Commit 9909c66f authored by changi67's avatar changi67

[MOD] access check: deploy some accesslib check functions.

parent a5a14043
......@@ -22,12 +22,7 @@ require_once ('tiki-setup.php');
$access->check_feature('feature_articles');
// Now check permissions to access this page
if(($tiki_p_read_article != 'y') && ($tiki_p_articles_read_heading != 'y')) {
$smarty->assign('errortype', 401);
$smarty->assign('msg',tra("Permission denied. You cannot view pages"));
$smarty->display("error.tpl");
die;
}
$access->check_permission(array('tiki_p_read_article','tiki_p_articles_read_heading'));
if (!isset($_REQUEST["id"])) {
die;
......
......@@ -27,12 +27,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
$maxRecords = $messulib->get_user_preference($user, 'maxRecords', 20);
// Delete messages if the delete button was pressed
if (isset($_REQUEST["delete"]) && isset($_REQUEST["msg"])) {
......
......@@ -27,12 +27,8 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_broadcast != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_broadcast');
$auto_query_args = array('to', 'cc', 'bcc', 'subject', 'body', 'priority', 'replyto_hash', 'groupbr');
if (!isset($_REQUEST['to'])) $_REQUEST['to'] = '';
if (!isset($_REQUEST['cc'])) $_REQUEST['cc'] = '';
......
......@@ -27,12 +27,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
if ($prefs['allowmsg_is_optional'] == 'y') {
if ($tikilib->get_user_preference($user, 'allowMsgs', 'y') != 'y') {
$smarty->assign('msg', tra("You have to be able to receive messages in order to send them. Goto your user preferences and enable 'Allow messages from other users'"));
......
......@@ -31,12 +31,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
$maxRecords = $messulib->get_user_preference($user, 'mess_maxRecords', 20);
// auto-archiving of read mails?
$mess_archiveAfter = $messulib->get_user_preference($user, 'mess_archiveAfter', 0);
......
......@@ -27,12 +27,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
if (isset($_REQUEST["delete"])) {
check_ticket('messu-read');
$messulib->delete_message($user, $_REQUEST['msgdel']);
......
......@@ -27,12 +27,8 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
if (isset($_REQUEST["delete"])) {
check_ticket('messu-read_archive');
$messulib->delete_message($user, $_REQUEST['msgdel'], 'archive');
......
......@@ -27,12 +27,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
if (isset($_REQUEST["delete"])) {
check_ticket('messu-read_sent');
$messulib->delete_message($user, $_REQUEST['msgdel'], 'sent');
......
......@@ -27,12 +27,7 @@ if ($prefs['feature_messages'] != 'y') {
die;
}
}
if ($tiki_p_messages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_messages');
$maxRecords = $messulib->get_user_preference($user, 'maxRecords', 20);
// Delete messages if the delete button was pressed
if (isset($_REQUEST["delete"]) && isset($_REQUEST["msg"])) {
......
......@@ -11,12 +11,7 @@ include_once ('lib/calendar/calendarlib.php');
if ($prefs['feature_groupalert'] == 'y') {
include_once ('lib/groupalert/groupalertlib.php');
}
if ($tiki_p_admin_calendar != 'y' and $tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission(array('tiki_p_admin_calendar','tiki_p_admin'));
if (!isset($_REQUEST["calendarId"])) {
$_REQUEST["calendarId"] = 0;
} else {
......
......@@ -19,7 +19,7 @@ if (!isset($commentslib)) {
$commentslib = new Comments($dbTiki);
}
$access->check_feature('feature_categories');
$access->check_permission('$tiki_p_admin_categories');
$access->check_permission('tiki_p_admin_categories');
// Check for parent category or set to 0 if not present
if (!empty($_REQUEST['parentId']) && !$categlib->get_category($_REQUEST['parentId'])) {
......
......@@ -6,17 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_hotwords.php,v 1.21.2.2 2007-11-25 21:42:35 sylvieg Exp $
require_once ('tiki-setup.php');
include_once ('lib/hotwords/hotwordlib.php');
if ($prefs['feature_hotwords'] != 'y') {
$smarty->assign('msg', tra('This feature is disabled') . ': feature_hotwords');
$smarty->display('error.tpl');
die;
}
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra('You do not have permission to use this feature'));
$smarty->display('error.tpl');
die;
}
$access->check_feature('feature_hotwords');
$access->check_permission('tiki_p_admin');
// Process the form to add a user here
if (isset($_REQUEST["add"])) {
check_ticket('admin-hotwords');
......
......@@ -6,17 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_html_page_content.php,v 1.15 2007-10-12 07:55:23 nyloth Exp $
require_once ('tiki-setup.php');
include_once ('lib/htmlpages/htmlpageslib.php');
if ($prefs['feature_html_pages'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_html_pages");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_edit_html_pages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_html_pages');
$access->check_permission('tiki_p_edit_html_pages');
if (!isset($_REQUEST["pageName"])) {
$smarty->assign('msg', tra("No page indicated"));
$smarty->display("error.tpl");
......
......@@ -6,17 +6,8 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_html_pages.php,v 1.16.2.1 2007-10-29 22:14:01 pkdille Exp $
require_once ('tiki-setup.php');
include_once ('lib/htmlpages/htmlpageslib.php');
if ($prefs['feature_html_pages'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_html_pages");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_edit_html_pages != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_html_pages');
$access->check_permission('tiki_p_edit_html_pages');
include_once ("textareasize.php");
if (!isset($_REQUEST["pageName"])) {
$_REQUEST["pageName"] = '';
......
......@@ -12,17 +12,8 @@
require_once ('tiki-setup.php');
require_once ('lib/integrator/integrator.php');
// If Integrator is ON, check permissions...
if ($prefs['feature_integrator'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_integrator");
$smarty->display("error.tpl");
die;
}
if (($tiki_p_admin_integrator != 'y') && ($tiki_p_admin != 'y')) {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_integrator');
$access->check_permission(array('tiki_p_admin_integrator','tiki_p_admin'));
// Setup local variables from request or set default values
$repID = isset($_REQUEST["repID"]) ? $_REQUEST["repID"] : 0;
$name = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
......
......@@ -12,17 +12,8 @@
require_once ('tiki-setup.php');
require_once ('lib/integrator/integrator.php');
// If Integrator is ON, check permissions...
if ($prefs['feature_integrator'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_integrator");
$smarty->display("error.tpl");
die;
}
if (($tiki_p_admin_integrator != 'y') && ($tiki_p_admin != 'y')) {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_integrator');
$access->check_permission(array('tiki_p_admin_integrator','tiki_p_admin'));
// Setup local variables from request or set default values
$repID = (isset($_REQUEST["repID"]) && strlen($_REQUEST["repID"]) > 0) ? $_REQUEST["repID"] : 0;
$ruleID = (isset($_REQUEST["ruleID"]) && strlen($_REQUEST["ruleID"]) > 0) ? $_REQUEST["ruleID"] : 0;
......
......@@ -5,17 +5,9 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_layout.php,v 1.20 2007-10-12 07:55:24 nyloth Exp $
require_once ('tiki-setup.php');
if ($prefs['layout_section'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": layout_section");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('layout_section');
$access->check_permission('tiki_p_admin');
foreach($sections_enabled as $section => $data) {
if (isset($_REQUEST["${section}_layout"])) {
check_ticket('admin-layout');
......
......@@ -6,18 +6,8 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_links.php,v 1.21 2007-10-12 07:55:24 nyloth Exp $
require_once ('tiki-setup.php');
include_once ('lib/featured_links/flinkslib.php');
if ($prefs['feature_featuredLinks'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_featuredLinks");
$smarty->display("error.tpl");
die;
}
// PERMISSIONS: NEEDS p_admin
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_featuredLinks');
$access->check_permission('tiki_p_admin');
$smarty->assign('title', '');
$smarty->assign('type', 'f');
$smarty->assign('position', 1);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment