[evolvis-commits] r8002: Patch 69: Allow non-site-wide-admins to post news?==?UTF-8?Q?↵
mirabilos at evolvis.org
mirabilos at evolvis.org
Thu Feb 24 15:54:57 CET 2011
Author: mirabilos
Date: 2011-02-24 15:54:57 +0100 (Thu, 24 Feb 2011)
New Revision: 8002
Modified:
trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class
Log:
Patch 69: Allow non-site-wide-admins to post news
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class 2011-02-24 14:54:55 UTC (rev 8001)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class 2011-02-24 14:54:57 UTC (rev 8002)
@@ -8,6 +8,7 @@
* @version $Id$
*/
+require_once('pre.php');
require_once('common/include/Error.class');
require_once('common/forum/ForumMessage.class');
@@ -105,11 +106,22 @@
return false;
}
- $perm =& $this->Group->getPermission( session_get_user() );
+ // This is a hack to allow non-site-wide-admins to post
+ // news. The news/submit.php checks for proper permissions.
+ // This needs to be revisited.
+ global $sys_news_group;
+ if ($this->Group->getID() == $sys_news_group) {
+ // Future check will be added.
- if (!$perm || !is_object($perm) || !$perm->isForumAdmin()) {
- $this->setError('Permission Denied');
- return false;
+ } else {
+ // Current permissions check.
+
+ $perm =& $this->Group->getPermission( session_get_user() );
+
+ if (!$perm || !is_object($perm) || !$perm->isForumAdmin()) {
+ $this->setError('Permission Denied');
+ return false;
+ }
}
$sql="INSERT INTO forum_group_list (group_id,forum_name,is_public,description,send_all_posts_to,allow_anonymous)
@@ -296,7 +308,7 @@
$this->setError('You Can Only Monitor If You Are Logged In');
return false;
}
- $sql="SELECT * FROM forum_monitored_forums
+ $sql="SELECT * FROM forum_monitored_forums
WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
$result = db_query($sql);
@@ -305,7 +317,7 @@
User is not already monitoring thread, so
insert a row so monitoring can begin
*/
- $sql="INSERT INTO forum_monitored_forums (forum_id,user_id)
+ $sql="INSERT INTO forum_monitored_forums (forum_id,user_id)
VALUES ('".$this->getID()."','".user_getid()."')";
$result = db_query($sql);
@@ -324,7 +336,7 @@
$this->setError('You Can Only Monitor If You Are Logged In');
return false;
}
- $sql="DELETE FROM forum_monitored_forums
+ $sql="DELETE FROM forum_monitored_forums
WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
return db_query($sql);
}
@@ -333,7 +345,7 @@
if (!session_loggedin()) {
return false;
}
- $sql="SELECT * FROM forum_monitored_forums
+ $sql="SELECT * FROM forum_monitored_forums
WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
$result = db_query($sql);
@@ -350,7 +362,7 @@
$this->setError('You Can Only Save Your Place If You Are Logged In');
return false;
}
- $sql="SELECT * FROM forum_saved_place
+ $sql="SELECT * FROM forum_saved_place
WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."'";
$result = db_query($sql);
@@ -371,7 +383,7 @@
}
} else {
- $sql="UPDATE forum_saved_place
+ $sql="UPDATE forum_saved_place
SET save_date='".time()."'
WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."'";
$result = db_query($sql);
More information about the evolvis-commits
mailing list