Changeset 9444


Ignore:
Timestamp:
03/01/11 11:09:35 (9 years ago)
Author:
plg
Message:

bug fixed: use the same function to check permissions on menubar and on upload
form (groups where not fixed for menubar)

bug fixed: if no permission defined, the upload_categories was empty and SQL
query was crashing Piwigo

admins get automatically full permissions

Location:
extensions/community
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/community/include/functions_community.inc.php

    r9376 r9444  
    2626  global $conf; 
    2727 
     28  if (is_admin()) 
     29  { 
     30    return array( 
     31      'upload_whole_gallery' => true, 
     32      'create_whole_gallery' => true, 
     33      'create_categories' => array(), 
     34      'upload_categories' => array(), 
     35      'permission_ids' => array(), 
     36      ); 
     37  } 
     38 
    2839  $return = array( 
    2940    'upload_whole_gallery' => false, 
     
    3344    'permission_ids' => array(), 
    3445    ); 
    35  
    36   $user_permissions = array(); 
    3746   
    3847  // what are the user groups? 
     
    96105  } 
    97106 
    98   if (!$return['upload_whole_gallery']) 
     107  if (!$return['upload_whole_gallery'] and count($return['upload_categories']) > 0) 
    99108  { 
    100109    $return['upload_categories'] = get_subcat_ids($return['upload_categories']); 
  • extensions/community/main.inc.php

    r9372 r9444  
    2020define('COMMUNITY_PERMISSIONS_TABLE', $prefixeTable.'community_permissions'); 
    2121define('COMMUNITY_PENDINGS_TABLE', $prefixeTable.'community_pendings'); 
     22 
     23include_once(COMMUNITY_PATH.'include/functions_community.inc.php'); 
    2224 
    2325/* Plugin admin */ 
     
    6668  // conditional : depending on community permissions, display the "Add 
    6769  // photos" link in the gallery menu 
     70  $user_permissions = community_get_user_permissions($user['id']); 
    6871   
    69   // admins are not concerned about community permissions 
    70   if (!is_admin()) 
     72  if (!$user_permissions['upload_whole_gallery'] and count($user_permissions['upload_categories']) == 0) 
    7173  { 
    72     // what are the user groups? 
    73     $query = ' 
    74 SELECT 
    75     group_id 
    76   FROM '.USER_GROUP_TABLE.' 
    77   WHERE user_id = '.$user['id'].' 
    78 ;'; 
    79     $user_group_ids = array_from_query($query, 'group_id'); 
    80  
    81     $query = ' 
    82 SELECT 
    83     COUNT(*) 
    84   FROM '.COMMUNITY_PERMISSIONS_TABLE.' 
    85   WHERE (type = \'any_visitor\')'; 
    86  
    87     if ($user['id'] != $conf['guest_id']) 
    88     { 
    89       $query.= ' 
    90     OR (type = \'any_registered_user\') 
    91     OR (type = \'user\' AND user_id = '.$user['id'].') 
    92     OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).')) 
    93 '; 
    94     } 
    95      
    96     $query.= ' 
    97 ;'; 
    98  
    99     list($counter) = pwg_db_fetch_row(pwg_query($query)); 
    100     if (0 == $counter) 
    101     { 
    102       return; 
    103     } 
     74    return; 
    10475  } 
    10576 
Note: See TracChangeset for help on using the changeset viewer.