From: Christopher Kings-L. <ch...@us...> - 2005-05-29 08:33:17
|
Update of /cvsroot/planeshift/SC/spells/php In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20284/spells/php Modified Files: spells.php Log Message: Add permissions on remaining objects. Add 'superAdmin' privilege which allows access to everything. Index: spells.php =================================================================== RCS file: /cvsroot/planeshift/SC/spells/php/spells.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** spells.php 13 May 2005 01:36:41 -0000 1.8 --- spells.php 29 May 2005 08:33:08 -0000 1.9 *************** *** 32,35 **** --- 32,37 ---- function seaSpells() { + checkPrivilege('seaSpells'); + // search character function GPH_OutputFile(BASE_DIR . "spells" . DIR_SEP . "css" . DIR_SEP . "seaSpell.css", $vars); *************** *** 40,43 **** --- 42,47 ---- function searchParse() { + checkPrivilege('seaSpells'); + $this->seaSpells(); *************** *** 53,56 **** --- 57,62 ---- function editRec() { + checkPrivilege('viewSpell'); + global $vars; $link = $this->_link; *************** *** 60,67 **** // this will be a custom edit form for each and every page. // set up all our vars etc ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } $sqlWhere['fields'][0] = 'id'; --- 66,75 ---- // this will be a custom edit form for each and every page. // set up all our vars etc ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } $sqlWhere['fields'][0] = 'id'; *************** *** 125,128 **** --- 133,138 ---- function editRecSpellDetail() { + checkPrivilege('viewSpell'); + global $vars; *************** *** 160,163 **** --- 170,175 ---- function updRec() { // update our records + checkPrivilege('editSpell'); + global $vars; *************** *** 168,175 **** $failed = false; ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $key; ! $failed = true; ! } if($failed) { $vars['ERROR'] = "Update failed due to blank fields or bad data. Problematic fields are highlighted in yellow."; --- 180,189 ---- $failed = false; ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } if($failed) { $vars['ERROR'] = "Update failed due to blank fields or bad data. Problematic fields are highlighted in yellow."; *************** *** 188,191 **** --- 202,207 ---- function updRecDetail() { // update our records + checkPrivilege('editGlyph'); + global $vars; *************** *** 196,203 **** $myForm->validateFormsVals(&$vars); $failed = false; ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } if($failed) { --- 212,221 ---- $myForm->validateFormsVals(&$vars); $failed = false; ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } if($failed) { *************** *** 217,220 **** --- 235,240 ---- function delRec() { + checkPrivilege('delSpell'); + global $vars; *************** *** 228,231 **** --- 248,253 ---- function delRecDetail() { + checkPrivilege('delGlyph'); + global $vars; *************** *** 240,243 **** --- 262,267 ---- function addSpell() { + checkPrivilege('addSpell'); + global $vars; $link = $this->_link; *************** *** 247,255 **** // this will be a custom edit form for each and every page. // set up all our vars etc ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! $sqlWhere['fields'][0] = 'id'; $sqlWhere['values'][0] = $vars['id']; --- 271,281 ---- // this will be a custom edit form for each and every page. // set up all our vars etc ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } ! $sqlWhere['fields'][0] = 'id'; $sqlWhere['values'][0] = $vars['id']; *************** *** 303,306 **** --- 329,334 ---- function addSpellDetail() { + checkPrivilege('addGlyph'); + global $vars; $link = $this->_link; *************** *** 339,342 **** --- 367,372 ---- function addNew() { + checkPrivilege('addSpell'); + global $vars; *************** *** 347,354 **** $failed = false; ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } if($failed) { --- 377,386 ---- $failed = false; ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } if($failed) { *************** *** 366,369 **** --- 398,403 ---- function addRecDetail() { + checkPrivilege('addGlyph'); + global $vars; *************** *** 376,383 **** $failed = false; ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } if($failed) { --- 410,419 ---- $failed = false; ! if (isset($vars['JS_VALIDATOR'])) { ! foreach ($vars['JS_VALIDATOR'] as $key => $value) { ! $vars['BAD_FIELD'] .= $value; ! $failed = true; ! } ! } if($failed) { |