Update of /cvsroot/php-blog/serendipity/include/admin
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24425/include/admin
Modified Files:
plugins.inc.php
Log Message:
< Administrator users shall not be allowed to hide plugins not added by them
Index: plugins.inc.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/include/admin/plugins.inc.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- plugins.inc.php 2 Jan 2005 15:05:48 -0000 1.11
+++ plugins.inc.php 10 Jan 2005 16:25:10 -0000 1.12
@@ -57,6 +57,8 @@
foreach ($plugins as $plugin_data) {
$plugin =& serendipity_plugin_api::load_plugin($plugin_data['name'], $plugin_data['authorid']);
$key = urlencode($plugin_data['name']);
+ $is_plugin_owner = ($plugin_data['authorid'] == $serendipity['authorid'] || $serendipity['serendipityUserlevel'] >= USERLEVEL_ADMIN);
+ $is_plugin_editable = ($is_plugin_owner || $plugin_data['authorid'] == '0');
if (!is_object($plugin)) {
$name = ERROR . ': ' . $plugin_data['name'];
@@ -83,7 +85,7 @@
$place = '<input type="hidden" name="serendipity[placement][' . $plugin_data['name'] . ']" value="event" />';
$event_only_uri = '&serendipity[event_plugin]=true';
} else {
- $place = placement_box('serendipity[placement][' . $plugin_data['name'] . ']', $plugin_data['placement']);
+ $place = placement_box('serendipity[placement][' . $plugin_data['name'] . ']', $plugin_data['placement'], $is_plugin_editable);
$event_only_uri = '';
}
@@ -103,7 +105,7 @@
<tr>
<td style="border-bottom: 1px solid #000000">
<div>
- <?php if ($plugin_data['authorid'] == '0' || $plugin_data['authorid'] == $serendipity['authorid'] || $serendipity['serendipityUserlevel'] >= USERLEVEL_ADMIN) { ?>
+ <?php if ($is_plugin_editable) { ?>
<input type="checkbox" name="serendipity[plugin_to_remove][]" value="<?php echo $plugin_data['name']; ?>" />
<?php } else { ?>
@@ -115,11 +117,7 @@
<td style="border-bottom: 1px solid #000000" nowrap="nowrap">
<div>
<?php
- if ($plugin_data['authorid'] == $serendipity['authorid'] || $serendipity['serendipityUserlevel'] >= USERLEVEL_ADMIN) {
- ownership($plugin_data['authorid'], $plugin_data['name']);
- } else {
- ownership($plugin_data['authorid'], $plugin_data['name'], true);
- }
+ ownership($plugin_data['authorid'], $plugin_data['name'], $is_plugin_owner);
?>
</div>
</td>
@@ -146,7 +144,7 @@
<?php
}
-function ownership($authorid, $name, $readonly = false) {
+function ownership($authorid, $name, $is_plugin_owner = false) {
global $serendipity;
static $users = array();
@@ -154,7 +152,7 @@
$users = serendipity_fetchUsers();
}
- if (!$readonly) {
+ if ($is_plugin_owner) {
?>
<select name="serendipity[ownership][<?php echo $name; ?>]">
<option value="0"><?php echo ALL_AUTHORS; ?></option>
@@ -162,16 +160,16 @@
}
foreach($users AS $user) {
- if ($readonly && $user['authorid'] == $authorid) {
+ if (!$is_plugin_owner && $user['authorid'] == $authorid) {
$username = htmlspecialchars($user['username']);
- } elseif (!$readonly) {
+ } elseif ($is_plugin_owner) {
?>
<option value="<?php echo $user['authorid']; ?>"<?php echo ($user['authorid'] == $authorid ? ' selected="selected"' : ''); ?>><?php echo htmlspecialchars($user['username']); ?></option>
<?php
}
}
- if (!$readonly) {
+ if ($is_plugin_owner) {
?>
</select>
<?php
@@ -180,7 +178,7 @@
}
}
-function placement_box($name, $val)
+function placement_box($name, $val, $is_plugin_editable = false)
{
static $opts = array(
'left' => LEFT,
@@ -190,6 +188,10 @@
$x = "\n<select name=\"$name\">\n";
foreach ($opts as $k => $v) {
+ if (!$is_plugin_editable && $k == 'hide') {
+ continue;
+ }
+
$x .= " <option value=\"$k\"" . ($k == $val ? ' selected="selected"' : '') . ">$v</option>\n";
}
return $x . "</select>\n";
|
