[evolvis-commits] r8002: Patch 69: Allow non-site-wide-admins to post news?==?UTF-8?Q?↵

mirabilos at evolvis.org mirabilos at evolvis.org
Thu Feb 24 15:54:57 CET 2011


Author: mirabilos
Date: 2011-02-24 15:54:57 +0100 (Thu, 24 Feb 2011)
New Revision: 8002

Modified:
   trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class
Log:
Patch 69: Allow non-site-wide-admins to post news


Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class	2011-02-24 14:54:55 UTC (rev 8001)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class	2011-02-24 14:54:57 UTC (rev 8002)
@@ -8,6 +8,7 @@
  * @version   $Id$
  */
 
+require_once('pre.php');
 require_once('common/include/Error.class');
 require_once('common/forum/ForumMessage.class');
 
@@ -105,11 +106,22 @@
 			return false;
 		}
 
-		$perm =& $this->Group->getPermission( session_get_user() );
+		// This is a hack to allow non-site-wide-admins to post
+		// news.  The news/submit.php checks for proper permissions.
+		// This needs to be revisited.
+		global $sys_news_group;
+		if ($this->Group->getID() == $sys_news_group) {
+			// Future check will be added.
 
-		if (!$perm || !is_object($perm) || !$perm->isForumAdmin()) {
-			$this->setError('Permission Denied');
-			return false;
+		} else {
+			// Current permissions check.
+
+			$perm =& $this->Group->getPermission( session_get_user() );
+
+			if (!$perm || !is_object($perm) || !$perm->isForumAdmin()) {
+				$this->setError('Permission Denied');
+				return false;
+			}
 		}
 
 		$sql="INSERT INTO forum_group_list (group_id,forum_name,is_public,description,send_all_posts_to,allow_anonymous)
@@ -296,7 +308,7 @@
 			$this->setError('You Can Only Monitor If You Are Logged In');
 			return false;
 		}
-		$sql="SELECT * FROM forum_monitored_forums 
+		$sql="SELECT * FROM forum_monitored_forums
 			WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
 		$result = db_query($sql);
 
@@ -305,7 +317,7 @@
 				User is not already monitoring thread, so
 				insert a row so monitoring can begin
 			*/
-			$sql="INSERT INTO forum_monitored_forums (forum_id,user_id) 
+			$sql="INSERT INTO forum_monitored_forums (forum_id,user_id)
 				VALUES ('".$this->getID()."','".user_getid()."')";
 
 			$result = db_query($sql);
@@ -324,7 +336,7 @@
 			$this->setError('You Can Only Monitor If You Are Logged In');
 			return false;
 		}
-		$sql="DELETE FROM forum_monitored_forums 
+		$sql="DELETE FROM forum_monitored_forums
 			WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
 		return db_query($sql);
 	}
@@ -333,7 +345,7 @@
 		if (!session_loggedin()) {
 			return false;
 		}
-		$sql="SELECT * FROM forum_monitored_forums 
+		$sql="SELECT * FROM forum_monitored_forums
 			WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."';";
 
 		$result = db_query($sql);
@@ -350,7 +362,7 @@
 			$this->setError('You Can Only Save Your Place If You Are Logged In');
 			return false;
 		}
-		$sql="SELECT * FROM forum_saved_place 
+		$sql="SELECT * FROM forum_saved_place
 			WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."'";
 
 		$result = db_query($sql);
@@ -371,7 +383,7 @@
 			}
 
 		} else {
-			$sql="UPDATE forum_saved_place 
+			$sql="UPDATE forum_saved_place
 				SET save_date='".time()."'
 				WHERE user_id='".user_getid()."' AND forum_id='".$this->getID()."'";
 			$result = db_query($sql);



More information about the evolvis-commits mailing list