diff --git a/e107_admin/auth.php b/e107_admin/auth.php
index e894d1216..7112d71e9 100644
--- a/e107_admin/auth.php
+++ b/e107_admin/auth.php
@@ -35,18 +35,19 @@ if($core->get('admintheme') != 'bootstrap' && $core->get('admintheme') != 'boots
}
// Check Admin-Perms for current language and redirect if necessary.
-if(deftrue("MULTILANG_SUBDOMAIN") && !getperms('0') && !getperms(e_LANGUAGE))
+if(!getperms('0') && vartrue($pref['multilanguage']) && !getperms(e_LANGUAGE))
{
- $lng = e107::getLanguage();
+ $lng = e107::getLanguage();
+
$tmp = explode(".",ADMINPERMS);
foreach($tmp as $ln)
{
if($lng->isValid($ln))
{
- $redirect = $lng->subdomainUrl($ln);
- // echo "redirect to: ".$redirect;
- e107::getRedirect()->redirect($redirect);
-
+ $redirect = deftrue("MULTILANG_SUBDOMAIN") ? $lng->subdomainUrl($ln) : e_SELF."?elan=".$ln;
+ // echo "redirect to: ".$redirect;
+ e107::getRedirect()->go($redirect);
+ // break;
}
}
}
diff --git a/e107_core/shortcodes/batch/admin_shortcodes.php b/e107_core/shortcodes/batch/admin_shortcodes.php
index fdb55724f..8c43180d5 100644
--- a/e107_core/shortcodes/batch/admin_shortcodes.php
+++ b/e107_core/shortcodes/batch/admin_shortcodes.php
@@ -1411,6 +1411,11 @@ Inverse 10 10
//CORE SUBLINKS
foreach ($array_functions as $key => $subitem)
{
+ if(!empty($subitem[3]) && !getperms($subitem[3]))
+ {
+ continue;
+ }
+
$catid = $admin_cat['id'][$subitem[4]];
$tmp = array();
$tmp['text'] = $subitem[1];
@@ -1450,9 +1455,9 @@ Inverse 10 10
$plug = new e107plugin;
$tmp = array();
- if($sql->db_Select("plugin", "*", "plugin_installflag =1 ORDER BY plugin_path"))
+ if($sql->select("plugin", "*", "plugin_installflag =1 ORDER BY plugin_path"))
{
- while($row = $sql->db_Fetch())
+ while($row = $sql->fetch())
{
if($plug->parse_plugin($row['plugin_path']))
@@ -1480,6 +1485,11 @@ Inverse 10 10
$icon_src_lrg = varset($plug_vars['administration']['icon']) ? $plugpath.$plug_vars['administration']['iconSmall'] : '';
$id = 'plugnav-'.$row['plugin_path'];
+ if(!getperms('P'.$row['plugin_id']))
+ {
+ continue;
+ }
+
$tmp[$id]['text'] = e107::getParser()->toHTML($plug_vars['@attributes']['name'], FALSE, "LINKTEXT");
$tmp[$id]['description'] = vartrue($plug_vars['description']['@value']);
$tmp[$id]['link'] = e_PLUGIN_ABS.$row['plugin_path'].'/'.$plug_vars['administration']['configFile'];
@@ -1573,7 +1583,7 @@ Inverse 10 10
// $menu_vars += $this->getOtherNav('home');
}
- // print_a($menu_vars);
+ // print_a($menu_vars);
return e107::getNav()->admin('', e_PAGE, $menu_vars, $$tmpl, FALSE, FALSE);
//return e_admin_men/u('', e_PAGE, $menu_vars, $$tmpl, FALSE, FALSE);
}
diff --git a/e107_handlers/admin_ui.php b/e107_handlers/admin_ui.php
index e0264e14f..15b2c8c1e 100644
--- a/e107_handlers/admin_ui.php
+++ b/e107_handlers/admin_ui.php
@@ -1472,6 +1472,12 @@ class e_admin_dispatcher
$selected = false;
foreach($this->adminMenu as $key => $val)
{
+
+ if(!empty($val['perm']) && !getperms($val['perm']))
+ {
+ continue;
+ }
+
$tmp = explode('/', trim($key, '/'), 3);
// sync with mode/route access
@@ -1544,7 +1550,8 @@ class e_admin_dispatcher
$var[$key]['link'] = (vartrue($val['url']) ? $tp->replaceConstants($val['url'], 'abs') : e_SELF).'?mode='.$tmp[0].'&action='.$tmp[1];
$var[$key]['perm'] = $val['perm']; */
}
-
+
+
if(empty($var)) return '';
$request = $this->getRequest();
@@ -2927,6 +2934,28 @@ class e_admin_controller_ui extends e_admin_controller
return $this;
}
+
+ /**
+ * @param $val
+ */
+ public function setBatchDelete($val)
+ {
+ $this->batchDelete = $val;
+ return $this;
+ }
+
+
+
+ /**
+ * @param $val
+ */
+ public function setBatchCopy($val)
+ {
+ $this->batchCopy = $val;
+ return $this;
+ }
+
+
/**
* User defined config setter
* @return e_admin_controller_ui
@@ -5682,6 +5711,41 @@ class e_admin_form_ui extends e_form
$this->listTotal = $tree[$id]->getTotal();
+
+ $fields = $controller->getFields();
+
+ // checks dispatcher perms for edit/delete access in list mode.
+ $mode = $controller->getMode();
+ $deleteRoute = $mode."/delete";
+ $editRoute = $mode."/edit";
+ $createRoute = $mode."/create";
+ $perm = $controller->getDispatcher()->getPerm();
+
+ if(isset($perm[$createRoute]) && !getperms($perm[$createRoute])) // disable the batchCopy option.
+ {
+ $controller->setBatchCopy(false);
+ }
+
+ if(isset($perm[$deleteRoute]) && !getperms($perm[$deleteRoute])) // disable the delete button and batch delete.
+ {
+ $fields['options']['readParms']['deleteClass'] = e_UC_NOBODY;
+ $controller->setBatchDelete(false);
+ }
+
+ if(isset($perm[$editRoute]) && !getperms($perm[$editRoute]))
+ {
+ $fields['options']['readParms']['editClass'] = e_UC_NOBODY; // display the edit button.
+ foreach($options[$id]['fields'] as $k=>$v) // disable inline editing.
+ {
+ $fields[$k]['inline'] = false;
+ }
+ }
+
+ // ------------------------------------------
+
+
+
+
$options[$id] = array(
'id' => $this->getElementId(), // unique string used for building element ids, REQUIRED
'pid' => $controller->getPrimaryName(), // primary field name, REQUIRED
@@ -5693,7 +5757,7 @@ class e_admin_form_ui extends e_form
'legend' => $controller->getPluginTitle(), // hidden by default
'form_pre' => !$ajax ? $this->renderFilter($tp->post_toForm(array($controller->getQuery('searchquery'), $controller->getQuery('filter_options'))), $controller->getMode().'/'.$controller->getAction()) : '', // needs to be visible when a search returns nothing
'form_post' => '', // markup to be added after closing form element
- 'fields' => $controller->getFields(), // see e_admin_ui::$fields
+ 'fields' => $fields, // see e_admin_ui::$fields
'fieldpref' => $controller->getFieldPref(), // see e_admin_ui::$fieldpref
'table_pre' => '', // markup to be added before opening table element
// 'table_post' => !$tree[$id]->isEmpty() ? $this->renderBatch($controller->getBatchDelete(),$controller->getBatchCopy(),$controller->getBatchLink(),$controller->getBatchFeaturebox()) : '',
@@ -5708,25 +5772,7 @@ class e_admin_form_ui extends e_form
);
- // checks dispatcher perms for edit/delete access in list mode.
- $deleteRoute = $this->getController()->getMode()."/delete";
- $editRoute = $this->getController()->getMode()."/edit";
- $perm = $this->getController()->getDispatcher()->getPerm();
-
- if(isset($perm[$deleteRoute]) && !getperms($perm[$deleteRoute])) // disable the delete button.
- {
- $options[$id]['fields']['options']['readParms']['deleteClass'] = e_UC_NOBODY;
- }
-
- if(isset($perm[$editRoute]) && !getperms($perm[$editRoute]))
- {
- $options[$id]['fields']['options']['readParms']['editClass'] = e_UC_NOBODY; // display the edit button.
- foreach($options[$id]['fields'] as $k=>$v) // disable inline editing.
- {
- $options[$id]['fields'][$k]['inline'] = false;
- }
- }
return $this->renderListForm($options, $tree, $ajax);
}
diff --git a/e107_handlers/language_class.php b/e107_handlers/language_class.php
index e3c3e8d09..878516252 100644
--- a/e107_handlers/language_class.php
+++ b/e107_handlers/language_class.php
@@ -263,7 +263,12 @@ class language{
* @return FALSE or the name of the valid Language
*/
function isValid($lang='')
- {
+ {
+ if(empty($lang))
+ {
+ return false;
+ }
+
global $pref;
if(!$lang)
diff --git a/e107_handlers/sitelinks_class.php b/e107_handlers/sitelinks_class.php
index 584a882bb..75526675d 100644
--- a/e107_handlers/sitelinks_class.php
+++ b/e107_handlers/sitelinks_class.php
@@ -805,7 +805,7 @@ i.e-cat_users-32{ background-position: -555px 0; width: 32px; height: 32px; }
14 => array(e_ADMIN_ABS.'ugflag.php', ADLAN_40, ADLAN_41, '9', 4, E_16_MAINTAIN, E_32_MAINTAIN),
15 => array(e_ADMIN_ABS.'menus.php', ADLAN_6, ADLAN_7, '2', 5, E_16_MENUS, E_32_MENUS),
16 => array(e_ADMIN_ABS.'meta.php', ADLAN_66, ADLAN_67, 'T', 1, E_16_META, E_32_META),
- 17 => array(e_ADMIN_ABS.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7', 3, E_16_NEWS, E_32_NEWS),
+ 17 => array(e_ADMIN_ABS.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7|H0|H1|H2|H3|H4|H5', 3, E_16_NEWS, E_32_NEWS),
18 => array(e_ADMIN_ABS.'phpinfo.php', ADLAN_68, ADLAN_69, '0', 20, E_16_PHP, E_32_PHP),
19 => array(e_ADMIN_ABS.'prefs.php', LAN_PREFS, ADLAN_5, '1', 1, E_16_PREFS, E_32_PREFS),
20 => array(e_ADMIN_ABS.'search.php', LAN_SEARCH, ADLAN_143, 'X', 1, E_16_SEARCH, E_32_SEARCH),