'radios',
@@ -832 +1086 @@
       '#weight' => 5,
     );
+
+    $form['access']['access_author'] = array(
+      '#type' => 'radios',
+      '#title' => t('Flag access by content authorship'),
+      '#options' => array(
+        '' => t('No additional restrictions'),
+        'own' => t('Users may only flag content they own'),
+        'others' => t('Users may only flag content of others'),
+      ),
+      '#default_value' => $this->access_author,
+      '#description' => t("Restrict access to this flag based on the user's ownership of the content. Users must also have access to the flag through the role settings."),
+    );
+
     $form['display']['show_on_teaser'] = array(
       '#type' => 'checkbox',
@@ -864 +1131 @@
   }
 
+  function access_multiple($content_ids, $account = NULL) {
+    $access = parent::access_multiple($content_ids, $account);
+
+    // Ensure that only flaggable node types are granted access. This avoids a
+    // node_load() on every type, usually done by applies_to_content_id().
+    $nids = implode(',', array_map('intval', array_keys($content_ids)));
+    $placeholders = implode(',', array_fill(0, sizeof($this->types), "'%s'"));
+    $result = db_query("SELECT nid as content_id FROM {node} WHERE nid IN ($nids) AND type NOT IN ($placeholders)", $this->types);
+    while ($row = db_fetch_object($result)) {
+      $access[$row->content_id] = FALSE;
+    }
+
+    return $access;
+  }
+
   function get_content_id($node) {
     return $node->nid;
@@ -898 +1180 @@
   }
 
-
-  function is_flagged($content_id, $uid = NULL) {
+  function is_flagged($content_id, $uid = NULL, $sid = NULL) {
     $content_id = $this->get_translation_id($content_id);
-    return parent::is_flagged($content_id, $uid);
+    return parent::is_flagged($content_id, $uid, $sid);
   }
 
@@ -909 +1190 @@
 
   function replace_tokens($label, $contexts, $content_id) {
-    if ($content_id && ($node = $this->fetch_content($content_id))) {
+    if (is_numeric($content_id) && ($node = $this->fetch_content($content_id))) {
       $contexts['node'] = $node;
+    }
+    // Nodes accept the node-type as a $content_id in the case that a new node
+    // is being created and a full node object does not yet exist.
+    elseif (!empty($content_id) && ($type = node_get_types('type', $content_id))) {
+      $content_id = NULL;
+      $contexts['node'] = (object) array(
+        'nid' => NULL,
+        'type' => $type->type,
+        'title' => '',
+      );
     }
     return parent::replace_tokens($label, $contexts, $content_id);
@@ -948 +1239 @@
     );
   }
-  
+
   function rules_get_element_argument_definition() {
     return array('type' => 'node', 'label' => t('Flagged content'));
@@ -964 +1255 @@
     );
   }
-
-  function applies_to_content_id_array($content_ids) {
-    $passed = array();
-    $content_ids  = implode(',', array_map('intval', $content_ids));
-    $placeholders = implode(',', array_fill(0, sizeof($this->types), "'%s'"));
-    $result = db_query("SELECT nid FROM {node} WHERE nid IN ($content_ids) AND type in ($placeholders)", $this->types);
-    while ($row = db_fetch_object($result)) {
-      $passed[$row->nid] = TRUE;
-    }
-    return $passed;
-  }
-
 }
 
@@ -982 +1261 @@
  */
 class flag_comment extends flag_flag  {
-  function default_options() {
-    $options = parent::default_options();
+  function options() {
+    $options = parent::options();
     $options += array(
+      'access_author' => '',
       'show_on_comment' => TRUE,
     );
@@ -992 +1272 @@
   function options_form(&$form) {
     parent::options_form($form);
+
+    $form['access']['access_author'] = array(
+      '#type' => 'radios',
+      '#title' => t('Flag access by content authorship'),
+      '#options' => array(
+        '' => t('No additional restrictions'),
+        'comment_own' => t('Users may only flag own comments'),
+        'comment_others' => t('Users may only flag comments by others'),
+        'node_own' => t('Users may only flag comments of nodes they own'),
+        'node_others' => t('Users may only flag comments of nodes by others'),
+      ),
+      '#default_value' => $this->access_author,
+      '#description' => t("Restrict access to this flag based on the user's ownership of the content. Users must also have access to the flag through the role settings."),
+    );
+
     $form['display']['show_on_comment'] = array(
       '#type' => 'checkbox',
@@ -1009 +1304 @@
     }
     return FALSE;
+  }
+
+  function access_multiple($content_ids, $account = NULL) {
+    $account = isset($account) ? $account : $GLOBALS['user'];
+    $access = parent::access_multiple($content_ids, $account);
+
+    // Ensure node types are granted access. This avoids a
+    // node_load() on every type, usually done by applies_to_content_id().
+    $cids = implode(',', array_map('intval', array_keys($content_ids)));
+    $placeholders = implode(',', array_fill(0, sizeof($this->types), "'%s'"));
+    $result = db_query("SELECT cid as content_id FROM {comments} c INNER JOIN {node} n ON c.nid = n.nid WHERE cid IN ($cids) and n.type NOT IN ($placeholders)", $this->types);
+    while ($row = db_fetch_object($result)) {
+      $access[$row->content_id] = FALSE;
+    }
+
+    return $access;
   }
 
@@ -1063 +1374 @@
     );
   }
-  
+
   function rules_get_element_argument_definition() {
     return array('type' => 'comment', 'label' => t('Flagged comment'));
@@ -1079 +1390 @@
     );
   }
-
-  function applies_to_content_id_array($content_ids) {
-    $passed = array();
-    $content_ids  = implode(',', array_map('intval', $content_ids));
-    $placeholders = implode(',', array_fill(0, sizeof($this->types), "'%s'"));
-    $result = db_query("SELECT cid FROM {comments} c INNER JOIN {node} n ON c.nid = n.nid WHERE cid IN ($content_ids) and n.type IN ($placeholders)", $this->types);
-    while ($row = db_fetch_object($result)) {
-      $passed[$row->cid] = TRUE;
-    }
-    return $passed;
-  }
 }
 
@@ -1096 +1396 @@
  */
 class flag_user extends flag_flag {
-  function default_options() {
-    $options = parent::default_options();
+  function options() {
+    $options = parent::options();
     $options += array(
       'show_on_profile' => TRUE,
+      'access_uid' => '',
     );
     return $options;
@@ -1106 +1407 @@
   function options_form(&$form) {
     parent::options_form($form);
-    $form['types'] = array(
-      // A user flag doesn't support node types. (Maybe will support roles instead, in the future.)
+    $form['access']['types'] = array(
+      // A user flag doesn't support node types.
+      // TODO: Maybe support roles instead of node types.
       '#type' => 'value',
       '#value' => array(0 => 0),
+    );
+    $form['access']['access_uid'] = array(
+      '#type' => 'checkbox',
+      '#title' => t('Users may flag themselves'),
+      '#description' => t('Disabling this option may be useful when setting up a "friend" flag, when a user flagging themself does not make sense.'),
+      '#default_value' => $this->access_uid ? 0 : 1,
     );
     $form['display']['show_on_profile'] = array(
@@ -1119 +1427 @@
   }
 
+  function form_input($form_values) {
+    parent::form_input($form_values);
+    // The access_uid value is intentionally backwards from the UI, to avoid
+    // confusion caused by checking a box to disable a feature.
+    $this->access_uid = empty($form_values['access_uid']) ? 'others' : '';
+  }
+
   function _load_content($content_id) {
     return user_load(array('uid' => $content_id));
@@ -1130 +1445 @@
     }
     return FALSE;
+  }
+
+  function access($content_id, $action = NULL, $account = NULL) {
+    $access = parent::access($content_id, $action, $account);
+    $account = isset($account) ? $account : $GLOBALS['user'];
+
+    // Prevent users from flagging themselves.
+    if ($this->access_uid == 'others' && $content_id == $account->uid) {
+      $access = FALSE;
+    }
+
+    return $access;
+  }
+
+  function access_multiple($content_ids, $account = NULL) {
+    $account = isset($account) ? $account : $GLOBALS['user'];
+    $access = parent::access_multiple($content_ids, $account);
+
+    // Exclude anonymous.
+    if (array_key_exists(0, $access)) {
+      $access[0] = FALSE;
+    }
+
+    // Prevent users from flagging themselves.
+    if ($this->access_uid == 'others' && array_key_exists($account->uid, $access)) {
+      $access[$account->uid] = FALSE;
+    }
+
+    return $access;
   }
 
@@ -1177 +1521 @@
     );
   }
-  
+
   function rules_get_element_argument_definition() {
     return array('type' => 'user', 'label' => t('Flagged user'));
@@ -1193 +1537 @@
     );
   }
-
-  function applies_to_content_id_array($content_ids) {
-    // This user flag doesn't currently support subtypes so all users are
-    // applicable for flagging.
-    $passed = array();
-    foreach ($content_ids as $uid) {
-      if ($uid) { // Exclude anonymous.
-        $passed[$uid] = TRUE;
-      }
-    }
-    return $passed;
-  }
-
 }
 
@@ -1220 +1551 @@
 }
 
-// Returns TRUE if we're running under Drupal 5.
-//
-// I use this function because I don't want to maintain two versions of a file
-// just because a handful of lines of code.
-function _flag_is_drupal_5() {
-  return !function_exists('theme_get_registry');
+/**
+ * A shortcut function to output the link URL.
+ */
+function _flag_url($path, $fragment = NULL, $absolute = TRUE) {
+  return url($path, array('fragment' => $fragment, 'absolute' => $absolute));
 }
-
-// That's ugly, but duplicating this logic is uglier.
-function _flag_url($path, $fragment = NULL, $absolute = TRUE) {
-  return _flag_is_drupal_5()
-    ? url($path, NULL, $fragment, $absolute)
-    : url($path, array('absolute' => TRUE, 'fragment' => $fragment));
-}
-

drupal-6/sites/all/modules/flag/flag.info

@@ -4 +4 @@
 core = 6.x
 package = Flags
-
-; Information added by drupal.org packaging script on 2010-01-08
-version = "6.x-1.2"
-core = "6.x"
-project = "flag"
-datestamp = "1262929205"
-

drupal-6/sites/all/modules/flag/flag.install

@@ -1 +1 @@
 <?php
-// $Id: flag.install,v 1.2.2.34 2010/01/08 05:00:45 quicksketch Exp $
+// $Id: flag.install,v 1.2.2.32.2.8 2010/01/08 04:42:32 quicksketch Exp $
 
 /**
@@ -23 +23 @@
   }
 
-  $success = drupal_install_schema('flag');
-
-  if ($success) {
-    // Install a demonstration flag.
+  drupal_install_schema('flag');
+}
+
+/**
+ * Implementation of hook_uninstall().
+ */
+function flag_uninstall() {
+  drupal_uninstall_schema('flag');
+  $result = db_query("SELECT name FROM {variable} WHERE name LIKE 'flag_%'");
+  while ($row = db_fetch_object($result)) {
+    variable_del($row->name);
+  }
+
+  drupal_set_message(t('Flag has been uninstalled.'));
+}
+
+/**
+ * Implementation of hook_enable().
+ *
+ * We create the demonstration flag on enable, so hook implementations in flag
+ * module will fire correctly, as the APIs are not available on install.
+ */
+function flag_enable() {
+  // Load the flag API in case we want to use it when enabling.
+  include_once(drupal_get_path('module', 'flag') .'/flag.module');
+
+  if (!flag_get_flags()) {
+    // Install a demonstration flag only if no flag exists. This is to prevent
+    // a case where a disables and enables the module, and the demonstration
+    // flag is overwritten or re-created.
     $flag = flag_flag::factory_by_content_type('node');
     $configuration = array(
@@ -49 +75 @@
     $flag->save();
   }
-
-  if ($success) {
-    drupal_set_message(st('Flag module installed tables successfully.'));
-  }
-  else {
-    drupal_set_message(st('The installation of Flag module failed.'), 'error');
-  }
-}
-
-/**
- * Implementation of hook_uninstall().
- */
-function flag_uninstall() {
-  drupal_uninstall_schema('flag');
-  $result = db_query("SELECT name FROM {variable} WHERE name LIKE 'flag_%'");
-  while ($row = db_fetch_object($result)) {
-    variable_del($row->name);
-  }
-
-  drupal_set_message(t('Flag has been uninstalled.'));
 }
 
@@ -81 +87 @@
   if ($phase == 'install') {
     if (!defined('MAINTENANCE_MODE') && _flag_flag_content_installed()) {
-      $requirements['flag_content_clash']['title'] = $t('Flag');
-      $requirements['flag_content_clash']['severity'] = REQUIREMENT_ERROR;
-      $requirements['flag_content_clash']['description'] = _flag_flag_content_message();
-    }
-  }
-
-  if ($phase == 'runtime' && module_exists('translation') && !module_exists('translation_helpers')) {
-    $requirements['flag_translation']['title'] = $t('Flag');
-    $requirements['flag_translation']['severity'] = REQUIREMENT_ERROR;
-    $requirements['flag_translation']['description'] = $t('To have the flag module work with translations, you need to install and enable the <a href="http://drupal.org/project/translation_helpers">Translation helpers</a> module.');
-    $requirements['flag_translation']['value'] = $t('Translation helpers module not found.');
+      $requirements['flag_content_clash'] = array(
+        'title' => $t('Flag'),
+        'severity' => REQUIREMENT_ERROR,
+        'description' => _flag_flag_content_message(),
+      );
+    }
+  }
+
+  if ($phase == 'runtime') {
+    if (module_exists('translation') && !module_exists('translation_helpers')) {
+      $requirements['flag_translation'] = array(
+        'title' => $t('Flag'),
+        'severity' => REQUIREMENT_ERROR,
+        'description' => $t('To have the flag module work with translations, you need to install and enable the <a href="http://drupal.org/project/translation_helpers">Translation helpers</a> module.'),
+        'value' => $t('Translation helpers module not found.'),
+      );
+    }
+    if (module_exists('session_api')) {
+      if (file_exists('./robots.txt')) {
+        $flag_path = url('flag') . '/';
+        $robots_string = 'Disallow: ' . $flag_path;
+        $contents = file_get_contents('./robots.txt');
+        if (strpos($contents, $robots_string) === FALSE) {
+          $requirements['flag_robots'] = array(
+            'title' => $t('Flag robots.txt problem'),
+            'severity' => REQUIREMENT_WARNING,
+            'description' => $t('Flag module may currently be used with anonymous users, however the robots.txt file does not exlude the "@flag-path" path, which may cause search engines to randomly flag and unflag content when they index the site. It is highly recommended to add "@robots-string" to your robots.txt file (located in the root of your Drupal installation).', array('@flag-path' => $flag_path, '@robots-string' => $robots_string)),
+            'value' => $t('Search engines flagging content'),
+          );
+        }
+      }
+    }
   }
   return $requirements;
@@ -197 +224 @@
         'default' => 0,
       ),
+      'sid' => array(
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
       'timestamp' => array(
         'type' => 'int',
@@ -207 +240 @@
     'primary key' => array('fcid'),
     'unique keys' => array(
-      'fid_content_type_content_id_uid' => array('fid', 'content_type', 'content_id', 'uid'),
+      'fid_content_id_uid_sid' => array('fid', 'content_id', 'uid', 'sid'),
     ),
     'indexes' => array(
       'content_type_content_id' => array('content_type', 'content_id'),
-      'content_type_uid' => array('content_type', 'uid'),
+      'content_type_uid_sid' => array('content_type', 'uid', 'sid'),
     ),
   );
@@ -269 +302 @@
       'fid_content_type' => array('fid', 'content_type'),
       'content_type_content_id' => array('content_type', 'content_id'),
+      'count' => array('count'),
     ),
   );
@@ -375 +409 @@
   $ret = array();
 
-  if (_flag_column_exists('flags', 'flag_short')) {
+  if (db_column_exists('flags', 'flag_short')) {
     $result = db_query("SELECT * FROM {flags}");
     while ($flag = db_fetch_object($result)) {
@@ -404 +438 @@
   $ret = array();
 
-  if (!_flag_column_exists('flag_content', 'fcid')) {
+  if (db_column_exists('flag_content', 'fcid')) {
     db_drop_primary_key($ret, 'flag_content');
     db_add_field($ret, 'flag_content', 'fcid', array(
@@ -447 +481 @@
 
 /**
- * Add auto-increment to the flags.fid column for users upgrading from Drupal 5.
+ * Remove count = 0 rows from the count tables.
  */
 function flag_update_6004() {
-  // Update removed and included in flag_update_6000()
+  // Same update as flag_update_6203()
   return array();
 }
 
 /**
- * Remove count = 0 rows from the flag_counts table for consistency.
- */
-function flag_update_6005() {
+ * Convert role access to have separate "flag" and "unflag" permissions.
+ */
+function flag_update_6200() {
+  $ret = array();
+
+  if (db_column_exists('flags', 'roles')) {
+    $result = db_query('SELECT * FROM {flags}');
+    while ($flag = db_fetch_object($result)) {
+      $roles = array_filter(explode(',', $flag->roles));
+      $options = unserialize($flag->options);
+      $options['roles'] = array(
+        'flag' => $roles,
+        'unflag' => $roles,
+      );
+      db_query("UPDATE {flags} SET options = '%s' WHERE fid = %d", serialize($options), $flag->fid);
+    }
+    db_drop_field($ret, 'flags', 'roles');
+  }
+
+  return $ret;
+}
+
+/**
+ * Refine the indexes.
+ *
+ * The content type inclusion actually slowed down on unique key. And a count
+ * index would be helpful for sorting by counts.
+ */
+function flag_update_6201() {
+  $ret = array();
+
+  // Remove "content type" from one key, see http://drupal.org/node/612602.
+  db_drop_unique_key($ret, 'flag_content', 'fid_content_type_content_id_uid');
+  db_add_unique_key($ret, 'flag_content', 'fid_content_id_uid', array('fid', 'content_id', 'uid'));
+
+  // Add a count index, see http://drupal.org/node/489610.
+  db_add_index($ret, 'flag_counts', 'count', array('count'));
+
+  return $ret;
+}
+
+/**
+ * Add the sid column and unique index on the flag_content table.
+ */
+function flag_update_6202() {
+  $ret = array();
+
+  // Drop the keys affected by the addition of the SID column.
+  db_drop_unique_key($ret, 'flag_content', 'fid_content_id_uid');
+  db_drop_index($ret, 'flag_content', 'content_type_uid');
+
+  // Add the column.
+  db_add_field($ret, 'flag_content', 'sid', array('type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, 'default' => 0));
+
+  // Re-add the removed keys.
+  db_add_unique_key($ret, 'flag_content', 'fid_content_id_uid_sid', array('fid', 'content_id', 'uid', 'sid'));
+  db_add_index($ret, 'flag_content', 'content_type_uid_sid', array('content_type', 'uid', 'sid'));
+
+  return $ret;
+}
+
+/**
+ * Remove count = 0 rows from the count tables.
+ */
+function flag_update_6203() {
   $ret = array();
   $ret[] = update_sql("DELETE FROM {flag_counts} WHERE count = 0");
@@ -474 +570 @@
   return array('success' => $result !== FALSE, 'query' => check_plain($sql));
 }
-
-// D5/6 compatible version of db_column_exists().
-function _flag_column_exists($table, $column) {
-  if (function_exists('db_column_exists')) {
-    return db_column_exists($table, $column);
-  }
-
-  switch ($GLOBALS['db_type']) {
-    case 'mysql':
-    case 'mysqli':
-      return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {flags} LIKE 'flag_short'"));
-    case 'pgsql':
-      return (bool) db_result(db_query("SELECT COUNT(pg_attribute.attname) FROM pg_class, pg_attribute WHERE pg_attribute.attrelid = pg_class.oid AND pg_class.relname = '{". db_escape_table($table) ."}' AND attname = '". db_escape_table($column) ."'"));
-  }
-}

drupal-6/sites/all/modules/flag/flag.module

@@ -1 +1 @@
 <?php
-// $Id: flag.module,v 1.11.2.78 2010/01/08 04:47:21 quicksketch Exp $
+// $Id: flag.module,v 1.11.2.72.2.31 2010/01/08 05:17:57 quicksketch Exp $
 
 /**
@@ -6 +6 @@
  * The Flag module.
  */
+
+define('FLAG_API_VERSION', 2);
 
 include_once dirname(__FILE__) .'/flag.inc';
@@ -58 +60 @@
     'file' => 'includes/flag.admin.inc',
     'type' => MENU_LOCAL_TASK,
+    'weight' => 1,
+  );
+  $items['admin/build/flags/import'] = array(
+    'title' => 'Import',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('flag_import_form'),
+    'access arguments' => array('administer flags'),
+    'type' => MENU_LOCAL_TASK,
+    'file' => 'includes/flag.export.inc',
+    'weight' => 2,
+  );
+  $items['admin/build/flags/export'] = array(
+    'title' => 'Export',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('flag_export_form'),
+    'access arguments' => array('administer flags'),
+    'type' => MENU_LOCAL_TASK,
+    'file' => 'includes/flag.export.inc',
+    'weight' => 3,
+  );
+  $items['admin/build/flags/update/%'] = array(
+    'title' => 'Update',
+    'page callback' => 'flag_update_page',
+    'page arguments' => array(4),
+    'access arguments' => array('administer flags'),
+    'type' => MENU_CALLBACK,
+    'file' => 'includes/flag.export.inc',
   );
   $items['flag'] = array(
@@ -89 +118 @@
     include_once $path .'/includes/flag.token.inc';
   }
+  if (module_exists('session_api')) {
+    // Set the anonymous user SID immediately, in case the user logs in.
+    flag_set_sid();
+  }
 }
 
@@ -102 +135 @@
 
 /**
+ * Implementation of hook_features_api().
+ */
+function flag_features_api() {
+  return array(
+    'flag' => array(
+      'feature_source' => TRUE,
+      'default_hook' => 'flag_default_flags',
+      'file' => drupal_get_path('module', 'flag') . '/includes/flag.features.inc',
+    ),
+  );
+}
+
+/**
  * Implementation of hook_perm().
  */
@@ -114 +160 @@
  */
 function flag_access($flag, $account = NULL) {
-  return $flag->user_access($account);
+  return $flag->user_access('flag', $account);
 }
 
@@ -145 +191 @@
   global $user;
 
-  // Anonymous users can't create flags with this system.
-  if (!$user->uid) {
-    return;
-  }
-
   // Get all possible flags for this content-type.
   $flags = flag_get_flags($type);
 
   foreach ($flags as $flag) {
-    if (!$flag->user_access($user)) {
-      // User has no permission to use this flag.
-      continue;
-    }
+    $content_id = $flag->get_content_id($object);
+
     if (!$flag->uses_hook_link($teaser)) {
       // Flag is not configured to show its link here.
       continue;
     }
-    if (!$flag->applies_to_content_object($object)) {
-      // Flag does not apply to this content.
+    if (!$flag->access($content_id) && (!$flag->is_flagged($content_id) || !$flag->access($content_id, 'flag'))) {
+      // User has no permission to use this flag or flag does not apply to this
+      // content. The link is not skipped if the user has "flag" access but
+      // not "unflag" access (this way the unflag denied message is shown).
       continue;
     }
 
-    $content_id = $flag->get_content_id($object);
     // The flag links are actually fully rendered theme functions.
     // The HTML attribute is set to TRUE to allow whatever the themer desires.
@@ -201 +241 @@
   $token = flag_get_token($content_id);
   return array(
-    'href' => "flag/". ($flag->link_type == 'confirm' ? 'confirm/' : '') ."$action/$flag->name/$content_id",
+    'href' => 'flag/'. ($flag->link_type == 'confirm' ? 'confirm/' : '') ."$action/$flag->name/$content_id",
     'query' => drupal_get_destination() . ($flag->link_type == 'confirm' ? '' : '&token='. $token),
   );
@@ -211 +251 @@
 function flag_flag_link_types() {
   return array(
-    'toggle' => t('JavaScript toggle'),
-    'normal' => t('Normal link'),
-    'confirm' => t('Confirmation form'),
+    'toggle' => array(
+      'title' => t('JavaScript toggle'),
+      'description' => t('An AJAX request will be made and degrades to type "Normal link" if JavaScript is not available.'),
+    ),
+    'normal' => array(
+      'title' => t('Normal link'),
+      'description' => t('A normal non-JavaScript request will be made and the current page will be reloaded.'),
+    ),
+    'confirm' => array(
+      'title' => t('Confirmation form'),
+      'description' => t('The user will be taken to a confirmation form on a separate page to confirm the flag.'),
+      'options' => array(
+        'flag_confirmation' => '',
+        'unflag_confirmation' => '',
+      ),
+    ),
   );
 }
@@ -256 +309 @@
         $form['workflow']['flag'][$var] = array(
           '#type' => 'checkbox',
-          '#title' => $flag->get_label('flag_short'),
+          '#title' => $flag->get_label('flag_short', $form['#node_type']->type),
           '#default_value' => variable_get($var .'_'. $form['#node_type']->type, 0),
           '#return_value' => 1,
@@ -274 +327 @@
     }
   }
-  elseif (isset($form['type']) && isset($form['#node'])
-      && ($form_id == $form['type']['#value'] .'_node_form')) {
-    if (!$user->uid) {
-      return;
-    }
-
+  elseif (isset($form['type']) && isset($form['#node']) && ($form_id == $form['type']['#value'] .'_node_form')) {
     $nid = !empty($form['nid']['#value']) ? $form['nid']['#value'] : NULL;
-
     $flags = flag_get_flags('node', $form['type']['#value'], $user);
 
     // Filter out flags which need to be included on the node form.
+    $flags_in_form = 0;
+    $flags_visible = 0;
     foreach ($flags as $name => $flag) {
       if (!$flag->show_on_form) {
-        unset($flags[$name]);
-      }
-    }
-
-    if (count($flags)) {
-      $form['flag'] = array(
-        '#type' => 'fieldset',
+        continue;
+      }
+
+      if (isset($form['#node']->flag[$flag->name])) {
+        $flag_status = $form['#node']->flag[$flag->name];
+      }
+      else {
+        $flag_status_default = variable_get('flag_' . $flag->name . '_default_' . $form['type']['#value'], 0);
+        $flag_status = $nid ? $flag->is_flagged($nid) : $flag_status_default;
+      }
+
+      // If the flag is not global and the user doesn't have access, skip it.
+      // Global flags have their value set even if the user doesn't have access
+      // to it, similar to the way "published" and "promote" keep the default
+      // values even if the user doesn't have "administer nodes" permission.
+      $access = $flag->access($nid, $flag_status ? 'unflag' : 'flag', $user);
+      if (!$access && !$flag->global) {
+        continue;
+      }
+
+      // Add the flag checkbox if displaying on the form.
+      $form['flag'][$flag->name] = array(
+        '#type' => 'checkbox',
+        '#title' => $flag->get_label('flag_short', $nid ? $nid : $form['type']['#value']),
+        '#description' => $flag->get_label('flag_long', $nid ? $nid : $form['type']['#value']),
+        '#default_value' => $flag_status,
+        '#return_value' => 1,
+      );
+      // If the user does not have access to the flag, set as a value.
+      if (!$access) {
+        $form['flag'][$flag->name]['#type'] = 'value';
+        $form['flag'][$flag->name]['#value'] = $flag_status;
+      }
+      else {
+        $flags_visible++;
+      }
+      $flags_in_form++;
+    }
+    if ($flags_in_form) {
+      $form['flag'] += array(
         '#weight' => module_exists('content') ? content_extra_field_weight($form['#node']->type, 'flags') : 1,
         '#tree' => TRUE,
+      );
+    }
+    if ($flags_visible) {
+      $form['flag'] += array(
+        '#type' => 'fieldset',
         '#title' => t('Flags'),
         '#collapsible' => TRUE,
@@ -301 +388 @@
     }
 
-    foreach ($flags as $flag) {
-      if (isset($form['#node']->flag[$flag->name])) {
-        $flag_status = $form['#node']->flag[$flag->name];
-      }
-      else {
-        $flag_status_default = variable_get('flag_' . $flag->name . '_default_' . $form['type']['#value'], 0);
-        $flag_status = $nid ? $flag->is_flagged($nid) : $flag_status_default;
-      }
-      $form['flag'][$flag->name] = array(
-        '#type' => 'checkbox',
-        '#title' => $flag->get_label('flag_short', $nid),
-        '#description' => $flag->get_label('flag_long', $nid),
-        '#default_value' => $flag_status,
-        '#return_value' => 1,
-      );
-    }
   }
 }
@@ -341 +412 @@
             $remembered = TRUE;
           }
-          flag($state ? 'flag' : 'unflag', $name, $node->nid);
+          flag($state ? 'flag' : 'unflag', $name, $node->nid, $user, TRUE);
         }
       }
@@ -377 +448 @@
 function flag_user($op, &$edit, &$account, $category = NULL) {
   switch ($op) {
+    case 'login':
+      // Migrate anonymous flags to this user's account.
+      if (module_exists('session_api')) {
+        // The @ symbol suppresses errors if the user flags a piece of content
+        // they have already flagged as a logged-in user.
+        @db_query("UPDATE {flag_content} SET uid = %d, sid = 0 WHERE uid = 0 AND sid = %d", $account->uid, flag_get_sid(0));
+        // Delete any remaining flags this user had as an anonymous user.
+        db_query("DELETE FROM {flag_content} WHERE uid = 0 AND sid = %d", flag_get_sid(0));
+        // Clean up anonymous cookies.
+        if (isset($_COOKIE['flags'])) {
+          setcookie('flags', FALSE, 0, base_path());
+          unset($_COOKIE['flags']);
+        }
+        foreach ($_COOKIE as $key => $value) {
+          if (strpos($key, 'flag_global_') === 0) {
+            setcookie($key, FALSE, 0, base_path());
+            unset($_COOKIE[$key]);
+          }
+        }
+      }
+      break;
     case 'delete':
       // Remove flags by this user.
@@ -390 +482 @@
       $flag_items = array();
       foreach ($flags as $flag) {
-        if (!$flag->user_access()) {
+        if (!$flag->access($account->uid)) {
           // User has no permission to use this flag.
-          continue;
-        }
-        if (!$flag->applies_to_content_object($account)) {
-          // Flag does not apply to this content.
           continue;
         }
@@ -422 +510 @@
 
 /**
+ * Implementation of hook_session_api_cleanup().
+ *
+ * Clear out anonymous user flaggings during Session API cleanup.
+ */
+function flag_session_api_cleanup($arg = 'run') {
+  // Session API 1.1 version:
+  if ($arg == 'run') {
+    $result = db_query("SELECT fc.sid FROM {flag_content} fc LEFT JOIN {session_api} s ON (fc.sid = s.sid) WHERE fc.sid <> 0 AND s.sid IS NULL");
+    while ($row = db_fetch_object($result)) {
+      db_query("DELETE FROM {flag_content} WHERE sid = %d", $row->sid);
+    }
+  }
+  // Session API 1.2+ version.
+  elseif (is_array($arg)) {
+    $outdated_sids = $arg;
+    db_query('DELETE FROM {flag_content} WHERE sid IN (' . implode(',', $outdated_sids) . ')');
+  }
+}
+
+/**
  * Implementation of hook_node_type().
  */
@@ -431 +539 @@
       break;
   }
+}
+
+/**
+ * Implementation of hook_activity_info().
+ */
+function flag_activity_info() {
+  $info = new stdClass();
+  $info->api = 2;
+  $info->name = 'flag';
+  // The order of objects here matters. If a user is both the author and the
+  // flagging user, the flagging user message takes precedence.
+  $info->objects = array('node author' => 'node', 'flagging user' => 'account', 'comment author' => 'comment');
+  $info->hooks = array('flag' => array('flag', 'unflag'));
+
+  // Figure out the activity access control realms and the types.
+  $flags = flag_get_flags();
+  foreach ($flags as $fid => $flag) {
+    $info->realms["flag_" . $flag->fid] = $flag->title;
+    // Currently, flagging a user cannot be recorded.
+    if ($flag->content_type != 'user') {
+      $info->type_options[$flag->fid] = $flag->title;
+    }
+  }
+  $info->object_type = 'flag';
+  $info->path = drupal_get_path('module', 'flag') . '/includes';
+  return $info;
 }
 
@@ -557 +691 @@
 function flag_flag($action, $flag, $content_id, $account) {
   if (module_exists('trigger')) {
-
-    $flag_action = $flag->get_flag_action($content_id);
-    $flag_action->action = $action;
-    $context = (array)$flag_action;
-    $aids = _trigger_get_hook_aids($action, $action);
-    foreach ($aids as $aid => $action_info) {
+    $context['hook'] = 'flag';
+    $context['account'] = $account;
+    $context['flag'] = $flag;
+    $context['op'] = $action;
+
+    // We add to the $context all the objects we know about:
+    $context = array_merge($flag->get_relevant_action_objects($content_id), $context);
+
+    // Generic "all flags" actions.
+    foreach (_trigger_get_hook_aids($action, $action) as $aid => $action_info) {
       // The 'if ($aid)' is a safeguard against http://drupal.org/node/271460#comment-886564
       if ($aid) {
@@ -568 +706 @@
       }
     }
-
+    // Actions specifically for this flag.
+    foreach (_trigger_get_hook_aids($action . '_' . $flag->name, $action) as $aid => $action_info) {
+      if ($aid) {
+        actions_do($aid, $flag, $context);
+      }
+    }
   }
 
@@ -579 +722 @@
 
 /**
+ * Implementation of hook_flag_access().
+ */
+function flag_flag_access($flag, $content_id, $action, $account) {
+  // Restrict access by authorship. It's important that TRUE is never returned
+  // here, otherwise we'd grant permission even if other modules denied access.
+  if ($flag->content_type == 'node') {
+    $node = node_load($content_id);
+    if ($flag->access_author == 'own' && $node->uid != $account->uid) {
+      return FALSE;
+    }
+    elseif ($flag->access_author == 'others' && $node->uid == $account->uid) {
+      return FALSE;
+    }
+  }
+
+  // Restrict access by comment authorship.
+  if ($flag->content_type == 'comment') {
+    $comment = _comment_load($content_id);
+    $node = node_load($comment->nid);
+    if ($flag->access_author == 'node_own' && $node->uid != $account->uid) {
+      return FALSE;
+    }
+    elseif ($flag->access_author == 'node_others' && $node->uid == $account->uid) {
+      return FALSE;
+    }
+    elseif ($flag->access_author == 'comment_own' && $comment->uid != $account->uid) {
+      return FALSE;
+    }
+    elseif ($flag->access_author == 'comment_others' && $comment->uid == $account->uid) {
+      return FALSE;
+    }
+  }
+}
+
+/**
+ * Implementation of hook_flag_access_multiple().
+ */
+function flag_flag_access_multiple($flag, $content_ids, $account) {
+  $access = array();
+
+  if ($flag->content_type == 'node') {
+    // Restrict access by authorship. This is similar to flag_flag_access()
+    // above, but returns an array of 'nid' => $access values. Similarly, we
+    // should never return TRUE in any of these access values, only FALSE if we
+    // want to deny access, or use the current access value provided by Flag.
+    $nids = implode(',', array_map('intval', array_keys($content_ids)));
+    $placeholders = implode(',', array_fill(0, sizeof($flag->types), "'%s'"));
+    $result = db_query("SELECT nid, uid FROM {node} WHERE nid IN ($nids) AND type in ($placeholders)", $flag->types);
+    while ($row = db_fetch_object($result)) {
+      if ($flag->access_author == 'own') {
+        $access[$row->nid] = $row->uid != $account->uid ? FALSE : NULL;
+      }
+      elseif ($flag->access_author == 'others') {
+        $access[$row->nid] = $row->uid == $account->uid ? FALSE : NULL;
+      }
+    }
+  }
+
+  if ($flag->content_type == 'comment') {
+    // Restrict access by comment ownership.
+    $cids = implode(',', array_map('intval', array_keys($content_ids)));
+    $result = db_query("SELECT c.cid, c.nid, c.uid as comment_uid, n.nid as node_uid FROM {comments} c LEFT JOIN {node} n ON c.nid = n.nid WHERE cid IN ($cids)");
+    while ($row = db_fetch_object($result)) {
+      if ($flag->access_author == 'node_own') {
+        $access[$row->cid] = $row->node_uid != $account->uid ? FALSE : NULL;
+      }
+      elseif ($flag->access_author == 'node_others') {
+        $access[$row->cid] = $row->node_uid == $account->uid ? FALSE : NULL;
+      }
+      elseif ($flag->access_author == 'comment_own') {
+        $access[$row->cid] = $row->comment_uid != $account->uid ? FALSE : NULL;
+      }
+      elseif ($flag->access_author == 'comment_others') {
+        $access[$row->cid] = $row->comment_uid == $account->uid ? FALSE : NULL;
+      }
+    }
+  }
+
+  // Always return an array (even if empty) of accesses.
+  return $access;
+}
+/**
+ * Trim a flag to a certain size.
+ *
+ * @param $fid
+ *   The flag object.
+ * @param $account
+ *   The user object on behalf the trimming will occur.
+ * @param $cutoff_size
+ *   The number of flaggings allowed. Any flaggings beyond that will be trimmed.
+ */
+function flag_trim_flag($flag, $account, $cutoff_size) {
+  $result = db_query("SELECT * FROM {flag_content} WHERE fid = %d AND (uid = %d OR uid = 0) ORDER BY timestamp DESC", $flag->fid, $account->uid);
+  $i = 1;
+  while ($row = db_fetch_object($result)) {
+    if ($i++ > $cutoff_size) {
+      flag('unflag', $flag->name, $row->content_id, $account);
+    }
+  }
+}
+
+/**
  * Implementation of hook_node_operations().
  *
@@ -590 +835 @@
 
   foreach ($flags as $flag) {
-    $operations['flag_'. $flag->name] = array(
+    $operations['flag_' . $flag->name] = array(
       'label' => $flag->get_label('flag_short'),
       'callback' => 'flag_nodes',
@@ -596 +841 @@
       'behavior' => array(),
     );
-    $operations['unflag_'. $flag->name] = array(
+    $operations['unflag_' . $flag->name] = array(
       'label' => $flag->get_label('unflag_short'),
       'callback' => 'flag_nodes',
@@ -614 +859 @@
     $performed |= flag($action, $flag_name, $nid);
   }
-  // Drupal 6 doesn't display a confirmation message itself, so it's our responsibility.
   if ($performed) {
     drupal_set_message(t('The update has been performed.'));
+  }
+}
+
+/**
+ * Implementation of hook_user_operations().
+ */
+function flag_user_operations() {
+  global $user;
+
+  $flags = flag_get_flags('user', NULL, $user);
+  $operations = array();
+
+  foreach ($flags as $flag) {
+    $operations['flag_' . $flag->name] = array(
+      'label' => $flag->get_label('flag_short'),
+      'callback' => 'flag_users',
+      'callback arguments' => array('flag', $flag->name),
+    );
+    $operations['unflag_' . $flag->name] = array(
+      'label' => $flag->get_label('unflag_short'),
+      'callback' => 'flag_users',
+      'callback arguments' => array('unflag', $flag->name),
+    );
+  }
+  return $operations;
+}
+/**
+* Callback function for hook_user_operations().
+*/
+function flag_users($users, $action, $flag_name) {
+  foreach ($users as $uid) {
+    flag($action, $flag_name, $uid);
   }
 }
@@ -630 +906 @@
       break;
   }
+}
+
+/**
+ * Implementation of hook_service().
+ */
+function flag_service() {
+  $items = array();
+
+  $items[] = array(
+    '#method' => 'flag.flag',
+    '#callback' => 'flag_service_flag',
+    '#access callback' => 'flag_service_flag_access',
+    '#file' => array(
+      'file' => 'inc',
+      'module' => 'flag',
+      'file name' => 'includes/flag.services',
+    ),
+    '#args' => array(
+      array(
+        '#name' => 'flag_name',
+        '#type' => 'string',
+        '#description' => t('The name of the flag.'),
+      ),
+      array(
+        '#name' => 'content_id',
+        '#type' => 'int',
+        '#description' => t('The content ID.'),
+      ),
+      array(
+        '#name' => 'uid',
+        '#type' => 'int',
+        '#description' => t('The user ID for which to flag.'),
+        '#optional' => TRUE,
+      ),
+      array(
+        '#name' => 'action',
+        '#type' => 'string',
+        '#description' => t('Optional; The action to perform, default is "flag". Should be "flag" or "unflag".'),
+        '#optional' => TRUE,
+      ),
+      array(
+        '#name' => 'skip_permission_check',
+        '#type' => 'boolean',
+        '#description' => t('Optional; Flag the content even if the user does not have permission to do so. FALSE by default'),
+        '#optional' => TRUE,
+      ),
+    ),
+    '#return' => 'boolean',
+    '#help' => t('Flags (or unflags) a content.')
+  );
+
+  $items[] = array(
+    '#method' => 'flag.is_flagged',
+    '#callback' => 'flag_service_is_flagged',
+    '#access callback' => 'flag_service_flag_access',
+    '#file' => array(
+      'file' => 'inc',
+      'module' => 'flag',
+      'file name' => 'includes/flag.services',
+    ),
+    '#args' => array(
+      array(
+        '#name' => 'flag_name',
+        '#type' => 'string',
+        '#description' => t('The name of the flag.'),
+      ),
+      array(
+        '#name' => 'content_id',
+        '#type' => 'int',
+        '#description' => t('The content ID.'),
+      ),
+      array(
+        '#name' => 'uid',
+        '#type' => 'int',
+        '#description' => t('The user ID that might have flagged the content.'),
+        '#optional' => TRUE,
+      ),
+    ),
+    '#return' => 'boolean',
+    '#help' => t('Check if a content was flagged by a user.')
+  );
+
+  return $items;
 }
 
@@ -651 +1010 @@
       'arguments' => array('flags' => NULL, 'default_flags' => NULL),
     ),
+    'flag_form_roles' => array(
+      'arguments' => array('element' => NULL),
+    ),
     'flag_rules_radios' => array(
       'arguments' => array(),
@@ -668 +1030 @@
  *
  * See 'flag.tpl.php' for their documentation.
- *
- * Note: The Drupal 5 version of this module calls this function directly.
  */
 function template_preprocess_flag(&$variables) {
+  global $user;
   static $first_time = TRUE;
 
@@ -678 +1039 @@
   $action = $variables['action'];
   $content_id = $variables['content_id'];
+  $flag_css_name = str_replace('_', '-', $flag->name);
 
   // Generate the link URL.
-  $link_types = flag_get_link_types();
-  $link_type_module = $link_types[$flag->link_type]['module'];
-  $link = module_invoke($link_type_module, 'flag_link', $flag, $action, $content_id);
+  $link_type = $flag->get_link_type();
+  $link = module_invoke($link_type['module'], 'flag_link', $flag, $action, $content_id);
   if (isset($link['title']) && empty($link['html'])) {
     $link['title'] = check_plain($link['title']);
   }
 
-  if ($flag->link_type == 'toggle' && $first_time) {
+  // Replace the link with the access denied text if unable to flag.
+  if ($action == 'unflag' && !$flag->access($content_id, 'unflag')) {
+    $link['title'] = $flag->get_label('unflag_denied_text', $content_id);
+    unset($link['href']);
+  }
+
+  // Tell the template file to add JavaScript/CSS if using the toggle link type.
+  // Anonymous users always need the JavaScript to maintain their flag state.
+  if (($flag->link_type == 'toggle' || $user->uid == 0) && $first_time) {
     $variables['setup'] = $first_time;
     $first_time = FALSE;
@@ -695 +1064 @@
   }
 
-  $variables['link_href'] = check_url(url($link['href'], $link));
+  $variables['link_href'] = isset($link['href']) ? check_url(url($link['href'], $link)) : FALSE;
   $variables['link_text'] = isset($link['title']) ? $link['title'] : $flag->get_label($action . '_short', $content_id);
   $variables['link_title'] = isset($link['attributes']['title']) ? check_plain($link['attributes']['title']) : check_plain(strip_tags($flag->get_label($action . '_long', $content_id)));
-  $variables['flag_name_css'] = str_replace('_', '-', $flag->name);
   $variables['last_action'] = ($action == 'flag' ? 'unflagged' : 'flagged');
+
+  $variables['flag_wrapper_classes_array'] = array();
+  $variables['flag_wrapper_classes_array'][] = 'flag-wrapper';
+  $variables['flag_wrapper_classes_array'][] = 'flag-' . $flag_css_name;
+  $variables['flag_wrapper_classes_array'][] = 'flag-' . $flag_css_name . '-' . $content_id;
+  $variables['flag_wrapper_classes'] = implode(' ', $variables['flag_wrapper_classes_array']);
+
   $variables['flag_classes_array'] = array();
   $variables['flag_classes_array'][] = 'flag';
   $variables['flag_classes_array'][] = $variables['action'] .'-action';
   $variables['flag_classes_array'][] = 'flag-link-'. $flag->link_type;
-
   if (isset($link['attributes']['class'])) {
     $variables['flag_classes_array'][] = $link['attributes']['class'];
   }
-
   if ($variables['after_flagging']) {
     $inverse_action = ($action == 'flag' ? 'unflag' : 'flag');
@@ -714 +1087 @@
     $variables['flag_classes_array'][] = $variables['last_action'];
   }
-
   $variables['flag_classes'] = implode(' ', $variables['flag_classes_array']);
 }
@@ -797 +1169 @@
 }
 
+/**
+ * Return an array of flag link type descriptions.
+ */
+function _flag_link_type_descriptions() {
+  $options = array();
+  $types = flag_get_link_types();
+  foreach ($types as $type_name => $type) {
+    $options[$type_name] = $type['description'];
+  }
+  return $options;
+}
+
+/**
+ * Return an array of flag link fields that are dependent on a link type.
+ */
+function _flag_link_type_fields() {
+  $options = array();
+  $types = flag_get_link_types();
+  foreach ($types as $type_name => $type) {
+    $options[$type_name] = array_keys($type['options']);
+  }
+  return $options;
+}
+
 // ---------------------------------------------------------------------------
 // Non-Views public API
@@ -835 +1231 @@
 
 /**
+ * Get the total count of items flagged within a flag.
+ *
+ * @param $flag_name
+ *   The flag name for which to retrieve a flag count.
+ * @param $reset
+ *   Reset the internal cache and execute the SQL query another time.
+ */
+function flag_get_flag_counts($flag_name, $reset = FALSE) {
+  static $counts;
+
+  if ($reset) {
+    $counts = array();
+  }
+  if (!isset($counts[$flag_name])) {
+    $flag = flag_get_flag($flag_name);
+    $counts[$flag_name] = db_result(db_query("SELECT COUNT(*) FROM {flag_content} WHERE fid = %d", $flag->fid));
+  }
+
+  return $counts[$flag_name];
+}
+
+/**
  * Load a single flag either by name or by flag ID.
  *
@@ -856 +1274 @@
     }
   }
+  return FALSE;
 }
 
@@ -917 +1336 @@
       }
     }
+
+    // Allow modules implementing hook_flag_alter(&$flag) to modify each flag.
+    foreach ($flags as $flag) {
+      drupal_alter('flag', $flag);
+    }
   }
 
@@ -961 +1385 @@
       $flag = flag_flag::factory_by_array($config);
       $flag->module = $module;
+
+      // Disable flags that are not at the current API version.
+      if (!isset($flag->api_version) || $flag->api_version < FLAG_API_VERSION) {
+        $flag->status = FALSE;
+        $flag->api_version = isset($flag->api_version) ? $flag->api_version : 1;
+      }
+
       // Add flags that have been enabled.
       if ((!isset($flag_status[$flag->name]) && (!isset($flag->status) || $flag->status)) || !empty($flag_status[$flag->name])) {
@@ -966 +1397 @@
         $default_flags[$flag->name] = $flag;
       }
+      // Add flags that have been disabled.
       elseif ($include_disabled) {
         $flag->status = FALSE;
@@ -974 +1406 @@
 
   return $default_flags;
+}
+
+/**
+ * Get all flagged content in a flag.
+ *
+ * @param
+ *   The flag name for which to retrieve flagged content.
+ */
+function flag_get_flagged_content($flag_name) {
+  $return = array();
+  $flag = flag_get_flag($flag_name);
+  $result = db_query("SELECT * FROM {flag_content} WHERE fid = %d", $flag->fid);
+  while ($row = db_fetch_object($result)) {
+    $return[] = $row;
+  }
+  return $return;
+}
+
+/**
+ * Get content ID from a flag content ID.
+ *
+ * @param $fcid
+ *   The flag content ID for which to look up the content ID.
+ */
+function flag_get_content_id($fcid) {
+  return db_result(db_query("SELECT content_id FROM {flag_content} WHERE fcid = %d", $fcid));
 }
 
@@ -987 +1445 @@
  *   Optional. The user ID whose flags we're checking. If none given, the
  *   current user will be used.
+ * @param $sid
+ *   Optional. The user SID (provided by Session API) whose flags we're
+ *   checking. If none given, the current user will be used. The SID is 0 for
+ *   logged in users.
  * @param $reset
  *   Reset the internal cache and execute the SQL query another time.
@@ -998 +1460 @@
  *
  */
-function flag_get_user_flags($content_type, $content_id = NULL, $uid = NULL, $reset = FALSE) {
+function flag_get_user_flags($content_type, $content_id = NULL, $uid = NULL, $sid = NULL, $reset = FALSE) {
   static $flagged_content;
 
@@ -1009 +1471 @@
 
   $uid = !isset($uid) ? $GLOBALS['user']->uid : $uid;
+  $sid = !isset($sid) ? flag_get_sid($uid) : $sid;
 
   if (isset($content_id)) {
     if (!isset($flagged_content[$uid][$content_type][$content_id])) {
       $flag_names = _flag_get_flag_names();
-      $flagged_content[$uid][$content_type][$content_id] = array();
-      $result = db_query("SELECT * FROM {flag_content} WHERE content_type = '%s' AND content_id = %d AND (uid = %d OR uid = 0)", $content_type, $content_id, $uid);
+      $flagged_content[$uid][$sid][$content_type][$content_id] = array();
+      $result = db_query("SELECT * FROM {flag_content} WHERE content_type = '%s' AND content_id = %d AND (uid = %d OR uid = 0) AND sid = %s", $content_type, $content_id, $uid, $sid);
       while ($flag_content = db_fetch_object($result)) {
-        $flagged_content[$uid][$content_type][$content_id][$flag_names[$flag_content->fid]] = $flag_content;
-      }
-    }
-    return $flagged_content[$uid][$content_type][$content_id];
+        $flagged_content[$uid][$sid][$content_type][$content_id][$flag_names[$flag_content->fid]] = $flag_content;
+      }
+    }
+    return $flagged_content[$uid][$sid][$content_type][$content_id];
   }
 
   else {
-    if (!isset($flagged_content[$uid]['all'][$content_type])) {
+    if (!isset($flagged_content[$uid][$sid]['all'][$content_type])) {
       $flag_names = _flag_get_flag_names();
-      $flagged_content[$uid]['all'][$content_type] = TRUE;
-      $result = db_query("SELECT * FROM {flag_content} WHERE content_type = '%s' AND (uid = %d OR uid = 0)", $content_type, $uid);
+      $flagged_content[$uid][$sid]['all'][$content_type] = TRUE;
+      $result = db_query("SELECT * FROM {flag_content} WHERE content_type = '%s' AND (uid = %d OR uid = 0) AND sid = %s", $content_type, $uid, $sid);
       while ($flag_content = db_fetch_object($result)) {
-        $flagged_content[$uid][$content_type]['all'][$flag_names[$flag_content->fid]][$flag_content->content_id] = $flag_content;
-      }
-    }
-    return $flagged_content[$uid][$content_type]['all'];
+        $flagged_content[$uid][$sid][$content_type]['all'][$flag_names[$flag_content->fid]][$flag_content->content_id] = $flag_content;
+      }
+    }
+    return $flagged_content[$uid][$sid][$content_type]['all'];
   }
 
@@ -1038 +1501 @@
 /**
  * Return a list of users who have flagged a piece of content.
- */
-function flag_get_content_flags($content_type, $content_id, $reset = FALSE) {
+ *
+ * @param $content_type
+ *   The type of content that will be retrieved. Usually 'node'.
+ * @param $content_id
+ *   The content ID to check for flagging.
+ * @param $flag_name
+ *   Optional. The name of a flag if wanting a list specific to a single flag.
+ * @param $reset
+ *   Reset the internal cache of flagged content.
+ * @return
+ *   If no flag name is given, an array of flagged content, keyed by the user
+ *   ID that flagged the content. Each flagged content array is structured as
+ *   an array of flag information for each flag, keyed by the flag name. If
+ *   a flag name is specified, only the information for that flag is returned.
+ */
+function flag_get_content_flags($content_type, $content_id, $flag_name = NULL, $reset = FALSE) {
   static $content_flags;
 
@@ -1046 +1523 @@
     $result = db_query("SELECT * FROM {flag_content} WHERE content_type = '%s' AND content_id = %d ORDER BY timestamp DESC", $content_type, $content_id);
     while ($flag_content = db_fetch_object($result)) {
+      // Build a list of flaggings for all flags by user.
       $content_flags[$content_type][$content_id]['users'][$flag_content->uid][$flag_names[$flag_content->fid]] = $flag_content;
-    }
-  }
-
-  return $content_flags[$content_type][$content_id]['users'];
+      // Build a list of flaggings for each individual flag.
+      $content_flags[$content_type][$content_id]['flags'][$flag_names[$flag_content->fid]][$flag_content->uid] = $flag_content;
+    }
+  }
+
+  return isset($flag_name) ? $content_flags[$content_type][$content_id]['flags'][$flag_name] : $content_flags[$content_type][$content_id]['users'];
 }
 
@@ -1073 +1553 @@
     return;
   }
-  if (!$flag->user_access()) {
+  if (!$flag->access($content_id)) {
     // User has no permission to use this flag.
-    return;
-  }
-  if (!$flag->applies_to_content_id($content_id)) {
-    // Flag does not apply to this content.
     return;
   }
@@ -1094 +1570 @@
     foreach (module_implements('flag_link_types') as $module) {
       $module_types = module_invoke($module, 'flag_link_types');
-      foreach ($module_types as $type_name => $type_title) {
-        $link_types[$type_name] = array(
-          'module' => $module,
-          'title' => $type_title,
+      foreach ($module_types as $type_name => $info) {
+        $link_types[$type_name] = $info;
+        $link_types[$type_name]['module'] = $module;
+        $link_types[$type_name] += array(
+          'title' => '',
+          'description' => '',
+          'options' => array(),
         );
       }
     }
+    drupal_alter('flag_link_types', $link_types);
   }
 
@@ -1109 +1589 @@
  * Get a private token used to protect links from spoofing - CSRF.
  */
-function flag_get_token($nid) {
-  return drupal_get_token($nid);
+function flag_get_token($content_id) {
+  // Anonymous users get a less secure token, since it must be the same for all
+  // anonymous users on the entire site to work with page caching.
+  return ($GLOBALS['user']->uid) ? drupal_get_token($content_id) : md5(drupal_get_private_key() . $content_id);
 }
 
@@ -1116 +1598 @@
  * Check to see if a token value matches the specified node.
  */
-function flag_check_token($token, $seed) {
-  return drupal_get_token($seed) == $token;
-}
+function flag_check_token($token, $content_id) {
+  return flag_get_token($content_id) == $token;
+}
+
+/**
+ * Set the Session ID for a user. Utilizes the Session API module.
+ *
+ * This function is only called in flag_init(), to set the current user's
+ * SID in case the user logs in during this request.
+ */
+function flag_set_sid($uid = NULL) {
+  static $sids = array();
+
+  if (!isset($uid)) {
+    $uid = $GLOBALS['user']->uid;
+  }
+
+  if (!isset($sids[$uid])) {
+    if (module_exists('session_api') && session_api_available() && $uid == 0) {
+      $sids[$uid] = session_api_get_sid();
+    }
+    else {
+      $sids[$uid] = 0;
+    }
+  }
+
+  return $sids[$uid];
+}
+
+/**
+ * Get the Session ID for a user. Utilizes the Session API module.
+ */
+function flag_get_sid($uid = NULL) {
+  return flag_set_sid($uid);
+}

drupal-6/sites/all/modules/flag/flag_actions.info

@@ -5 +5 @@
 dependencies[] = flag
 package = Flags
-; Information added by drupal.org packaging script on 2010-01-08
-version = "6.x-1.2"
-core = "6.x"
-project = "flag"
-datestamp = "1262929205"
-

drupal-6/sites/all/modules/flag/flag_actions.install

@@ -1 +1 @@
 <?php
-// $Id: flag_actions.install,v 1.1.2.2 2008/09/30 03:08:49 quicksketch Exp $
+// $Id: flag_actions.install,v 1.1.2.2.2.1 2009/09/19 01:30:46 quicksketch Exp $
 
 /**
@@ -48 +48 @@
         'type' => 'int',
         'size' => 'small',
-        'not null' => FALSE,
+        'not null' => TRUE,
+        'default' => 0,
+        'disp-width' => '5',
+      ),
+      'repeat_threshold' => array(
+        'type' => 'int',
+        'size' => 'small',
+        'not null' => TRUE,
+        'default' => 0,
         'disp-width' => '5',
       ),
@@ -68 +76 @@
   return $schema;
 }
+
+/**
+ * Add a "repeat_threshold" value to all existing Flag actions.
+ */
+function flag_actions_update_6200() {
+  $ret = array();
+
+  // Add the new repeat_threshold column.
+  if (!db_column_exists('flag_actions', 'repeat_threshold')) {
+    $column = array(
+      'type' => 'int',
+      'size' => 'small',
+      'not null' => TRUE,
+      'default' => 0,
+      'disp-width' => '5',
+    );
+    db_add_field($ret, 'flag_actions', 'repeat_threshold', $column);
+  }
+
+  // Update the normal threshold column to default to 0.
+  $column = array(
+    'type' => 'int',
+    'size' => 'small',
+    'not null' => TRUE,
+    'default' => 0,
+    'disp-width' => '5',
+  );
+  db_change_field($ret, 'flag_actions', 'threshold', 'threshold', $column);
+
+  return $ret;
+}

drupal-6/sites/all/modules/flag/flag_actions.module

@@ -1 +1 @@
 <?php
-// $Id: flag_actions.module,v 1.1.2.13 2009/09/14 11:58:32 quicksketch Exp $
+// $Id: flag_actions.module,v 1.1.2.12.2.5 2009/09/29 02:27:37 quicksketch Exp $
 
 /**
@@ -79 +79 @@
 function flag_actions_get_actions($flag_name = NULL, $reset = FALSE) {
   static $flag_actions;
+  module_load_include('inc', 'flag', 'includes/flag.actions');
 
   // Get a list of all possible actions defined by modules.
@@ -126 +127 @@
  * @param $fid
  *   The flag object ID.
+ * @param $event
+ *   The flag event, such as "flag" or "unflag".
  * @param $threshold
  *   The flagging threshold at which this action will be executed.
+ * @param $repeat_threshold
+ *   The number of additional flaggings after which the action will be repeated.
  * @param $callback
  *   The action callback to be executed.
@@ -133 +138 @@
  *   The action parameters.
  */
-function flag_actions_insert_action($fid, $event, $threshold, $callback, $parameters) {
-  db_query("INSERT INTO {flag_actions} (fid, event, threshold, callback, parameters) VALUES (%d, '%s', %d, '%s', '%s')", $fid, $event, $threshold, $callback, serialize($parameters));
+function flag_actions_insert_action($fid, $event, $threshold, $repeat_threshold, $callback, $parameters) {
+  db_query("INSERT INTO {flag_actions} (fid, event, threshold, repeat_threshold, callback, parameters) VALUES (%d, '%s', %d, %d, '%s', '%s')", $fid, $event, $threshold, $repeat_threshold, $callback, serialize($parameters));
   return db_last_insert_id('flag_actions', 'aid');
 }
@@ -143 +148 @@
  * @param $aid
  *   The flag action ID to update.
+ * @param $event
+ *   The flag event, such as "flag" or "unflag".
  * @param $threshold
  *   The flagging threshold at which this action will be executed.
+ * @param $repeat_threshold
+ *   The number of additional flaggings after which the action will be repeated.
  * @param $parameters
  *   The action parameters.
  */
-function flag_actions_update_action($aid, $event, $threshold, $parameters) {
-  return db_query("UPDATE {flag_actions} SET event = '%s', threshold = %d, parameters = '%s' WHERE aid = %d", $event, $threshold, serialize($parameters), $aid);
+function flag_actions_update_action($aid, $event, $threshold, $repeat_threshold, $parameters) {
+  return db_query("UPDATE {flag_actions} SET event = '%s', threshold = %d, repeat_threshold = %d, parameters = '%s' WHERE aid = %d", $event, $threshold, $repeat_threshold, serialize($parameters), $aid);
 }
 
@@ -177 +186 @@
   $node_changed = FALSE;
   foreach ($actions as $aid => $action) {
-    $threshold = ($action->event == $event) &&
-                (($action->event == 'flag'   && $count == $action->threshold) ||
-                 ($action->event == 'unflag' && $count == $action->threshold - 1));
-    if ($threshold && !$action->missing) {
+    if ($action->event == 'flag') {
+      $at_threshold = ($count == $action->threshold);
+      $repeat = $action->repeat_threshold ? (($count > $action->threshold) && (($count - $action->threshold) % $action->repeat_threshold == 0)) : FALSE;
+    }
+    elseif ($action->event == 'unflag') {
+      $at_threshold = ($count == $action->threshold - 1);
+      $repeat = $action->repeat_threshold ? (($count < $action->threshold - 1) && (($count - $action->threshold - 1) % $action->repeat_threshold == 0)) : FALSE;
+    }
+    if (($at_threshold || $repeat) && $action->event == $event && !$action->missing) {
       $context = $action->parameters;
       $context['callback'] = $action->callback;
@@ -240 +254 @@
     $flag = flag_get_flag($action->flag);
 
+    // Build a sample string representing repeating actions.
+    if ($action->repeat_threshold) {
+      $repeat_count = 3;
+      $repeat_subtract = ($action->event == 'flag') ? 1 : -1;
+      $repeat_samples = array();
+      for ($n = 1; $n < $repeat_count + 2; $n++) {
+        $sample = $action->threshold + (($n * $action->repeat_threshold) * $repeat_subtract);
+        if ($sample > 0) {
+          $repeat_samples[] = $sample;
+        }
+      }
+      if (count($repeat_samples) > $repeat_count) {
+        $repeat_samples[$repeat_count] = '&hellip;';
+      }
+      $repeat_string = implode(', ', $repeat_samples);
+    }
+    else {
+      $repeat_string = '-';
+    }
+
     $row = array();
     $row[] = $flag->get_title();
-    $row[] = ($action->event == 'flag' ? '≥ ' : '< ') . $action->threshold;
+    $row[] = ($action->event == 'flag' ? '&ge; ' : '&lt; ') . $action->threshold;
+    $row[] = $repeat_string;
     $row[] = empty($action->missing) ? $action->description : '<div class="error">' . $action->description . '</div>';
     $row[] = l(t('edit'), 'admin/build/flags/actions/configure/'. $action->aid);
@@ -256 +291 @@
     t('Flag'),
     t('Threshold'),
+    t('Repeats'),
     t('Action'),
     array('data' => t('Operations'), 'colspan' => 2),
@@ -380 +416 @@
     $action->event = 'flag';
     $action->threshold = 10;
+    $action->repeat_threshold = 0;
     drupal_set_title(t('Add "@action" action to the @title flag', array('@action' => $action->description, '@title' => $flag->get_title())));
   }
@@ -388 +425 @@
     '#theme' => 'flag_actions_flag_form',
     '#action' => $action,
+    '#flag' => $flag,
   );
 
@@ -422 +460 @@
   );
 
+  $form['flag']['repeat_threshold'] = array(
+    '#type' => 'textfield',
+    '#size' => 6,
+    '#maxlength' => 6,
+    '#default_value' => $action->repeat_threshold,
+  );
+
+  if ($flag->global) {
+    $form['flag']['threshold']['#disabled'] = 1;
+    $form['flag']['threshold']['#value'] = 1;
+    $form['flag']['repeat_threshold']['#access'] = FALSE;
+    $form['flag']['repeat_threshold']['#value'] = 0;
+  }
+
+  // Merge in the standard flag action form.
   $action_form = $callback .'_form';
+  $edit = array();
   if (function_exists($action_form)) {
-    $edit = $action->parameters;
+    $edit += $action->parameters;
     $edit['actions_description'] = $action->description;
     $edit['actions_type'] = $action->type;
-    $form = array_merge($form, $action_form($edit));
-  }
-
+    $edit['actions_flag'] = $flag->name;
+    $additions = flag_actions_form_additions($action_form, $edit);
+    $form = array_merge($form, $additions);
+  }
+
+  // Add a few customizations to existing flag actions.
   $flag_actions_form = 'flag_actions_'. $callback .'_form';
   if (function_exists($flag_actions_form)) {
-    $flag_actions_form($form, $flag, isset($edit) ? $edit : array());
+    $flag_actions_form($form, $flag, $edit);
   }
 
@@ -441 +498 @@
 
   return $form;
+}
+
+/**
+ * Execute an action form callback to retrieve form additions.
+ *
+ * This function prevents the form callback from modifying local variables.
+ */
+function flag_actions_form_additions($callback, $edit) {
+  return $callback($edit);
 }
 
@@ -455 +521 @@
   }
 
-  $aid        = $form_state['values']['flag']['aid'];
-  $flag       = $form_state['values']['flag']['flag'];
-  $event      = $form_state['values']['flag']['event'];
-  $threshold  = $form_state['values']['flag']['threshold'];
-  $callback   = $form_state['values']['flag']['callback'];
+  $aid              = $form_state['values']['flag']['aid'];
+  $flag             = $form_state['values']['flag']['flag'];
+  $event            = $form_state['values']['flag']['event'];
+  $threshold        = $form_state['values']['flag']['threshold'];
+  $repeat_threshold = $form_state['values']['flag']['repeat_threshold'];
+  $callback         = $form_state['values']['flag']['callback'];
 
   $parameters = $form_state['values'];
@@ -465 +532 @@
 
   if (empty($aid)) {
-    $aid = flag_actions_insert_action($flag->fid, $event, $threshold, $callback, $parameters);
+    $aid = flag_actions_insert_action($flag->fid, $event, $threshold, $repeat_threshold, $callback, $parameters);
     $form_state['values']['flag']['aid'] = $aid;
     $form_state['values']['flag']['is_new'] = TRUE;
   }
   else {
-    flag_actions_update_action($aid, $event, $threshold, $parameters);
+    flag_actions_update_action($aid, $event, $threshold, $repeat_threshold, $parameters);
   }
 
@@ -482 +549 @@
   $event = drupal_render($form['event']);
   $threshold = drupal_render($form['threshold']);
+  $repeat_threshold = drupal_render($form['repeat_threshold']);
   $action = $form['#action']->description;
 
@@ -487 +555 @@
   $output .= '<div class="container-inline">';
   $output .= t('Perform action when content !event !threshold flags', array('!event' => $event, '!threshold' => $threshold));
+  if ($form['#flag']->global) {
+    $output .= ' ' . t('(global flags always have a threshold of 1)');
+  }
+  $output .= '</div>';
+  $output .= '<div class="container-inline">';
+  if (!$form['#flag']->global) {
+    $output .= t('Repeat this action every !repeat_threshold additional flags after the threshold is reached', array('!repeat_threshold' => $repeat_threshold));
+  }
   $output .= '</div>';
 
   $element = array(
     '#title' => t('Flagging threshold'),
-    '#description' => t('Set the event for which this action should be executed.'),
     '#required' => TRUE,
   );
@@ -527 +602 @@
 }
 
+/**
+ * Make modifications to the "Send e-mail" action form.
+ */
 function flag_actions_system_send_email_action_form(&$form, &$flag, $context) {
   $form['flag_tip'] = array(
@@ -536 +614 @@
     '#weight' => -1,
   );
-  return $form;
-}
-
+}
+
+/**
+ * Make modifications to the "Send tokenized e-mail" action form.
+ */
 function flag_actions_token_actions_send_email_action_form(&$form, &$flag, $context) {
   if (!isset($context['recipient'])) {

drupal-6/sites/all/modules/flag/includes/flag.rules.inc

@@ -1 +1 @@
 <?php
-// $Id: flag.rules.inc,v 1.1.2.2 2009/05/06 23:37:47 quicksketch Exp $
+// $Id: flag.rules.inc,v 1.1.2.2.2.2 2009/11/03 01:53:36 quicksketch Exp $
 
 /**
@@ -46 +46 @@
 
   /**
-   * Returns radios for selecting a flag of the type given in 
+   * Returns radios for selecting a flag of the type given in
    * $info['flag_type'].
    */
@@ -83 +83 @@
   $flags = flag_get_flags();
   foreach ($flags as $flag) {
-    
+
     $arguments = array(
       // First, define ubiquitous arguments.
@@ -166 +166 @@
     if ($flag->rules_get_element_argument_definition()) {
       $args += array('object' => $flag->rules_get_element_argument_definition());
-      
+
       $items += array(
         'flag_rules_action_flag_'. $type => array(
@@ -215 +215 @@
 
 /**
- * Base action implementation.
+ * Base action implementation: Trim flag.
  */
 function flag_rules_action_trim($flag, $flagging_user, $cutoff_size, $settings) {
-  // We can't use db_query_range(), because we can't specify 'infinity'.
-  $result = db_query("SELECT * FROM {flag_content} WHERE fid = %d AND (uid = %d OR uid = 0) ORDER BY timestamp DESC", $flag->fid, $flagging_user->uid);
-  $i = 1;
-  while ($row = db_fetch_object($result)) {
-    if ($i++ > $cutoff_size) {
-      flag('unflag', $flag->name, $row->content_id, $flagging_user);
-    }
-  }
+  flag_trim_flag($flag, $flagging_user, $cutoff_size);
 }
 
@@ -244 +237 @@
     if ($flag->rules_get_element_argument_definition()) {
       $args += array('object' => $flag->rules_get_element_argument_definition());
-  
+
       $items += array(
         'flag_rules_condition_threshold_'. $type => array(

drupal-6/sites/all/modules/flag/includes/flag.views_default.inc

@@ -1 +1 @@
 <?php
-// $Id: flag.views_default.inc,v 1.1.2.5 2009/02/22 22:20:39 quicksketch Exp $
+// $Id: flag.views_default.inc,v 1.1.2.5.2.1 2009/09/28 02:05:06 quicksketch Exp $
 
 /**
@@ -104 +104 @@
   $access = array(
     'type' => 'role',
-    'role' => drupal_map_assoc($flag->roles),
+    'role' => drupal_map_assoc($flag->roles['flag']),
     'perm' => '',
   );

drupal-6/sites/all/modules/flag/includes/flag_handler_field_ops.inc

@@ -1 +1 @@
 <?php
-// $Id: flag_handler_field_ops.inc,v 1.1.2.6 2010/01/08 04:48:43 quicksketch Exp $
+// $Id: flag_handler_field_ops.inc,v 1.1.2.5.2.3 2010/01/08 04:43:17 quicksketch Exp $
 
 /**
@@ -83 +83 @@
         'numeric' => TRUE,
       );
+      $join->extra[] = array(
+        'field' => 'sid',
+        'value' => flag_get_sid(),
+        'numeric' => TRUE,
+      );
     }
     $flag_table = $this->query->add_table('flag_content', $parent, $join);
@@ -103 +108 @@
     $flag = $this->get_flag();
 
-    if (!$flag->user_access()) {
-      // User has no permission to use this flag.
-      return;
-    }
-
     $ids = array();
     foreach ($values as $row) {
       $content_id = $row->{$this->aliases['content_id']};
+      $is_flagged = $row-&