Commit f87447c6 authored by michael_davey's avatar michael_davey

use tikiaccesslib

parent 34eb2c5d
<?php
// $Header: /cvsroot/tikiwiki/tiki/categorize.php,v 1.17 2005-05-18 10:58:51 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/categorize.php,v 1.18 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//this script may only be included - so its better to err & die if called directly.
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
global $feature_categories;
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/categorize_list.php,v 1.13 2005-05-18 10:58:51 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/categorize_list.php,v 1.14 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//this script may only be included - so its better to err & die if called directly.
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
include_once ('lib/categories/categlib.php');
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/comments.php,v 1.51 2005-07-19 17:30:11 rlpowell Exp $
// $Header: /cvsroot/tikiwiki/tiki/comments.php,v 1.52 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -15,16 +15,10 @@
// cannot be aliased by normal tiki variables.
// Traverse each _REQUEST data adn put them in an array
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],"comments.php")!=FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//this script may only be included - so its better to err & die if called directly.
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
require_once ('lib/tikilib.php'); # httpScheme()
......@@ -233,9 +227,8 @@ if ($tiki_p_post_comments == 'y') {
@$fw = fopen($forum_info['att_store_dir'] . $fhash, "wb");
if (!$fw) {
$smarty->assign('msg', tra('Cannot write to this file:'). $fhash);
$smarty->display("error.tpl");
die;
$msg = tra('Cannot write to this file:'). $fhash;
$access->display_error(basename(__FILE__), $msg);
}
}
while (!feof($fp)) {
......@@ -258,9 +251,8 @@ if ($tiki_p_post_comments == 'y') {
$type = $_FILES['userfile1']['type'];
if ($size > $forum_info['att_max_size']) {
$smarty->assign('msg', tra('Cannot upload this file maximum upload size exceeded'));
$smarty->display("error.tpl");
die;
$msg = tra('Cannot upload this file maximum upload size exceeded');
$access->display_error(basename(__FILE__), $msg);
}
$commentslib->attach_file($qId, 0, $name, $type, $size, $data,
......@@ -329,10 +321,8 @@ if ($tiki_p_post_comments == 'y') {
}
} else {
$smarty->assign('msg', tra("Missing title or body when trying to post a comment"));
$smarty->display("error.tpl");
die;
$msg = tra("Missing title or body when trying to post a comment");
$access->display_error(basename(__FILE__), $msg);
}
}
}
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/copyrights.php,v 1.9 2005-05-18 10:58:51 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/copyrights.php,v 1.10 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//this script may only be included - so its better to ierr & die if called directly.
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
// This file sets up the information needed to display
// the copyrights information box
......@@ -21,19 +18,8 @@ require_once ('lib/tikilib.php');
require_once ('tiki-setup.php');
if ($wiki_feature_copyrights != 'y') {
$smarty->assign('msg', tra("The copyright management feature is not enabled."));
$smarty->display("error.tpl");
die;
}
if (!((isset($tiki_p_edit_copyrights)) && ($tiki_p_edit_copyrights == 'y'))) {
$smarty->assign('msg', tra("You do not have permission to use this feature."));
$smarty->display("error.tpl");
die;
}
$access->check_feature($wiki_feature_copyrights, tra("Copyright management"));
$access->check_permission(array('tiki_p_edit_copyrights'), tra("Copyright management"));
include_once ("lib/copyrights/copyrightslib.php");
global $dbTiki;
......@@ -56,10 +42,8 @@ if (isset($_REQUEST['addcopyright'])) {
$copyrightAuthors = $_REQUEST['copyrightAuthors'];
$copyrightslib->add_copyright($page, $copyrightTitle, $copyrightYear, $copyrightAuthors, $user);
} else {
$smarty->assign('msg', tra("You must supply all the information, including title and year."));
$smarty->display("error.tpl");
die;
$msg = tra("You must supply all the information, including title and year.");
$access->display_error(basename(__FILE__), $msg);
}
}
......@@ -73,10 +57,8 @@ if (isset($_REQUEST['editcopyright'])) {
$copyrightAuthors = $_REQUEST['copyrightAuthors'];
$copyrightslib->edit_copyright($copyrightId, $copyrightTitle, $copyrightYear, $copyrightAuthors, $user);
} else {
$smarty->assign('msg', tra("You must supply all the information, including title and year."));
$smarty->display("error.tpl");
die;
$msg = tra("You must supply all the information, including title and year.");
$access->display_error(basename(__FILE__), $msg);
}
}
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/function.js_maxlength.php,v 1.7 2005-05-18 10:58:51 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/function.js_maxlength.php,v 1.8 2005-08-25 20:50:04 michael_davey Exp $
/**
* \brief Smarty {js_maxlength} function handler
*
......@@ -12,14 +12,9 @@
*/
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
function smarty_function_js_maxlength($params, &$smarty) {
extract($params); // textarea=string maxlength=num
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/messu-read.php,v 1.18 2005-05-18 10:58:52 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/messu-read.php,v 1.19 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -9,6 +9,10 @@ require_once ('tiki-setup.php');
include_once ('lib/messu/messulib.php');
/*
$access->check_page( $user, array("feature_messages"), array("tiki_p_messages") );
*/
if (!$user) {
$smarty->assign('msg', tra("You are not logged in"));
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/poll_categorize.php,v 1.3 2005-05-18 10:58:52 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/poll_categorize.php,v 1.4 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//this script may only be included - so its better to err & die if called directly.
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
global $feature_categories;
global $feature_polls;
......
<?php
/* $Header: /cvsroot/tikiwiki/tiki/textareasize.php,v 1.3 2004-03-27 21:23:52 mose Exp $
/* $Header: /cvsroot/tikiwiki/tiki/textareasize.php,v 1.4 2005-08-25 20:50:04 michael_davey Exp $
* \brief: 4 buttoms to change a textArea size - works with textareaSize.tpl template
* \param: $defaultRows - optional : the number of rows by default
* \comment: the cols nb is managed by a javascript program to optimize the display perf (seems to work generally with browsers)
......@@ -7,14 +7,9 @@
*/
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
$rows = isset($_REQUEST['rows'])? $_REQUEST['rows']: (isset($defaultRows)?$defaultRows: 20);
// the rows modification is managed by a javascript program
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_drawings.php,v 1.14 2005-05-18 10:58:53 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_drawings.php,v 1.15 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,19 +11,9 @@ require_once ('tiki-setup.php');
include_once ('lib/drawings/drawlib.php');
if ($feature_drawings != 'y') {
$smarty->assign('msg', tra("Feature disabled"));
$access->check_feature($feature_drawings, "feature_drawings");
$access->check_permission(array('tiki_p_admin_drawings'));
$smarty->display("error.tpl");
die;
}
if ($tiki_p_admin_drawings != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
if (isset($_REQUEST["remove"])) {
$area = 'deldrawing';
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_dsn.php,v 1.11 2005-05-18 10:58:53 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_dsn.php,v 1.12 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,12 +11,7 @@ require_once ('tiki-setup.php');
include_once ('lib/admin/adminlib.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_admin($user, tra("Admin: DSN"));
if (!isset($_REQUEST["dsnId"])) {
$_REQUEST["dsnId"] = 0;
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_external_wikis.php,v 1.11 2005-05-18 10:58:53 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_external_wikis.php,v 1.12 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,12 +11,8 @@ require_once ('tiki-setup.php');
include_once ('lib/admin/adminlib.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$access->check_admin($user, tra("Admin: External Wikis"));
$smarty->display("error.tpl");
die;
}
if (!isset($_REQUEST["extwikiId"])) {
$_REQUEST["extwikiId"] = 0;
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_forums.php,v 1.34 2005-05-18 10:58:53 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_forums.php,v 1.35 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -13,12 +13,8 @@ if (!isset($_REQUEST["forumId"])) {
$_REQUEST["forumId"] = 0;
}
if ($feature_forums != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_forums");
$access->check_feature($feature_forums, "feature_forums");
$smarty->display("error.tpl");
die;
}
$smarty->assign('individual', 'n');
......@@ -44,12 +40,8 @@ if ($userlib->object_has_one_permission($_REQUEST["forumId"], 'forum')) {
}
}
if ($tiki_p_admin_forum != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$access->check_permission(array('tiki_p_admin_forum'), tra("Admin: Forums"));
$smarty->display("error.tpl");
die;
}
include_once ("lib/commentslib.php");
$commentslib = new Comments($dbTiki);
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_hotwords.php,v 1.15 2005-05-18 10:58:53 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_hotwords.php,v 1.16 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,21 +11,9 @@ require_once ('tiki-setup.php');
include_once ('lib/hotwords/hotwordlib.php');
if ($feature_hotwords != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_hotwords");
$access->check_feature($feature_hotwords, "feature_hotwords");
$access->check_admin($user, tra("Admin: Hotwords"));
$smarty->display("error.tpl");
die;
}
if ($user != 'admin') {
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
}
// Process the form to add a user here
if (isset($_REQUEST["add"])) {
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_general.php,v 1.41 2005-08-12 13:01:58 sylvieg Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_general.php,v 1.42 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -8,11 +8,9 @@
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
header("location: index.php");
exit;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
// Just change site style
if (isset($_REQUEST["style"])) {
......@@ -124,10 +122,8 @@ elseif (isset($_REQUEST["prefs"])) {
elseif (isset($_REQUEST["newadminpass"])) {
check_ticket('admin-inc-general');
if ($_REQUEST["adminpass"] <> $_REQUEST["again"]) {
$smarty->assign("msg", tra("The passwords don't match"));
$smarty->display("error.tpl");
die;
$msg = tra("The passwords don't match");
$access->display_error(basename(__FILE__), $msg);
}
// Dont allow blank passwords here
......@@ -144,9 +140,7 @@ elseif (isset($_REQUEST["newadminpass"])) {
$text .= " " . $min_pass_length . " ";
$text .= tra("characters long");
$smarty->assign("msg", $text);
$smarty->display("error.tpl");
die;
$access->display_error(basename(__FILE__), $text);
}
$userlib->change_user_password("admin", $_REQUEST["adminpass"]);
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_siteid.php,v 1.4 2005-05-18 10:58:54 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_siteid.php,v 1.5 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -8,10 +8,9 @@
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
header("location: index.php");
exit;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
// Site Identity Settings
if (isset($_REQUEST["siteidentityset"])) {
......@@ -26,9 +25,8 @@ if (isset($_REQUEST["siteidentityset"])) {
$alter_result=false;
}
if ($alter_result!=true) {
$smarty->assign("msg", tra('Altering database table failed'));
$smarty->display("error.tpl");
die;
$msg = tra('Altering database table failed');
$access->display_error(basename(__FILE__), $msg);
}
}
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_wiki.php,v 1.50 2005-05-18 22:49:45 papercrane Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_include_wiki.php,v 1.51 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
header("location: index.php");
exit;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
if (isset($_REQUEST["dump"])) {
check_ticket('admin-inc-wiki');
......@@ -28,10 +26,8 @@ if (isset($_REQUEST["createtag"])) {
check_ticket('admin-inc-wiki');
// Check existance
if ($adminlib->tag_exists($_REQUEST["tagname"])) {
$smarty->assign('msg', tra("Tag already exists"));
$smarty->display("error.tpl");
die;
$msg = tra("Tag already exists");
$access->display_error(basename(__FILE__), $msg);
}
$adminlib->create_tag($_REQUEST["tagname"]);
......@@ -41,10 +37,8 @@ if (isset($_REQUEST["restoretag"])) {
check_ticket('admin-inc-wiki');
// Check existance
if (!$adminlib->tag_exists($_REQUEST["tagname"])) {
$smarty->assign('msg', tra("Tag not found"));
$smarty->display("error.tpl");
die;
$msg = tra("Tag not found");
$caaess->display_error(basename(__FILE__), $msg);
}
$adminlib->restore_tag($_REQUEST["tagname"]);
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_menus.php,v 1.15 2005-05-18 10:58:54 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_menus.php,v 1.16 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,12 +11,16 @@ require_once ('tiki-setup.php');
include_once ('lib/menubuilder/menulib.php');
$access->check_permission(array('tiki_p_admin'));
/*
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
*/
if (!isset($_REQUEST["menuId"])) {
$_REQUEST["menuId"] = 0;
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_modules.php,v 1.39 2005-05-18 10:58:54 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_modules.php,v 1.40 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -37,14 +37,8 @@ if (isset($_REQUEST['wysiwyg']) && $_REQUEST['wysiwyg'] == 'y') {
}
// PERMISSIONS: NEEDS p_admin
if ($user != 'admin') {
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$access->check_admin($user, tra("Admin: Modules"));
$smarty->display("error.tpl");
die;
}
}
// Values for the user_module edit/create form
$smarty->assign('um_name', '');
......
......@@ -7,12 +7,7 @@ require_once ('tiki-setup.php');
// do we need it?
require_once('lib/admin/adminlib.php');
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_page($user, null, array('tiki_p_admin'), tra("Admin: Security"));
// get all dangerous php settings and check them
$phpsettings=array();
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_system.php,v 1.23 2005-06-26 14:28:28 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-admin_system.php,v 1.24 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -88,11 +88,7 @@ function cache_templates($path,$newlang) {
$language=$oldlang;
}
if ($tiki_p_admin != 'y') {
$smarty->assign('msg', tra("You do not have permission to use this feature"));
$smarty->display("error.tpl");
die;
}
$access->check_permission(array('tiki_p_admin'));
$done = '';
$output = '';
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-contact.php,v 1.17 2005-05-18 10:58:55 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-contact.php,v 1.18 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -11,18 +11,9 @@ require_once ('tiki-setup.php');
include_once ('lib/messu/messulib.php');
if (!$user and $contact_anon != 'y') {
$smarty->assign('msg', tra("You are not logged in"));
$smarty->display("error.tpl");
die;
}
if ($feature_contact != 'y') {
$smarty->assign('msg', tra("This feature is disabled").": feature_contact");
$smarty->display("error.tpl");
die;
$access->check_feature($feature_contact, "feature_contact");
if ($contact_anon != 'y') {
$access->check_user($user);
}
$smarty->assign('mid', 'tiki-contact.tpl');
......
<?php
// $Header: /cvsroot/tikiwiki/tiki/tiki-error.php,v 1.14 2005-05-18 10:58:56 mose Exp $
// $Header: /cvsroot/tikiwiki/tiki/tiki-error.php,v 1.15 2005-08-25 20:50:04 michael_davey Exp $
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
......@@ -8,7 +8,6 @@
// Initialization
require_once ('tiki-setup.php');
include_once('lib/wiki/wikilib.php');
ask_ticket('error');
......@@ -46,21 +45,5 @@ if (!empty($_SERVER['HTTP_REFERER']) && preg_match('/tiki-([a-z_]+?)\.php/', $_S
}
// Display the template
$smarty->assign('msg', strip_tags($_REQUEST["error"]));
if ( isset($type) && $type == "404" ) {
$likepages = $wikilib->get_like_pages($page);
/* if we have exactly one match, redirect to it */
if(count($likepages) == 1 ) {
header("Location: tiki-index.php?page=$likepages[0]");
die;
}
$smarty->assign_by_ref('likepages', $likepages);
header ("Status: 404 Not Found"); /* PHP3 */
header ("HTTP/1.0 404 Not Found"); /* PHP4 */
$smarty->assign('errortitle', strip_tags($_REQUEST["error"]. " (404)"));
$smarty->assign('page', $page);
$smarty->assign('errortype', $type);
} else {
}
$smarty->display("error.tpl");
$access->display_error($page, $_REQUEST["error"], $type);
?>
......@@ -5,13 +5,9 @@
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//this script may only be included - so its better to die if called directly.
if (strpos($_SERVER["SCRIPT_NAME"],"tiki-mailin-code.php")!=FALSE) {
//smarty is not there - we need setup
require_once('tiki-setup.php');
$smarty->assign('msg',tra("This script cannot be called directly"));
$smarty->display("error.tpl");
die;
}
//smarty is not there - we need setup
require_once('tiki-setup.php');
$access->check_script($_SERVER["SCRIPT_NAME"],basename(__FILE__));
include_once ('lib/mailin/mailinlib.php');
......
......@@ -4,31 +4,20 @@ require_once('tiki-setup.php');
include_once ('lib/stats/statslib.php');
if (!function_exists('ms_newMapObj')) {
$smarty->assign('msg',tra("You must first setup MapServer"));
$smarty->display("error.tpl");
die;
$msg = tra("You must first setup MapServer");
$access->display_error(basename(__FILE__), $msg);
}
if(@$feature_maps != 'y') {
$smarty->assign('msg',tra("Feature disabled"));
$smarty->display("error.tpl");
die;
}
if($tiki_p_map_view != 'y') {
$smarty->assign('msg',tra("You do not have permissions to view the maps"));
$smarty->display("error.tpl");
die;
}
$access->check_feature(@$feature_maps, "feature_maps");
$access->