Commit 5f70d234 authored by pkdille's avatar pkdille

[MOD] access check: deploy some accesslib check functions to some files.

parent d665334f
......@@ -13,11 +13,9 @@ if ($prefs['feature_categories'] == 'y') {
include_once ('lib/categories/categlib.php');
}
}
if ($prefs['feature_faqs'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_faqs");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_faqs');
if (!isset($_REQUEST["faqId"])) {
$smarty->assign('msg', tra("No faq indicated"));
$smarty->display("error.tpl");
......@@ -27,12 +25,7 @@ if (!isset($_REQUEST["faqId"])) {
$smarty->assign('headtitle', tra('FAQs'));
$tikilib->get_perm_object( $_REQUEST['faqId'], 'faq' );
if ($tiki_p_view_faqs != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_view_faqs');
$faqlib->add_faq_hit($_REQUEST["faqId"]);
$smarty->assign('faqId', $_REQUEST["faqId"]);
......
......@@ -15,11 +15,9 @@ if ($prefs['feature_categories'] == 'y') {
if ($prefs['feature_freetags'] == 'y') {
include_once ('lib/freetag/freetaglib.php');
}
if ($prefs['feature_forums'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_forums");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_forums');
$auto_query_args = array(
'forumId',
'comment_threadId',
......@@ -85,12 +83,9 @@ if ($tiki_p_admin_forum != 'y' && $user) {
$smarty->assign('tiki_p_forum_post_topic', 'y');
}
}
if ($tiki_p_admin_forum != 'y' && $tiki_p_forum_read != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission( array('tiki_p_admin_forum', 'tiki_p_forum_read') );
$commentslib->forum_add_hit($_REQUEST["forumId"]);
if (isset($_REQUEST['report']) && $tiki_p_forums_report == 'y') {
check_ticket('view-forum');
......
......@@ -6,11 +6,8 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-view_forum_thread.php,v 1.96.2.7 2008-01-29 02:58:11 nkoth Exp $
$section = 'forums';
require_once ('tiki-setup.php');
if ($prefs['feature_forums'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_forums");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_forums');
include_once ("lib/commentslib.php");
$commentslib = new Comments($dbTiki);
......@@ -117,12 +114,9 @@ if ($tiki_p_admin_forum == 'y') {
$tiki_p_forum_post_topic = 'y';
$smarty->assign('tiki_p_forum_post_topic', 'y');
}
if ($tiki_p_admin_forum != 'y' && $tiki_p_forum_read != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission( array('tiki_p_admin_forum', 'tiki_p_forum_read') );
$smarty->assign('topics_next_offset', $_REQUEST['topics_offset'] + 1);
$smarty->assign('topics_prev_offset', $_REQUEST['topics_offset'] - 1);
//$end_time = microtime(true);
......
......@@ -6,17 +6,10 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-view_minical_topic.php,v 1.7.2.1 2008-03-01 16:07:36 lphuberdeau Exp $
require_once ('tiki-setup.php');
include_once ('lib/minical/minicallib.php');
if ($prefs['feature_minical'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_minical");
$smarty->display("error.tpl");
die;
}
if ($prefs['tiki_p_minical'] != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$acces->check_feature('feature_minical', '');
$acces->check_permission('tiki_p_minical');
if (!$user) die;
if (!isset($_REQUEST["topicId"])) {
die;
......
......@@ -13,16 +13,14 @@ $auto_query_args = array(
'readdate',
'mode'
);
if ($prefs['feature_sheet'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_sheet");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_sheet');
if (!isset($_REQUEST['sheetId'])) {
$smarty->assign('msg', tra("A SheetId is required."));
$smarty->display("error.tpl");
die;
}
if ($tiki_p_admin != 'y' && $tiki_p_admin_sheet != 'y' && !$tikilib->user_has_perm_on_object($user, $_REQUEST['sheetId'], 'sheet', 'tiki_p_view_sheet')) {
$smarty->assign('msg', tra("Access Denied") . ": feature_sheet");
$smarty->display("error.tpl");
......
......@@ -6,11 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-view_tracker.php,v 1.141.2.19 2008-03-21 21:50:39 sylvieg Exp $
$section = 'trackers';
require_once ('tiki-setup.php');
if ($prefs['feature_trackers'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_trackers");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_trackers');
include_once ('lib/trackers/trackerlib.php');
if ($prefs['feature_groupalert'] == 'y') {
include_once ('lib/groupalert/groupalertlib.php');
......@@ -95,12 +93,9 @@ if ($tiki_p_create_tracker_items == 'y' && !empty($t['end'])) {
$smarty->assign('tiki_p_create_tracker_items', 'n');
}
}
if ($tiki_p_view_trackers != 'y' && $tiki_p_create_tracker_items != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission( array('tiki_p_view_trackers', 'tiki_p_create_tracker_items') );
if ($tiki_p_view_trackers != 'y') {
$userCreatorFieldId = $trklib->get_field_id_from_type($_REQUEST['trackerId'], 'u', '1%');
$groupCreatorFieldId = $trklib->get_field_id_from_type($_REQUEST['trackerId'], 'g', '1%');
......
......@@ -6,11 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-view_tracker_item.php,v 1.141.2.24 2008-02-28 14:57:12 sylvieg Exp $
$section = 'trackers';
require_once ('tiki-setup.php');
if ($prefs['feature_trackers'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_trackers");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_trackers');
include_once ('lib/trackers/trackerlib.php');
if ($prefs['feature_categories'] == 'y') {
global $categlib;
......@@ -1158,4 +1156,4 @@ if (isset($_REQUEST['print'])) {
$smarty->assign('print', 'y');
} else {
$smarty->display('tiki.tpl');
}
\ No newline at end of file
}
......@@ -6,11 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-view_tracker_more_info.php,v 1.9 2007-10-12 07:55:33 nyloth Exp $
require_once ('tiki-setup.php');
include_once ('lib/trackers/trackerlib.php');
if ($prefs['feature_trackers'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_trackers");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_trackers');
if (!isset($_REQUEST["attId"])) {
$smarty->assign('msg', tra("No item indicated"));
$smarty->display("error.tpl");
......@@ -27,11 +25,7 @@ if (!$trackerId) {
$smarty->assign('trackerId', $trackerId);
$tikilib->get_perm_object($trackerId, 'tracker');
if ($tiki_p_view_trackers != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_view_trackers');
$smarty->assign("info", $info);
$smarty->display("tiki-view_tracker_more_info.tpl");
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment