Commit ec9df3a0 authored by changi67's avatar changi67

[MOD] access check: deploy some accesslib check functions to some files.

parent b107ef24
......@@ -19,12 +19,7 @@
require_once ('tiki-setup.php');
if ($prefs['feature_articles'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_articles");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_articles');
// Now check permissions to access this page
if(($tiki_p_read_article != 'y') && ($tiki_p_articles_read_heading != 'y')) {
......
......@@ -17,12 +17,7 @@ if (!isset($bannerlib)) {
}
// CHECK FEATURE BANNERS HERE
if ($prefs['feature_banners'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_banners");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_banners');
$bannerlib->add_click($_REQUEST["id"]);
$url = urldecode($_REQUEST["url"]);
......
......@@ -28,12 +28,7 @@ if (is_file($bannercachefile) and (!isset($_REQUEST["reload"]))) {
require_once ('tiki-setup.php');
// CHECK FEATURE BANNERS HERE
if ($prefs['feature_banners'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_banners");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_banners');
$bannercachefile = $prefs['tmpDir'];
if ($tikidomain) { $bannercachefile.= "/$tikidomain"; }
......
......@@ -23,12 +23,7 @@ if (!isset($bannerlib)) {
}
// CHECK FEATURE BANNERS HERE
if ($prefs['feature_banners'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_banners");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_banners');
$data = $bannerlib->get_banner($_REQUEST["id"]);
$id = $data["bannerId"];
......
......@@ -11,11 +11,8 @@ if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
require_once ('tiki-setup.php');
if ($prefs['feature_wiki'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_wiki");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_wiki');
include_once ('lib/wiki/wikilib.php');
$plugins = $wikilib->list_plugins(true);
$smarty->assign_by_ref('plugins', $plugins);
......
......@@ -14,13 +14,7 @@ if (!isset($_REQUEST["id"])) {
}
require_once ('tiki-setup.php');
if ($prefs['feature_articles'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_articles");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_articles');
include_once ('lib/commcenter/commlib.php');
$data = $commlib->get_received_article($_REQUEST["id"]);
......
......@@ -21,11 +21,7 @@ if (!isset($bannerlib)) {
}
// CHECK FEATURE BANNERS HERE
if ($prefs['feature_banners'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_banners");
$access->check_feature('feature_banners');
$smarty->display("error.tpl");
die;
}
$banner = $bannerlib->select_banner($_REQUEST["zone"]);
print ($banner);
......@@ -5,11 +5,7 @@
// (this is why FCKeditor doesn't find the "Tiki" toolbar defined here when compression is activated)
$force_no_compression = true;
include('tiki-setup.php');
if ($prefs['feature_wysiwyg'] != 'y') {
$smarty->assign('msg', tra('This feature is disabled') . ': feature_wysiwyg');
$smarty->display('error.tpl');
die;
}
$access->check_feature('feature_wysiwyg');
include_once 'lib/toolbars/toolbarslib.php';
......
......@@ -2,19 +2,8 @@
include 'tiki-setup.php';
include 'lib/calendar/tikicalendarlib.php';
if ($prefs['feature_action_calendar'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_action_calendar");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_view_tiki_calendar != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied you cannot view the Tiki calendar"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_action_calendar');
$access->check_permission('tiki_p_view_tiki_calendar');
$headerlib->add_cssfile('css/calendar.css',20);
......
......@@ -16,11 +16,8 @@ include_once ('lib/commentslib.php');
include_once ('lib/categories/categlib.php');
include_once ('lib/contribution/contributionlib.php');
$commentslib = new Comments($dbTiki);
if ($prefs['feature_actionlog'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_actionlog");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_actionlog');
if (empty($user) || ($tiki_p_view_actionlog != 'y' && $tiki_p_view_actionlog_owngroups != 'y')) {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
......
......@@ -5,17 +5,9 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_banners.php,v 1.13.2.1 2007-11-04 22:08:04 nyloth Exp $
require_once ('tiki-setup.php');
if ($prefs['feature_banners'] != 'y') {
$smarty->assign('msg', tra('This feature is disabled') . ': feature_banners');
$smarty->display('error.tpl');
die;
}
if ($tiki_p_admin_banners != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_banners');
$access->check_permission('$tiki_p_admin_banners');
// Display the template
$smarty->assign('mid', 'tiki-edit_banner.tpl');
$smarty->display("tiki.tpl");
......@@ -6,17 +6,9 @@
require_once ('tiki-setup.php');
include_once ('lib/ban/banlib.php');
if ($prefs['feature_banning'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_banning");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_admin_banning != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("Permission denied"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_banning');
$access->check_permission('tiki_p_admin_banning');
if (isset($_REQUEST['banId'])) {
$info = $banlib->get_rule($_REQUEST['banId']);
} else {
......
......@@ -18,17 +18,9 @@ if (!isset($polllib)) {
if (!isset($commentslib)) {
$commentslib = new Comments($dbTiki);
}
if ($prefs['feature_categories'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_categories");
$smarty->display("error.tpl");
die;
}
if ($tiki_p_admin_categories != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_categories');
$access->check_permission('$tiki_p_admin_categories');
// Check for parent category or set to 0 if not present
if (!empty($_REQUEST['parentId']) && !$categlib->get_category($_REQUEST['parentId'])) {
$smarty->assign('msg', 'Incorrect param'.' parentId');
......
......@@ -5,18 +5,12 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_content_templates.php,v 1.21 2007-10-12 07:55:23 nyloth Exp $
require_once ('tiki-setup.php');
if ($prefs['feature_wiki_templates'] != 'y' && $prefs['feature_cms_templates'] != 'y') {
$smarty->assign('msg', tra('Feature is disabled:').' '.'feature_wiki_templates'.' '.'feature_cms_templates');
$smarty->display('error.tpl');
die;
}
$access->check_feature(array('feature_wiki_templates','feature_cms_templates'));
include_once ('lib/templates/templateslib.php');
if ($tiki_p_edit_content_templates != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('$tiki_p_edit_content_templates');
if (!isset($_REQUEST["templateId"])) {
$_REQUEST["templateId"] = 0;
}
......
......@@ -5,18 +5,11 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//$Id: /cvsroot/tikiwiki/tiki/tiki-admin_contribution.php,v 1.7 2007-10-12 07:55:23 nyloth Exp $
require_once ('tiki-setup.php');
if ($prefs['feature_contribution'] != 'y') {
$smarty->assign('msg', tra("This feature is disabled") . ": feature_contribution");
$smarty->display("error.tpl");
die;
}
$access->check_feature('feature_contribution');
include_once ('lib/contribution/contributionlib.php');
if ($tiki_p_admin != 'y' && $tiki_p_admin_contribution != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission(array('tiki_p_admin','tiki_p_admin_contribution'));
if (isset($_REQUEST['setting'])) {
check_ticket('admin_contribution');
if (isset($_REQUEST['feature_contribution_mandatory']) && $_REQUEST['feature_contribution_mandatory'] == "on") {
......
......@@ -6,12 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_cookies.php,v 1.17 2007-10-12 07:55:23 nyloth Exp $
require_once ('tiki-setup.php');
include_once ('lib/taglines/taglinelib.php');
if ($tiki_p_edit_cookies != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_edit_cookies');
if (!isset($_REQUEST["cookieId"])) {
$_REQUEST["cookieId"] = 0;
}
......
......@@ -6,12 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_dsn.php,v 1.15.2.1 2007-11-25 21:42:34 sylvieg Exp $
require_once ('tiki-setup.php');
include_once ('lib/admin/adminlib.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra('You do not have permission to use this feature'));
$smarty->display('error.tpl');
die;
}
$access->check_permission('tiki_p_admin');
if (!isset($_REQUEST["dsnId"])) {
$_REQUEST["dsnId"] = 0;
}
......
......@@ -6,12 +6,9 @@
// $Id: /cvsroot/tikiwiki/tiki/tiki-admin_external_wikis.php,v 1.15.2.1 2007-11-25 21:42:34 sylvieg Exp $
require_once ('tiki-setup.php');
include_once ('lib/admin/adminlib.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra('You do not have permission to use this feature'));
$smarty->display('error.tpl');
die;
}
$access->check_permission('tiki_p_admin');
if (!isset($_REQUEST["extwikiId"])) {
$_REQUEST["extwikiId"] = 0;
}
......
......@@ -10,11 +10,8 @@ $smarty->assign('headtitle', tra('Admin Forums'));
if (!isset($_REQUEST["forumId"])) {
$_REQUEST["forumId"] = 0;
}
if ($prefs['feature_forums'] != 'y') {
$smarty->assign('msg', tra('This feature is disabled') . ': feature_forums');
$smarty->display('error.tpl');
die;
}
$access->check_feature('feature_forums');
$smarty->assign('individual', 'n');
if ($userlib->object_has_one_permission($_REQUEST["forumId"], 'forum')) {
$smarty->assign('individual', 'y');
......@@ -32,12 +29,7 @@ if ($userlib->object_has_one_permission($_REQUEST["forumId"], 'forum')) {
}
}
}
if ($tiki_p_admin_forum != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra('You do not have permission to use this feature'));
$smarty->display('error.tpl');
die;
}
$access->check_permission('tiki_p_admin_forum');
$auto_query_args = array(
'forumId',
......
......@@ -5,12 +5,9 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id: /cvsroot/tikiwiki/tiki/tiki-admingroups.php,v 1.62.2.10 2008-03-14 19:51:58 sylvieg Exp $
require_once ('tiki-setup.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('errortype', 401);
$smarty->assign('msg', tra("You don't have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission('tiki_p_admin');
$auto_query_args = array('group');
if (!isset($cookietab)) { $cookietab = '1'; }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment