Fix for user-extended permissions on user page. Corrected wrapper ID for user/member list.

e107_core/shortcodes/batch/user_shortcodes.php

@@ -672,16 +672,30 @@ class user_shortcodes extends e_shortcode
 
 		if(!empty($parm['field']))
 		{
+
+			$ext = e107::getUserExt();
+
 			$fld = 'user_'.$parm['field'];
+
+			if(!$ext->hasPermission($fld,'read'))
+			{
+				return false;
+			}
+
 			$val = $this->var[$fld];
-			return e107::getUserExt()->renderValue($val); //TODO auto-detect type, from within the user-extended class.
+
+		//	e107::getDebug()->log(print_a($ext,true));
+
+			return $ext->renderValue($val); //TODO auto-detect type, from within the user-extended class.
 
 		}
 
-		return ' ';
+		return false;
 
 	}
 
+
+
 	function sc_user_extended_all($parm) 
 	{
 		$sql = e107::getDb();

e107_handlers/db_debug_class.php

@@ -658,6 +658,12 @@ class e107_db_debug {
 //
 	function log($message,$TraceLev=1)
 	{
+
+		if(is_array($message))
+		{
+			$message = "<pre>".print_r($message,true)."</pre>";
+		}
+
 		if (!E107_DBG_BASIC){
 			return FALSE;
 		}

e107_handlers/mail.php

@@ -947,10 +947,10 @@ class e107Email extends PHPMailer
 	 * 	@param bool $eml['add_html_header']     - if TRUE, adds the 2-line DOCTYPE declaration to the front of the HTML part (but doesn't add <head>...</head>)
 	 * 	@param string $eml['body']			    - message body. May be HTML or text. Added according to the current state of the HTML enable flag
 	 * 	@param string|array $eml['attach']		- string if one file, array of filenames if one or more.
-	 * 	@param string $eml['copy_to']			- comma-separated list of cc addresses.
-	 * 	@param string $eml['cc_names']  		- comma-separated list of cc names. Optional, used only if $eml['copy_to'] specified
-	 * 	@param string $eml['bcopy_to']		    - comma-separated list
-	 * 	@param string $eml['bcc_names'] 		- comma-separated list of bcc names. Optional, used only if $eml['copy_to'] specified
+	 * 	@param string $eml['cc']			- comma-separated list of cc addresses.
+	 * 	@param string $eml['cc_names']  		- comma-separated list of cc names. Optional, used only if $eml['cc'] specified
+	 * 	@param string $eml['bcc']		    - comma-separated list
+	 * 	@param string $eml['bcc_names'] 		- comma-separated list of bcc names. Optional, used only if $eml['bcc'] specified
 	 * 	@param string $eml['bouncepath']		- Sender field (used for bounces)
 	 * 	@param string $eml['returnreceipt']	    - email address for notification of receipt (reading)
 	 * 	@param array $eml['inline_images']	    - array of files for inline images

e107_handlers/user_extended_class.php

@@ -45,11 +45,12 @@ class e107_user_extended
 	private $extended_xml = FALSE;
 	public $typeArray;				// Cross-reference between names of field types, and numeric ID (must be public)
 	private $reserved_names;		// List of field names used in main user DB - not allowed in extended DB
-	public $fieldDefinitions;		// Array initialised from DB by constructor - currently all fields
+	public $fieldDefinitions    = array();	// Array initialised from DB by constructor - currently all fields
 	public $catDefinitions;			// Categories
-	private $nameIndex;				// Array for field name lookup - initialised by constructor
-	public $systemCount = 0;		// Count of system fields - always zero ATM
-	public $userCount = 0;			// Count of non-system fields
+	private $nameIndex          = array();	// Array for field name lookup - initialised by constructor
+	public $systemCount         = 0;		// Count of system fields - always zero ATM
+	public $userCount           = 0;			// Count of non-system fields
+	private $fieldPermissions   = array(); // Field Permissionss with field name as key.
 
 	public function __construct()
 	{
@@ -109,7 +110,6 @@ class e107_user_extended
 		// Read in all the field and category fields
 		// At present we load all fields into common array - may want to split system and non-system
 		$this ->catDefinitions = array();		// Categories array
-		$this->fieldDefinitions = array();		// Field definitions array
 		$this->nameIndex = array();				// Index of names => field IDs
 		$this->systemCount = 0;
 		$this->userCount = 0;
@@ -125,6 +125,8 @@ class e107_user_extended
 				else
 				{	// Its a field definition
 					$this->fieldDefinitions[$row['user_extended_struct_id']] = $row;
+					$id = 'user_'.$row['user_extended_struct_name'];
+					$this->fieldPermissions[$id] = array('read'=>$row['user_extended_struct_read'], 'write'=>$row['user_extended_struct_write']);
 					$this->nameIndex['user_'.$row['user_extended_struct_name']] = $row['user_extended_struct_id'];			// Create name to ID index
 					if ($row['user_extended_struct_text'] == '_system_')
 					{
@@ -139,14 +141,24 @@ class e107_user_extended
 		}
 	}
 
+	/**
+	 * Check read/write access on extended user-fields
+	 * @param string $field eg. user_something
+	 * @param string $type read|write
+	 * @return boolean true if
+	 */
+	public function hasPermission($field, $type='read')
+	{
+		$class = ($type == 'read') ? $this->fieldPermissions[$field]['read'] : $this->fieldPermissions[$field]['write'];
+		return check_class($class);
+	}
+
 
 
 	/**
 	 *	Check for reserved field names.
 	 *	(Names which clash with the 'normal' user table aren't allowed)
-	 *
 	 *	@param string $name - name of field bweing checked (no 'user_' prefix)
-	 *
 	 *	@return boolean TRUE if disallowed name
 	 */
 	public function user_extended_reserved($name)

e107_plugins/pm/admin_config.php

@@ -35,6 +35,7 @@ class pm_admin extends e_admin_dispatcher
 			'ui' 			=> 'private_msg_form_ui',
 			'uipath' 		=> null
 		),
+
     /*
 		'block'	=> array(
 			'controller' 	=> 'private_msg_block_ui',
@@ -52,6 +53,7 @@ class pm_admin extends e_admin_dispatcher
 		'main/limits'		=> array('caption'=> ADLAN_PM_55, 'perm' => 'P'),
 		'main/maint'		=> array('caption'=> ADLAN_PM_59, 'perm' => 'P'),
 
+
 		'main/null'		    => array('divider'=> true),
 		'inbox/list'		=> array('caption'=> "Inbox", 'perm' => 'P'),
 		'outbox/list'		=> array('caption'=> "Outbox", 'perm' => 'P'),
@@ -71,6 +73,17 @@ class pm_admin extends e_admin_dispatcher
 	);	
 	
 	protected $menuTitle = LAN_PLUGIN_PM_NAME;
+
+	function init()
+	{
+
+		if(e_DEBUG == true)
+		{
+			$this->adminMenu['main/null2']	= array('divider'=> true);
+			$this->adminMenu['main/list']   = array('caption'=> "Log", 'perm' => 'P');
+		}
+
+	}
 }
 
 
@@ -831,6 +844,15 @@ class private_msg_ui extends e_admin_ui
 				$this->fields['options']['readParms'] = 'editClass='.e_UC_NOBODY;
 			}
 
+	        if($this->getMode() == 'main')
+			{
+				$this->listQry = 'SELECT  p.*, u.user_name, f.user_name AS fromuser FROM #private_msg AS p LEFT JOIN  #user AS u ON u.user_id = p.pm_to
+					LEFT JOIN #user as f on f.user_id = p.pm_from WHERE 1 ';
+			//	$this->fields['pm_from']['nolist'] = true;
+				$this->fields['options']['readParms'] = 'editClass='.e_UC_NOBODY;
+				$this->perPage = 20;
+			}
+
 			if($this->getAction() == 'create')
 			{
 				$this->fields['pm_to']['writeParms']['default'] = 99999999;

user.php

@@ -261,12 +261,14 @@ if (isset($id))
 		// $userList = $sql->db_getList();
 
 		$text = $tp->parseTemplate($USER_SHORT_TEMPLATE_START, TRUE, $user_shortcodes);
+		$sc = e107::getScBatch('user');
 		foreach ($data as $row)
 		{
 			$loop_uid = $row['user_id'];
 
 		//	$text .= renderuser($row, "short");
-			e107::getScBatch('user')->setVars($row);
+			$sc->setVars($row);
+			$sc->wrapper('user/list');
 
 			$text .= $tp->parseTemplate($USER_SHORT_TEMPLATE, TRUE, $user_shortcodes);
 		}