Changeset 6846


Ignore:
Timestamp:
09/04/10 21:16:02 (9 years ago)
Author:
nikrou
Message:

Fix incorrect use of permissions

Location:
extensions/user_tags
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • extensions/user_tags/CHANGELOG

    r6818 r6846  
     1User Tags 0.3.2 - 2010-09-04 
     2================================ 
     3* Fix problem of permission check 
     4 
    15User Tags 0.3.1 - 2010-08-29 
    26================================ 
  • extensions/user_tags/admin.php

    r6813 r6846  
    2828$me = get_plugin_data($plugin_id); 
    2929$save_config = false; 
    30  
    31 if (!empty($_GET['action']) && in_array($_GET['action'], array('add', 'get'))) { 
    32   include_once T4U_PLUGIN_ROOT . "/include/t4u_admin_action.inc.php"; 
    33 } 
    3430 
    3531$status_options[null] = '----------'; 
  • extensions/user_tags/include/t4u_admin_action.inc.php

    r6818 r6846  
    2525 
    2626if (!empty($_GET['action']) && ($_GET['action']=='add')  
    27     && isset($_POST['tags']) && $me->getPermission('add')) { 
     27    && isset($_POST['tags']) && $plugin_config->getPermission('add') ) { 
    2828  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 
    2929 
     
    3939 
    4040    echo json_encode($message); 
    41     Log::getInstance()->debug('message envoyé'); 
    4241    exit(); 
    4342  } else { 
    4443    redirect(get_absolute_root_url().$_POST['referer']); 
    4544  } 
    46 } elseif (!empty($_GET['action']) && $_GET['action']=='get' && $me->getPermission('add')) { 
     45} elseif (!empty($_GET['action']) && $_GET['action']=='get' && $plugin_config->getPermission('add') ) { 
    4746  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 
    4847       
  • extensions/user_tags/include/t4u_config.class.php

    r6813 r6846  
    9999  } 
    100100   
    101   public function getActionUrl($action, $method='POST') { 
    102     $url = get_root_url().'admin.php?page=plugin'; 
    103     $file = basename($this->plugin_dir) . '/' .'admin.php'; 
    104     if (strtoupper($method)=='POST') { 
    105         $url .= '&section='.urlencode($file);       
    106         $url .= '&action='.urlencode($action);       
    107     } else { 
    108         $url .= '&section='.$file;            
    109         $url .= '&action='.$action;            
    110     } 
     101  public function getActionUrl($base_url, $action) { 
     102    $url = $base_url; 
     103    $url .= '&action='.$action;            
    111104 
    112105    return $url; 
  • extensions/user_tags/include/t4u_content.class.php

    r6818 r6846  
    4242    $template->assign('T4U_CSS', T4U_CSS); 
    4343    $template->assign('T4U_IMGS', T4U_IMGS); 
    44     $template->assign('T4U_ADD_SCRIPT', $this->plugin_config->getActionUrl('add', 'GET')); 
    45     $template->assign('T4U_GET_SCRIPT', $this->plugin_config->getActionUrl('get', 'GET')); 
     44    $template->assign('T4U_ADD_SCRIPT', $this->plugin_config->getActionUrl($picture['url'], 'add')); 
     45    $template->assign('T4U_GET_SCRIPT', $this->plugin_config->getActionUrl($picture['url'], 'get')); 
    4646    $template->assign('T4U_IMAGE_ID', $picture['id']); 
    4747    $template->assign('T4U_REFERER', htmlentities($picture['url'])); 
     
    6060 
    6161    return $content; 
    62   }     
     62  } 
    6363} 
    6464?> 
  • extensions/user_tags/main.inc.php

    r6818 r6846  
    2222/* 
    2323Plugin Name: User Tags 
    24 Version: 0.3.1 
     24Version: 0.3.2 
    2525Description: Allow visitors to add tag to images 
    2626Plugin URI: http://phpwebgallery.net/ext/extension_view.php?eid=441 
  • extensions/user_tags/public.php

    r6798 r6846  
    2424} 
    2525 
     26if (!empty($_GET['action']) && in_array($_GET['action'], array('add', 'get'))) { 
     27  include_once T4U_PLUGIN_ROOT . "/include/t4u_admin_action.inc.php"; 
     28} 
     29 
    2630include_once T4U_PLUGIN_ROOT . "/include/t4u_content.class.php"; 
    2731 
  • extensions/user_tags/template/add_tags.tpl

    r6806 r6846  
    33<script type="text/javascript"> 
    44var related_tags = ''; 
     5var class = 'selected'; 
     6{if ($T4U_PERMISSION_DELETE==false)} 
     7class += ' locked';  
     8{/if} 
    59{foreach from=$T4U_RELATED_TAGS item=tag key=id} 
    6 related_tags += '<option value="{$id}" class="selected'; 
    7 {if ($T4U_PERMISSION_DELETE==false)} 
    8 related_tags += ' locked';  
    9 {/if} 
    10 related_tags += '">{$tag}</option>'; 
     10related_tags += '<option value="{$id}" class="'+class+'">{$tag}</option>'; 
    1111{/foreach} 
    1212var path = new Array(); 
Note: See TracChangeset for help on using the changeset viewer.