Changeset 9444


Ignore:
Timestamp:
Mar 1, 2011, 11:09:35 AM (10 years ago)
Author:
plg
Message:

bug fixed: use the same function to check permissions on menubar and on upload
form (groups where not fixed for menubar)

bug fixed: if no permission defined, the upload_categories was empty and SQL
query was crashing Piwigo

admins get automatically full permissions

Location:
extensions/community
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/community/include/functions_community.inc.php

    r9376 r9444  
    2626  global $conf;
    2727
     28  if (is_admin())
     29  {
     30    return array(
     31      'upload_whole_gallery' => true,
     32      'create_whole_gallery' => true,
     33      'create_categories' => array(),
     34      'upload_categories' => array(),
     35      'permission_ids' => array(),
     36      );
     37  }
     38
    2839  $return = array(
    2940    'upload_whole_gallery' => false,
     
    3344    'permission_ids' => array(),
    3445    );
    35 
    36   $user_permissions = array();
    3746 
    3847  // what are the user groups?
     
    96105  }
    97106
    98   if (!$return['upload_whole_gallery'])
     107  if (!$return['upload_whole_gallery'] and count($return['upload_categories']) > 0)
    99108  {
    100109    $return['upload_categories'] = get_subcat_ids($return['upload_categories']);
  • extensions/community/main.inc.php

    r9372 r9444  
    2020define('COMMUNITY_PERMISSIONS_TABLE', $prefixeTable.'community_permissions');
    2121define('COMMUNITY_PENDINGS_TABLE', $prefixeTable.'community_pendings');
     22
     23include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
    2224
    2325/* Plugin admin */
     
    6668  // conditional : depending on community permissions, display the "Add
    6769  // photos" link in the gallery menu
     70  $user_permissions = community_get_user_permissions($user['id']);
    6871 
    69   // admins are not concerned about community permissions
    70   if (!is_admin())
     72  if (!$user_permissions['upload_whole_gallery'] and count($user_permissions['upload_categories']) == 0)
    7173  {
    72     // what are the user groups?
    73     $query = '
    74 SELECT
    75     group_id
    76   FROM '.USER_GROUP_TABLE.'
    77   WHERE user_id = '.$user['id'].'
    78 ;';
    79     $user_group_ids = array_from_query($query, 'group_id');
    80 
    81     $query = '
    82 SELECT
    83     COUNT(*)
    84   FROM '.COMMUNITY_PERMISSIONS_TABLE.'
    85   WHERE (type = \'any_visitor\')';
    86 
    87     if ($user['id'] != $conf['guest_id'])
    88     {
    89       $query.= '
    90     OR (type = \'any_registered_user\')
    91     OR (type = \'user\' AND user_id = '.$user['id'].')
    92     OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).'))
    93 ';
    94     }
    95    
    96     $query.= '
    97 ;';
    98 
    99     list($counter) = pwg_db_fetch_row(pwg_query($query));
    100     if (0 == $counter)
    101     {
    102       return;
    103     }
     74    return;
    10475  }
    10576
Note: See TracChangeset for help on using the changeset viewer.