Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_official / html / modules / blocks [ view in CVS ]
| Date | Directory [filter] | File(s) [view] | Author [filter] |
| 31 Jul 2002 13:56:21 | postnuke_official/html/modules/blocks | pnversion.php,1.6,1.7 pnadmin.php,1.46,1.47 | Paul Rosania |
| some permissions cleanup | |||
Update of /home/cvsroot/postnuke_official/html/modules/blocks
In directory ns7.hostnuke.net:/tmp/cvs-serv19473/modules/blocks
Modified Files:
pnversion.php pnadmin.php
Log Message:
some permissions cleanup
Index: pnversion.php
===================================================================
RCS file: /home/cvsroot/postnuke_official/html/modules/blocks/pnversion.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** pnversion.php 26 Apr 2002 23:42:18 -0000 1.6
--- pnversion.php 31 Jul 2002 13:56:19 -0000 1.7
***************
*** 4,8 ****
$modversion['id'] = '13';
$modversion['version'] = '2.0';
! $modversion['description'] = 'Administration of side and centre blocks';
$modversion['credits'] = '';
$modversion['help'] = '';
--- 4,8 ----
$modversion['id'] = '13';
$modversion['version'] = '2.0';
! $modversion['description'] = 'Administration of block instances and groups';
$modversion['credits'] = '';
$modversion['help'] = '';
***************
*** 10,17 ****
$modversion['license'] = '';
$modversion['official'] = 1;
! $modversion['author'] = 'Jim McDonald';
! $modversion['contact'] = 'http://www.mcdee.net/';
$modversion['admin'] = 1;
! $modversion['securityschema'] = array('Blocks::' => 'Block key:Block title:Block ID');
$modversion['class'] = 'Core Admin';
$modversion['category'] = 'Global';
--- 10,18 ----
$modversion['license'] = '';
$modversion['official'] = 1;
! $modversion['author'] = 'Jim McDonald, Paul Rosania';
! $modversion['contact'] = 'http://www.mcdee.net/, paul@postnuke.com';
$modversion['admin'] = 1;
! $modversion['securityschema'] = array('Blocks::Group' => 'Group name::Group ID',
! 'Blocks::Instance' => 'Block type:Block title:Block ID');
$modversion['class'] = 'Core Admin';
$modversion['category'] = 'Global';
Index: pnadmin.php
===================================================================
RCS file: /home/cvsroot/postnuke_official/html/modules/blocks/pnadmin.php,v
retrieving revision 1.46
retrieving revision 1.47
diff -C2 -d -r1.46 -r1.47
*** pnadmin.php 30 Jul 2002 02:26:18 -0000 1.46
--- pnadmin.php 31 Jul 2002 13:56:19 -0000 1.47
***************
*** 29,33 ****
{
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) {
return _BLOCKSNOAUTH;
}
--- 29,33 ----
{
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_READ)) {
return _BLOCKSNOAUTH;
}
***************
*** 42,46 ****
{
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) {
return _BLOCKSNOAUTH;
}
--- 42,46 ----
{
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_READ)) {
return _BLOCKSNOAUTH;
}
***************
*** 90,94 ****
{
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) {
return _BLOCKSNOAUTH;
}
--- 90,94 ----
{
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_READ)) {
return _BLOCKSNOAUTH;
}
***************
*** 164,167 ****
--- 164,172 ----
function blocks_admin_new_instance()
{
+ // Permissions check
+ if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_ADD)) {
+ return _BLOCKSNOAUTH;
+ }
+
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
***************
*** 273,276 ****
--- 278,286 ----
$bid = pnVarCleanFromInput('bid');
+ // Permissions check
+ if (!pnSecAuthAction(0, 'Blocks::Instance', "::$bid", ACCESS_READ)) {
+ return _BLOCKSNOAUTH;
+ }
+
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
***************
*** 468,476 ****
*/
function blocks_admin_delete_instance()
! {
!
// Get parameters
list($bid, $confirm) = pnVarCleanFromInput('bid', 'confirm');
// Check for confirmation
if (empty($confirm)) {
--- 478,490 ----
*/
function blocks_admin_delete_instance()
! {
// Get parameters
list($bid, $confirm) = pnVarCleanFromInput('bid', 'confirm');
+ // Permissions check
+ if (!pnSecAuthAction(0, 'Blocks::Instance', '::', ACCESS_DELETE)) {
+ return _BLOCKSNOAUTH;
+ }
+
// Check for confirmation
if (empty($confirm)) {
***************
*** 616,620 ****
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_ADMIN)) {
return _BLOCKSNOAUTH;
}
--- 630,634 ----
// Permissions check
! if (!pnSecAuthAction(0, 'Blocks::Group', '::', ACCESS_EDIT)) {
return _BLOCKSNOAUTH;
}
***************
*** 713,716 ****
--- 727,734 ----
function blocks_admin_delete_group()
{
+ // Permissions check
+ if (!pnSecAuthAction(0, 'Blocks::Group', '::', ACCESS_DELETE)) {
+ return _BLOCKSNOAUTH;
+ }
// Get parameters
***************
*** 761,764 ****
--- 779,787 ----
{
// pnModGetVar('blocks', 'collapseable')
+ // Permissions check
+ if (!pnSecAuthAction(0, 'Blocks::', '::', ACCESS_EDIT)) {
+ return _BLOCKSNOAUTH;
+ }
+
return array();
}
***************
*** 789,882 ****
pnRedirect(pnModURL('blocks', 'admin', 'main'));
- return true;
- }
-
- /**
- * display block specific information
- */
- function blocks_admin_details()
- {
- list($bkey,
- $modname) = pnVarCleanFromInput('bkey',
- 'modname');
-
- if(!pnSecConfirmAuthKey()) {
- pnSessionSetVar('errmsg', _BADAUTHKEY);
- pnRedirect(pnModURL('blocks', 'admin', 'main'));
- return true;
- }
- //$modinfo = pnModGetInfo($bkey);
- if (!pnBlockLoad($modname, $bkey)) {
- return pnML('Block instance does not exist.');
- }
- $output = new pnHTML();
-
- $usname = preg_replace('/ /', '_', $modname);
- $data = $usname.'_'.$bkey . 'block_help';
- if(!function_exists($data)) {
- $help_info = _NOEXTRA;
- } else {
- $help_info = $data();
- }
- $output->SetInputMode(_PNH_VERBATIMINPUT);
- $output->Text(blocks_adminmenu());
- $output->LineBreak();
- $output->Text($help_info);
- $output->SetInputMode(_PNH_PARSEINPUT);
-
- return $output->GetOutput();
- }
-
- /**
- * deactivate a block
- */
- function blocks_admin_deactivate()
- {
- // Get parameters
- $bid = pnVarCleanFromInput('bid');
-
- // Confirm authorisation code
- if (!pnSecConfirmAuthKey()) {
- pnSessionSetVar('errormsg', _BADAUTHKEY);
- pnRedirect(pnModURL('blocks', 'admin', 'view'));
- return true;
- }
- // Load in API
- pnModAPILoad('blocks', 'admin');
-
- // Pass to API
- if (pnModAPIFunc('blocks', 'admin', 'deactivate', array('bid' => $bid))) {
- // Success
- pnSessionSetVar('statusmsg', _BLOCKDEACTIVATED);
- }
- // Redirect
- pnRedirect(pnModURL('blocks', 'admin', 'view'));
- return true;
- }
-
- /**
- * activate a block
- */
- function blocks_admin_activate()
- {
- // Get parameters
- $bid = pnVarCleanFromInput('bid');
-
- // Confirm authorisation code
- if (!pnSecConfirmAuthKey()) {
- pnSessionSetVar('errormsg', _BADAUTHKEY);
- pnRedirect(pnModURL('blocks', 'admin', 'view'));
- return true;
- }
- // Load in API
- pnModAPILoad('blocks', 'admin');
-
- // Pass to API
- if (pnModAPIFunc('blocks', 'admin', 'activate', array('bid' => $bid))) {
- // Success
- pnSessionSetVar('statusmsg', _BLOCKACTIVATED);
- }
- // Redirect
- pnRedirect(pnModURL('blocks', 'admin', 'view'));
return true;
}
--- 812,815 ----
View Statistics - Next Notice - Previous Notice
| Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |