mirror of
https://github.com/e107inc/e107.git
synced 2025-08-02 12:48:26 +02:00
Fix for user-extended permissions on user page. Corrected wrapper ID for user/member list.
This commit is contained in:
Cameron
@@ -672,16 +672,30 @@ class user_shortcodes extends e_shortcode
|
|||||||
|
|
||||||
if(!empty($parm['field']))
|
if(!empty($parm['field']))
|
||||||
{
|
{
|
||||||
|
|
||||||
|
$ext = e107::getUserExt();
|
||||||
|
|
||||||
$fld = 'user_'.$parm['field'];
|
$fld = 'user_'.$parm['field'];
|
||||||
|
|
||||||
|
if(!$ext->hasPermission($fld,'read'))
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$val = $this->var[$fld];
|
$val = $this->var[$fld];
|
||||||
return e107::getUserExt()->renderValue($val); //TODO auto-detect type, from within the user-extended class.
|
|
||||||
|
// e107::getDebug()->log(print_a($ext,true));
|
||||||
|
|
||||||
|
return $ext->renderValue($val); //TODO auto-detect type, from within the user-extended class.
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return ' ';
|
return false;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
function sc_user_extended_all($parm)
|
function sc_user_extended_all($parm)
|
||||||
{
|
{
|
||||||
$sql = e107::getDb();
|
$sql = e107::getDb();
|
||||||
|
|||||||
@@ -658,6 +658,12 @@ class e107_db_debug {
|
|||||||
//
|
//
|
||||||
function log($message,$TraceLev=1)
|
function log($message,$TraceLev=1)
|
||||||
{
|
{
|
||||||
|
|
||||||
|
if(is_array($message))
|
||||||
|
{
|
||||||
|
$message = "<pre>".print_r($message,true)."</pre>";
|
||||||
|
}
|
||||||
|
|
||||||
if (!E107_DBG_BASIC){
|
if (!E107_DBG_BASIC){
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -947,10 +947,10 @@ class e107Email extends PHPMailer
|
|||||||
* @param bool $eml['add_html_header'] - if TRUE, adds the 2-line DOCTYPE declaration to the front of the HTML part (but doesn't add <head>...</head>)
|
* @param bool $eml['add_html_header'] - if TRUE, adds the 2-line DOCTYPE declaration to the front of the HTML part (but doesn't add <head>...</head>)
|
||||||
* @param string $eml['body'] - message body. May be HTML or text. Added according to the current state of the HTML enable flag
|
* @param string $eml['body'] - message body. May be HTML or text. Added according to the current state of the HTML enable flag
|
||||||
* @param string|array $eml['attach'] - string if one file, array of filenames if one or more.
|
* @param string|array $eml['attach'] - string if one file, array of filenames if one or more.
|
||||||
* @param string $eml['copy_to'] - comma-separated list of cc addresses.
|
* @param string $eml['cc'] - comma-separated list of cc addresses.
|
||||||
* @param string $eml['cc_names'] - comma-separated list of cc names. Optional, used only if $eml['copy_to'] specified
|
* @param string $eml['cc_names'] - comma-separated list of cc names. Optional, used only if $eml['cc'] specified
|
||||||
* @param string $eml['bcopy_to'] - comma-separated list
|
* @param string $eml['bcc'] - comma-separated list
|
||||||
* @param string $eml['bcc_names'] - comma-separated list of bcc names. Optional, used only if $eml['copy_to'] specified
|
* @param string $eml['bcc_names'] - comma-separated list of bcc names. Optional, used only if $eml['bcc'] specified
|
||||||
* @param string $eml['bouncepath'] - Sender field (used for bounces)
|
* @param string $eml['bouncepath'] - Sender field (used for bounces)
|
||||||
* @param string $eml['returnreceipt'] - email address for notification of receipt (reading)
|
* @param string $eml['returnreceipt'] - email address for notification of receipt (reading)
|
||||||
* @param array $eml['inline_images'] - array of files for inline images
|
* @param array $eml['inline_images'] - array of files for inline images
|
||||||
|
|||||||
@@ -45,11 +45,12 @@ class e107_user_extended
|
|||||||
private $extended_xml = FALSE;
|
private $extended_xml = FALSE;
|
||||||
public $typeArray; // Cross-reference between names of field types, and numeric ID (must be public)
|
public $typeArray; // Cross-reference between names of field types, and numeric ID (must be public)
|
||||||
private $reserved_names; // List of field names used in main user DB - not allowed in extended DB
|
private $reserved_names; // List of field names used in main user DB - not allowed in extended DB
|
||||||
public $fieldDefinitions; // Array initialised from DB by constructor - currently all fields
|
public $fieldDefinitions = array(); // Array initialised from DB by constructor - currently all fields
|
||||||
public $catDefinitions; // Categories
|
public $catDefinitions; // Categories
|
||||||
private $nameIndex; // Array for field name lookup - initialised by constructor
|
private $nameIndex = array(); // Array for field name lookup - initialised by constructor
|
||||||
public $systemCount = 0; // Count of system fields - always zero ATM
|
public $systemCount = 0; // Count of system fields - always zero ATM
|
||||||
public $userCount = 0; // Count of non-system fields
|
public $userCount = 0; // Count of non-system fields
|
||||||
|
private $fieldPermissions = array(); // Field Permissionss with field name as key.
|
||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
@@ -109,7 +110,6 @@ class e107_user_extended
|
|||||||
// Read in all the field and category fields
|
// Read in all the field and category fields
|
||||||
// At present we load all fields into common array - may want to split system and non-system
|
// At present we load all fields into common array - may want to split system and non-system
|
||||||
$this ->catDefinitions = array(); // Categories array
|
$this ->catDefinitions = array(); // Categories array
|
||||||
$this->fieldDefinitions = array(); // Field definitions array
|
|
||||||
$this->nameIndex = array(); // Index of names => field IDs
|
$this->nameIndex = array(); // Index of names => field IDs
|
||||||
$this->systemCount = 0;
|
$this->systemCount = 0;
|
||||||
$this->userCount = 0;
|
$this->userCount = 0;
|
||||||
@@ -125,6 +125,8 @@ class e107_user_extended
|
|||||||
else
|
else
|
||||||
{ // Its a field definition
|
{ // Its a field definition
|
||||||
$this->fieldDefinitions[$row['user_extended_struct_id']] = $row;
|
$this->fieldDefinitions[$row['user_extended_struct_id']] = $row;
|
||||||
|
$id = 'user_'.$row['user_extended_struct_name'];
|
||||||
|
$this->fieldPermissions[$id] = array('read'=>$row['user_extended_struct_read'], 'write'=>$row['user_extended_struct_write']);
|
||||||
$this->nameIndex['user_'.$row['user_extended_struct_name']] = $row['user_extended_struct_id']; // Create name to ID index
|
$this->nameIndex['user_'.$row['user_extended_struct_name']] = $row['user_extended_struct_id']; // Create name to ID index
|
||||||
if ($row['user_extended_struct_text'] == '_system_')
|
if ($row['user_extended_struct_text'] == '_system_')
|
||||||
{
|
{
|
||||||
@@ -139,14 +141,24 @@ class e107_user_extended
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check read/write access on extended user-fields
|
||||||
|
* @param string $field eg. user_something
|
||||||
|
* @param string $type read|write
|
||||||
|
* @return boolean true if
|
||||||
|
*/
|
||||||
|
public function hasPermission($field, $type='read')
|
||||||
|
{
|
||||||
|
$class = ($type == 'read') ? $this->fieldPermissions[$field]['read'] : $this->fieldPermissions[$field]['write'];
|
||||||
|
return check_class($class);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check for reserved field names.
|
* Check for reserved field names.
|
||||||
* (Names which clash with the 'normal' user table aren't allowed)
|
* (Names which clash with the 'normal' user table aren't allowed)
|
||||||
*
|
|
||||||
* @param string $name - name of field bweing checked (no 'user_' prefix)
|
* @param string $name - name of field bweing checked (no 'user_' prefix)
|
||||||
*
|
|
||||||
* @return boolean TRUE if disallowed name
|
* @return boolean TRUE if disallowed name
|
||||||
*/
|
*/
|
||||||
public function user_extended_reserved($name)
|
public function user_extended_reserved($name)
|
||||||
|
|||||||
@@ -35,6 +35,7 @@ class pm_admin extends e_admin_dispatcher
|
|||||||
'ui' => 'private_msg_form_ui',
|
'ui' => 'private_msg_form_ui',
|
||||||
'uipath' => null
|
'uipath' => null
|
||||||
),
|
),
|
||||||
|
|
||||||
/*
|
/*
|
||||||
'block' => array(
|
'block' => array(
|
||||||
'controller' => 'private_msg_block_ui',
|
'controller' => 'private_msg_block_ui',
|
||||||
@@ -52,6 +53,7 @@ class pm_admin extends e_admin_dispatcher
|
|||||||
'main/limits' => array('caption'=> ADLAN_PM_55, 'perm' => 'P'),
|
'main/limits' => array('caption'=> ADLAN_PM_55, 'perm' => 'P'),
|
||||||
'main/maint' => array('caption'=> ADLAN_PM_59, 'perm' => 'P'),
|
'main/maint' => array('caption'=> ADLAN_PM_59, 'perm' => 'P'),
|
||||||
|
|
||||||
|
|
||||||
'main/null' => array('divider'=> true),
|
'main/null' => array('divider'=> true),
|
||||||
'inbox/list' => array('caption'=> "Inbox", 'perm' => 'P'),
|
'inbox/list' => array('caption'=> "Inbox", 'perm' => 'P'),
|
||||||
'outbox/list' => array('caption'=> "Outbox", 'perm' => 'P'),
|
'outbox/list' => array('caption'=> "Outbox", 'perm' => 'P'),
|
||||||
@@ -71,6 +73,17 @@ class pm_admin extends e_admin_dispatcher
|
|||||||
);
|
);
|
||||||
|
|
||||||
protected $menuTitle = LAN_PLUGIN_PM_NAME;
|
protected $menuTitle = LAN_PLUGIN_PM_NAME;
|
||||||
|
|
||||||
|
function init()
|
||||||
|
{
|
||||||
|
|
||||||
|
if(e_DEBUG == true)
|
||||||
|
{
|
||||||
|
$this->adminMenu['main/null2'] = array('divider'=> true);
|
||||||
|
$this->adminMenu['main/list'] = array('caption'=> "Log", 'perm' => 'P');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -831,6 +844,15 @@ class private_msg_ui extends e_admin_ui
|
|||||||
$this->fields['options']['readParms'] = 'editClass='.e_UC_NOBODY;
|
$this->fields['options']['readParms'] = 'editClass='.e_UC_NOBODY;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if($this->getMode() == 'main')
|
||||||
|
{
|
||||||
|
$this->listQry = 'SELECT p.*, u.user_name, f.user_name AS fromuser FROM #private_msg AS p LEFT JOIN #user AS u ON u.user_id = p.pm_to
|
||||||
|
LEFT JOIN #user as f on f.user_id = p.pm_from WHERE 1 ';
|
||||||
|
// $this->fields['pm_from']['nolist'] = true;
|
||||||
|
$this->fields['options']['readParms'] = 'editClass='.e_UC_NOBODY;
|
||||||
|
$this->perPage = 20;
|
||||||
|
}
|
||||||
|
|
||||||
if($this->getAction() == 'create')
|
if($this->getAction() == 'create')
|
||||||
{
|
{
|
||||||
$this->fields['pm_to']['writeParms']['default'] = 99999999;
|
$this->fields['pm_to']['writeParms']['default'] = 99999999;
|
||||||
|
|||||||
4
user.php
4
user.php
@@ -261,12 +261,14 @@ if (isset($id))
|
|||||||
// $userList = $sql->db_getList();
|
// $userList = $sql->db_getList();
|
||||||
|
|
||||||
$text = $tp->parseTemplate($USER_SHORT_TEMPLATE_START, TRUE, $user_shortcodes);
|
$text = $tp->parseTemplate($USER_SHORT_TEMPLATE_START, TRUE, $user_shortcodes);
|
||||||
|
$sc = e107::getScBatch('user');
|
||||||
foreach ($data as $row)
|
foreach ($data as $row)
|
||||||
{
|
{
|
||||||
$loop_uid = $row['user_id'];
|
$loop_uid = $row['user_id'];
|
||||||
|
|
||||||
// $text .= renderuser($row, "short");
|
// $text .= renderuser($row, "short");
|
||||||
e107::getScBatch('user')->setVars($row);
|
$sc->setVars($row);
|
||||||
|
$sc->wrapper('user/list');
|
||||||
|
|
||||||
$text .= $tp->parseTemplate($USER_SHORT_TEMPLATE, TRUE, $user_shortcodes);
|
$text .= $tp->parseTemplate($USER_SHORT_TEMPLATE, TRUE, $user_shortcodes);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user