Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_official / html / modules / blocks [ view in CVS ]
Date | Directory [filter] | File(s) [view] | Author [filter] |
31 Jul 2002 13:56:21 | postnuke_official/html/modules/blocks | pnversion.php,1.6,1.7 pnadmin.php,1.46,1.47 | Paul Rosania |
some permissions cleanup |
Update of /home/cvsroot/postnuke_official/html/modules/blocks In directory ns7.hostnuke.net:/tmp/cvs-serv19473/modules/blocks Modified Files: pnversion.php pnadmin.php Log Message: some permissions cleanup Index: pnversion.php =================================================================== RCS file: /home/cvsroot/postnuke_official/html/modules/blocks/pnversion.php,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** pnversion.php 26 Apr 2002 23:42:18 -0000 1.6 --- pnversion.php 31 Jul 2002 13:56:19 -0000 1.7 *************** *** 4,8 **** $modversion['id'] = '13'; $modversion['version'] = '2.0'; ! $modversion['description'] = 'Administration of side and centre blocks'; $modversion['credits'] = ''; $modversion['help'] = ''; --- 4,8 ---- $modversion['id'] = '13'; $modversion['version'] = '2.0'; ! $modversion['description'] = 'Administration of block instances and groups'; $modversion['credits'] = ''; $modversion['help'] = ''; *************** *** 10,17 **** $modversion['license'] = ''; $modversion['official'] = 1; ! $modversion['author'] = 'Jim McDonald'; ! $modversion['contact'] = 'http://www.mcdee.net/'; $modversion['admin'] = 1; ! $modversion['securityschema'] = array('Blocks::' => 'Block key:Block title:Block ID'); $modversion['class'] = 'Core Admin'; $modversion['category'] = 'Global'; --- 10,18 ---- $modversion['license'] = ''; $modversion['official'] = 1; ! $modversion['author'] = 'Jim McDonald, Paul Rosania'; ! $modversion['contact'] = 'http://www.mcdee.net/, paul@postnuke.com'; $modversion['admin'] = 1; ! $modversion['securityschema'] = array('Blocks::Group' => 'Group name::Group ID', ! 'Blocks::Instance' => 'Block type:Block title:Block ID'); $modversion['class'] = 'Core Admin'; $modversion['category'] = 'Global'; Index: pnadmin.php =================================================================== RCS file: /home/cvsroot/postnuke_official/html/modules/blocks/pnadmin.php,v retrieving revision 1.46 retrieving revision 1.47 diff -C2 -d -r1.46 -r1.47 *** pnadmin.php 30 Jul 2002 02:26:18 -0000 1.46 --- pnadmin.php 31 Jul 2002 13:56:19 -0000 1.47 *************** *** 29,33 **** { ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) { return _BLOCKSNOAUTH; } --- 29,33 ---- { ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_READ)) { return _BLOCKSNOAUTH; } *************** *** 42,46 **** { // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) { return _BLOCKSNOAUTH; } --- 42,46 ---- { // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_READ)) { return _BLOCKSNOAUTH; } *************** *** 90,94 **** { // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) { return _BLOCKSNOAUTH; } --- 90,94 ---- { // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_READ)) { return _BLOCKSNOAUTH; } *************** *** 164,167 **** --- 164,172 ---- function blocks_admin_new_instance() { + // Permissions check + if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_ADD)) { + return _BLOCKSNOAUTH; + } + list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); *************** *** 273,276 **** --- 278,286 ---- $bid = pnVarCleanFromInput('bid'); + // Permissions check + if (!pnSecAuthAction(0, 'Blocks::Instance', "::$bid", ACCESS_READ)) { + return _BLOCKSNOAUTH; + } + list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); *************** *** 468,476 **** */ function blocks_admin_delete_instance() ! { ! // Get parameters list($bid, $confirm) = pnVarCleanFromInput('bid', 'confirm'); // Check for confirmation if (empty($confirm)) { --- 478,490 ---- */ function blocks_admin_delete_instance() ! { // Get parameters list($bid, $confirm) = pnVarCleanFromInput('bid', 'confirm'); + // Permissions check + if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_DELETE)) { + return _BLOCKSNOAUTH; + } + // Check for confirmation if (empty($confirm)) { *************** *** 616,620 **** // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) { return _BLOCKSNOAUTH; } --- 630,634 ---- // Permissions check ! if (!pnSecAuthAction(0, 'Blocks::Group', '::', ACCESS_EDIT)) { return _BLOCKSNOAUTH; } *************** *** 713,716 **** --- 727,734 ---- function blocks_admin_delete_group() { + // Permissions check + if (!pnSecAuthAction(0, 'Blocks::Group', '::', ACCESS_DELETE)) { + return _BLOCKSNOAUTH; + } // Get parameters *************** *** 761,764 **** --- 779,787 ---- { // pnModGetVar('blocks', 'collapseable') + // Permissions check + if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_EDIT)) { + return _BLOCKSNOAUTH; + } + return array(); } *************** *** 789,882 **** pnRedirect(pnModURL('blocks', 'admin', 'main')); - return true; - } - - /** - * display block specific information - */ - function blocks_admin_details() - { - list($bkey, - $modname) = pnVarCleanFromInput('bkey', - 'modname'); - - if(!pnSecConfirmAuthKey()) { - pnSessionSetVar('errmsg', _BADAUTHKEY); - pnRedirect(pnModURL('blocks', 'admin', 'main')); - return true; - } - //$modinfo = pnModGetInfo($bkey); - if (!pnBlockLoad($modname, $bkey)) { - return pnML('Block instance does not exist.'); - } - $output = new pnHTML(); - - $usname = preg_replace('/ /', '_', $modname); - $data = $usname.'_'.$bkey . 'block_help'; - if(!function_exists($data)) { - $help_info = _NOEXTRA; - } else { - $help_info = $data(); - } - $output->SetInputMode(_PNH_VERBATIMINPUT); - $output->Text(blocks_adminmenu()); - $output->LineBreak(); - $output->Text($help_info); - $output->SetInputMode(_PNH_PARSEINPUT); - - return $output->GetOutput(); - } - - /** - * deactivate a block - */ - function blocks_admin_deactivate() - { - // Get parameters - $bid = pnVarCleanFromInput('bid'); - - // Confirm authorisation code - if (!pnSecConfirmAuthKey()) { - pnSessionSetVar('errormsg', _BADAUTHKEY); - pnRedirect(pnModURL('blocks', 'admin', 'view')); - return true; - } - // Load in API - pnModAPILoad('blocks', 'admin'); - - // Pass to API - if (pnModAPIFunc('blocks', 'admin', 'deactivate', array('bid' => $bid))) { - // Success - pnSessionSetVar('statusmsg', _BLOCKDEACTIVATED); - } - // Redirect - pnRedirect(pnModURL('blocks', 'admin', 'view')); - return true; - } - - /** - * activate a block - */ - function blocks_admin_activate() - { - // Get parameters - $bid = pnVarCleanFromInput('bid'); - - // Confirm authorisation code - if (!pnSecConfirmAuthKey()) { - pnSessionSetVar('errormsg', _BADAUTHKEY); - pnRedirect(pnModURL('blocks', 'admin', 'view')); - return true; - } - // Load in API - pnModAPILoad('blocks', 'admin'); - - // Pass to API - if (pnModAPIFunc('blocks', 'admin', 'activate', array('bid' => $bid))) { - // Success - pnSessionSetVar('statusmsg', _BLOCKACTIVATED); - } - // Redirect - pnRedirect(pnModURL('blocks', 'admin', 'view')); return true; } --- 812,815 ----
View Statistics - Next Notice - Previous Notice
Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |