Update of /cvsroot/phpslash/phpslash-ft/class
In directory usw-pr-cvs1:/tmp/cvs-serv18487/phpslash-ft/class
Modified Files:
Story.class
Log Message:
newStory auth checks
Index: Story.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/Story.class,v
retrieving revision 1.28
retrieving revision 1.29
diff -C2 -d -r1.28 -r1.29
*** Story.class 3 Feb 2002 02:49:40 -0000 1.28
--- Story.class 13 Mar 2002 19:14:21 -0000 1.29
***************
*** 1116,1119 ****
--- 1116,1125 ----
$user_id = $this->db->Record['user_id'];
+ // Normal users can't edit another user's stories
+ if((!$this->perm->have_perm('story,root')) AND
+ ( $user_id != $this->auth->auth['uid'])) {
+ return false;
+ }
+
/* if god-level, enable setting of date, otherwise display date */
if (!$this->perm->have_perm("story,root")) {
***************
*** 1224,1228 ****
$this->template->parse('OUT',array("newstory"));
$this->template->p('OUT');
!
}
--- 1230,1234 ----
$this->template->parse('OUT',array("newstory"));
$this->template->p('OUT');
! return true;
}
|
