mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-29 02:40:25 +02:00
Code Issues Releases Wiki Activity

Admin nav links and menus were not checking for perms properly before rendering. fixed.

Browse Source
This commit is contained in:
CaMer0n
2009-08-05 14:20:41 +00:00
parent 25baea76c0
commit 6b07315b2f
3 changed files with 30 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
e107_admin/admin.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_admin/admin.php,v $ | $Source: /cvs_backup/e107_0.8/e107_admin/admin.php,v $
| $Revision: 1.11 $ | $Revision: 1.12 $
| $Date: 2009-07-04 13:36:15 $ | $Date: 2009-08-05 14:20:39 $
| $Author: e107coders $ | $Author: e107coders $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -229,7 +229,7 @@ $array_functions_assoc = convert_core_icons($newarray);
function convert_core_icons($newarray) // Put core button array in the same format as plugin button array. function convert_core_icons($newarray) // Put core button array in the same format as plugin button array.
{ {
foreach($newarray as $val) foreach($newarray as $key=>$val)
{ {
$key = "e-".basename($val[0],".php"); $key = "e-".basename($val[0],".php");
$val['icon'] = $val[5]; $val['icon'] = $val[5];
@@ -237,9 +237,10 @@ function convert_core_icons($newarray) // Put core button array in the same for
$val['title'] = $val[1]; $val['title'] = $val[1];
$val['link'] = $val[0]; $val['link'] = $val[0];
$val['caption'] = $val['2']; $val['caption'] = $val['2'];
$val['perms'] = $val['4']; $val['perms'] = $val['3'];
$array_functions_assoc[$key] = $val; $array_functions_assoc[$key] = $val;
} }
return $array_functions_assoc; return $array_functions_assoc;
} }

15
e107_admin/header.php
View File

@@ -4,7 +4,7 @@
| e107 website system | e107 website system
| /e107_admin/header.php | /e107_admin/header.php
| |
| <EFBFBD>Steve Dunstan 2001-2002 | ©Steve Dunstan 2001-2002
| http://e107.org | http://e107.org
| jalist@e107.org | jalist@e107.org
| |
@@ -12,9 +12,9 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_admin/header.php,v $ | $Source: /cvs_backup/e107_0.8/e107_admin/header.php,v $
| $Revision: 1.41 $ | $Revision: 1.42 $
| $Date: 2009-07-23 08:14:55 $ | $Date: 2009-08-05 14:20:40 $
| $Author: marj_nl_fr $ | $Author: e107coders $
+---------------------------------------------------------------+ +---------------------------------------------------------------+
*/ */
@@ -486,6 +486,13 @@ function e_admin_menu($title, $active_page, $e107_vars, $tmpl = array(), $sub_li
$search[9] = '/\{LINK_IMAGE\}(.*?)/si'; $search[9] = '/\{LINK_IMAGE\}(.*?)/si';
foreach (array_keys($e107_vars) as $act) foreach (array_keys($e107_vars) as $act)
{ {
if(($e107_vars[$act]['perm']!='') && !getperms($e107_vars[$act]['perm'])) // check perms first.
{
continue;
}
// print_a($e107_vars[$act]);
$replace = array(); $replace = array();
if ($active_page == $act || (str_replace("?", "", e_PAGE.e_QUERY) == str_replace("?", "", $act))) if ($active_page == $act || (str_replace("?", "", e_PAGE.e_QUERY) == str_replace("?", "", $act)))
{ {

14
e107_admin/includes/infopanel.php
View File

@@ -12,8 +12,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_admin/includes/infopanel.php,v $ | $Source: /cvs_backup/e107_0.8/e107_admin/includes/infopanel.php,v $
| $Revision: 1.5 $ | $Revision: 1.6 $
| $Date: 2009-07-23 10:46:11 $ | $Date: 2009-08-05 14:20:41 $
| $Author: e107coders $ | $Author: e107coders $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -98,7 +98,7 @@ $text .= "
foreach ($iconlist as $key => $val) foreach ($iconlist as $key => $val)
{ {
if (in_array($key,$user_pref['core-infopanel-mye107'])) if (!isset($user_pref['core-infopanel-mye107']) || in_array($key,$user_pref['core-infopanel-mye107']) )
{ {
$text .= render_links($val['link'],$val['title'],$val['caption'],$val['perms'],$val['icon_32'],"div"); $text .= render_links($val['link'],$val['title'],$val['caption'],$val['perms'],$val['icon_32'],"div");
} }
@@ -117,21 +117,27 @@ $text .= "<div class='clear'>&nbsp;</div>
foreach ($iconlist as $key => $icon) foreach ($iconlist as $key => $icon)
{ {
$checked = (in_array($key,$user_pref['core-infopanel-mye107'])) ? true : false; if(getperms($icon['perms']))
{
$checked = (varset($user_pref['core-infopanel-mye107']) && in_array($key,$user_pref['core-infopanel-mye107'])) ? true : false;
$text .= "<div class='left f-left list field-spacer' style='display:block;height:24px;width:200px;'> $text .= "<div class='left f-left list field-spacer' style='display:block;height:24px;width:200px;'>
".$icon['icon'].$frm->checkbox('e-mye107[]',$key,$checked).$icon['title']."</div>"; ".$icon['icon'].$frm->checkbox('e-mye107[]',$key,$checked).$icon['title']."</div>";
} }
}
if (is_array($pluglist)) if (is_array($pluglist))
{ {
foreach ($pluglist as $key => $icon) foreach ($pluglist as $key => $icon)
{
if(getperms($icon['perms']))
{ {
$checked = (in_array('p-'.$key,$user_pref['core-infopanel-mye107'])) ? true : false; $checked = (in_array('p-'.$key,$user_pref['core-infopanel-mye107'])) ? true : false;
$text .= "<div class='left f-left list field-spacer' style='display:block;height:24px;width:200px;'> $text .= "<div class='left f-left list field-spacer' style='display:block;height:24px;width:200px;'>
".$icon['icon'].$frm->checkbox('e-mye107[]',$key,$checked).$icon['title']."</div>"; ".$icon['icon'].$frm->checkbox('e-mye107[]',$key,$checked).$icon['title']."</div>";
} }
} }
}
$text .= "<div class='clear'>&nbsp;</div>"; $text .= "<div class='clear'>&nbsp;</div>";
$text .= "<div id='button' class='buttons-bar center'>"; $text .= "<div id='button' class='buttons-bar center'>";
// has issues with the checkboxes. // has issues with the checkboxes.