Changeset 17925


Ignore:
Timestamp:
09/15/12 14:39:38 (7 years ago)
Author:
mistic100
Message:

check AP restrictions and user.forbidden_cetegories

Location:
extensions/linked_pages
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • extensions/linked_pages/include/functions.inc.php

    r17882 r17925  
    2323function linked_pages_loc_end_index() 
    2424{ 
    25   global $page, $user, $template; 
     25  global $page, $user, $template, $conf; 
    2626   
    27  
    2827  if ( isset($page['section']) and $page['section']=='categories' and isset($page['category']) ) 
    2928  { 
     29    $where_clauses = array('category_id = '.$page['category']['id']); 
     30     
     31    if (!is_admin()) 
     32    { 
     33      if ($conf['AP']['language_perm']) 
     34      { 
     35        $where_clauses[] = '(ap.lang = NULL OR ap.lang = "'.$user['language'].'")'; 
     36      } 
     37      if ($conf['AP']['level_perm']) 
     38      { 
     39        $where_clauses[] = 'ap.level <= '.$user['level']; 
     40      } 
     41      if ($conf['AP']['user_perm']) 
     42      { 
     43        $where_clauses[] = 'ap.users LIKE "%'.$user['status'].'%"'; 
     44      } 
     45      if ($conf['AP']['group_perm']) 
     46      { 
     47        $query = ' 
     48SELECT group_id 
     49  FROM '.USER_GROUP_TABLE.' 
     50  WHERE user_id = '.$user['id'].' 
     51;'; 
     52        $user_groups = array_from_query($query, 'group_id'); 
     53      } 
     54    } 
     55     
    3056    $query = ' 
    3157SELECT 
     
    3460    ap.title, 
    3561    ap.standalone, 
    36     ap.permalink 
     62    ap.permalink, 
     63    ap.groups 
    3764  FROM '.LINKEDPAGES_TABLE.' AS lp 
    3865    INNER JOIN '.ADD_PAGES_TABLE.' AS ap 
    3966    ON lp.page_id = ap.id 
    40   WHERE category_id = '.$page['category']['id'].' 
     67  WHERE 
     68    '.implode("\n    AND ", $where_clauses).' 
    4169  ORDER BY lp.pos 
    4270;'; 
     
    5078    while ($row = pwg_db_fetch_assoc($result)) 
    5179    { 
    52       if ( isset($row['lang']) and $row['lang'] != $user['language'] ) return; 
     80      if ( !is_admin() and $conf['AP']['group_perm'] and !empty($row['groups']) ) 
     81      { 
     82        $authorized = false; 
     83        foreach (explode(',',$row['groups']) as $group_id) 
     84        { 
     85          if (in_array($group_id, $user_groups)) 
     86          { 
     87            $authorized = true; 
     88            break; 
     89          } 
     90        } 
     91        if (!$authorized) continue; 
     92      } 
     93         
     94       
    5395      $row['U_PAGE'] = make_index_url(array('section'=>'page')).'/'.(isset($row['permalink']) ? $row['permalink'] : $row['page_id']); 
    5496      $row['TITLE'] = trigger_event('AP_render_title', $row['title']); 
     
    62104  else if ( isset($page['section']) and $page['section']=='additional_page' and isset($page['additional_page']) ) 
    63105  { 
     106    $where_clauses = array('page_id = '.$page['additional_page']['id']); 
     107     
     108    if (!is_admin()) 
     109    { 
     110      $where_clauses[] = 'lp.category_id NOT IN('.$user['forbidden_categories'].')'; 
     111    } 
     112     
    64113    $query = ' 
    65114SELECT 
     
    70119    INNER JOIN '.CATEGORIES_TABLE.' AS cat 
    71120    ON lp.category_id = cat.id 
    72   WHERE page_id = '.$page['additional_page']['id'].' 
     121  WHERE 
     122    '.implode("\n    AND ", $where_clauses).' 
    73123  ORDER BY lp.pos 
    74124;'; 
  • extensions/linked_pages/main.inc.php

    r17888 r17925  
    1616// | Define plugin constants                                               | 
    1717// +-----------------------------------------------------------------------+ 
    18 define('LINKEDPAGES_PATH' ,   PHPWG_PLUGINS_PATH . 'linked_pages/'); 
     18defined('LINKEDPAGES_ID') or define('LINKEDPAGES_ID', basename(dirname(__FILE__))); 
     19define('LINKEDPAGES_PATH' ,   PHPWG_PLUGINS_PATH . LINKEDPAGES_ID . '/'); 
    1920define('LINKEDPAGES_TABLE',   $prefixeTable . 'linked_pages'); 
    20 define('LINKEDPAGES_ADMIN',   get_root_url() . 'admin.php?page=plugin-linked_pages'); 
     21define('LINKEDPAGES_ADMIN',   get_root_url() . 'admin.php?page=plugin-' . LINKEDPAGES_ID); 
    2122define('LINKEDPAGES_VERSION', '1.0.0'); 
    2223 
     
    5152   
    5253  if ( 
    53     $pwg_loaded_plugins['linked_pages']['version'] == 'auto' or 
    54     version_compare($pwg_loaded_plugins['linked_pages']['version'], LINKEDPAGES_VERSION, '<') 
     54    $pwg_loaded_plugins[LINKEDPAGES_ID]['version'] == 'auto' or 
     55    version_compare($pwg_loaded_plugins[LINKEDPAGES_ID]['version'], LINKEDPAGES_VERSION, '<') 
    5556  ) 
    5657  { 
     
    5859    linked_pages_install(); 
    5960     
    60     if ($pwg_loaded_plugins['linked_pages']['version'] != 'auto') 
     61    if ($pwg_loaded_plugins[LINKEDPAGES_ID]['version'] != 'auto') 
    6162    { 
    6263      $query = ' 
    6364UPDATE '. PLUGINS_TABLE .' 
    6465SET version = "'. LINKEDPAGES_VERSION .'" 
    65 WHERE id = "linked_pages"'; 
     66WHERE id = "'. LINKEDPAGES_ID .'"'; 
    6667      pwg_query($query); 
    6768       
    68       $pwg_loaded_plugins['linked_pages']['version'] = LINKEDPAGES_VERSION; 
     69      $pwg_loaded_plugins[LINKEDPAGES_ID]['version'] = LINKEDPAGES_VERSION; 
    6970       
    7071      if (defined('IN_ADMIN')) 
    7172      { 
    72         $_SESSION['page_infos'][] = 'Skeleton updated to version '. LINKEDPAGES_VERSION; 
     73        $_SESSION['page_infos'][] = 'Linked Pages updated to version '. LINKEDPAGES_VERSION; 
    7374      } 
    7475    } 
  • extensions/linked_pages/maintain.inc.php

    r17882 r17925  
    22if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); 
    33 
    4 include_once(PHPWG_PLUGINS_PATH . 'linked_pages/include/install.inc.php'); 
     4defined('LINKEDPAGES_ID') or define('LINKEDPAGES_ID', basename(dirname(__FILE__))); 
     5include_once(PHPWG_PLUGINS_PATH . LINKEDPAGES_ID '/include/install.inc.php'); 
    56 
    67 
Note: See TracChangeset for help on using the changeset viewer.