Context Navigation

Changeset 6846

Timestamp:

Sep 4, 2010, 9:16:02 PM (14 years ago)

Author:

nikrou

Message:

Fix incorrect use of permissions

Location:

extensions/user_tags

Files:

r6818	r6846
	1	User Tags 0.3.2 - 2010-09-04
	2	================================
	3	* Fix problem of permission check
	4
1	5	User Tags 0.3.1 - 2010-08-29
2	6	================================

-                      r6813
+                      r6846
 $me = get_plugin_data($plugin_id);
 $save_config = false;
-if (!empty($_GET['action']) && in_array($_GET['action'], array('add', 'get'))) {
-  include_once T4U_PLUGIN_ROOT . "/include/t4u_admin_action.inc.php";
+}
 $status_options[null] = '----------';

-                      r6818
+                      r6846
 if (!empty($_GET['action']) && ($_GET['action']=='add')
     && isset($_POST['tags']) && $me->getPermission('add')) {
+    && isset($_POST['tags']) && $plugin_config->getPermission('add') ) {
   include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 …
     echo json_encode($message);
-    Log::getInstance()->debug('message envoyé');
     exit();
   } else {
     redirect(get_absolute_root_url().$_POST['referer']);
+  }
 } elseif (!empty($_GET['action']) && $_GET['action']=='get' && $me->getPermission('add')) {
+} elseif (!empty($_GET['action']) && $_GET['action']=='get' && $plugin_config->getPermission('add') ) {
   include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');

-                      r6813
+                      r6846
+  }
+  public function getActionUrl($action, $method='POST') {
+    $url = get_root_url().'admin.php?page=plugin';
+    $file = basename($this->plugin_dir) . '/' .'admin.php';
+    if (strtoupper($method)=='POST') {
+        $url .= '&amp;section='.urlencode($file);
+        $url .= '&amp;action='.urlencode($action);
+    } else {
+        $url .= '&section='.$file;
+        $url .= '&action='.$action;
+    }
+  public function getActionUrl($base_url, $action) {
+    $url = $base_url;
+    $url .= '&action='.$action;
     return $url;

-                      r6818
+                      r6846
     $template->assign('T4U_CSS', T4U_CSS);
     $template->assign('T4U_IMGS', T4U_IMGS);
     $template->assign('T4U_ADD_SCRIPT', $this->plugin_config->getActionUrl('add', 'GET'));
     $template->assign('T4U_GET_SCRIPT', $this->plugin_config->getActionUrl('get', 'GET'));
+    $template->assign('T4U_ADD_SCRIPT', $this->plugin_config->getActionUrl($picture['url'], 'add'));
+    $template->assign('T4U_GET_SCRIPT', $this->plugin_config->getActionUrl($picture['url'], 'get'));
     $template->assign('T4U_IMAGE_ID', $picture['id']);
     $template->assign('T4U_REFERER', htmlentities($picture['url']));
 …
     return $content;
+  }
+  }
+}
 ?>

r6818	r6846
22	22	/*
23	23	Plugin Name: User Tags
24		Version: 0.3.1
	24	Version: 0.3.2
25	25	Description: Allow visitors to add tag to images
26	26	Plugin URI: http://phpwebgallery.net/ext/extension_view.php?eid=441

-                      r6798
+                      r6846
+}
+if (!empty($_GET['action']) && in_array($_GET['action'], array('add', 'get'))) {
+  include_once T4U_PLUGIN_ROOT . "/include/t4u_admin_action.inc.php";
+}
 include_once T4U_PLUGIN_ROOT . "/include/t4u_content.class.php";

-                      r6806
+                      r6846
 <script type="text/javascript">
 var related_tags = '';
+var class = 'selected';
+{if ($T4U_PERMISSION_DELETE==false)}
+class += ' locked';
+{/if}
 {foreach from=$T4U_RELATED_TAGS item=tag key=id}
+related_tags += '<option value="{$id}" class="selected';
+{if ($T4U_PERMISSION_DELETE==false)}
+related_tags += ' locked';
+{/if}
+related_tags += '">{$tag}</option>';
+related_tags += '<option value="{$id}" class="'+class+'">{$tag}</option>';
 {/foreach}
 var path = new Array();

Note: See TracChangeset for help on using the changeset viewer.