Update of /cvsroot/phpslash/phpslash-ft/class
In directory usw-pr-cvs1:/tmp/cvs-serv32039/phpslash-ft/class
Modified Files:
Story.class
Log Message:
deleteStory auth checks
Index: Story.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/Story.class,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** Story.class 13 Mar 2002 19:14:21 -0000 1.29
--- Story.class 13 Mar 2002 20:05:18 -0000 1.30
***************
*** 558,561 ****
--- 558,570 ----
function deleteStory($story_id) {
+ // gotta get the story user_id
+ $story_ary = $this->extractStory($story_id, "Full");
+ $user_id = $story_ary['user_id'];
+
+ if((!$this->perm->have_perm('story,root')) AND
+ ( $user_id != $this->auth->auth['uid'])) {
+ return false;
+ }
+
echo "The storyid is: $story_id<BR>\n";
$comment = new Comment;
***************
*** 587,590 ****
--- 596,600 ----
echo "removed the story<BR>\n";
}
+ return true;
}
***************
*** 878,882 ****
));
$this->template->parse("authors", "each_author", "true");
! while (list(, $cur_Author) = each($author_array)) {
$this->template->set_var(array(
"AUTHOR_ID" => $cur_Author['id'],
--- 888,892 ----
));
$this->template->parse("authors", "each_author", "true");
! while (list(, $cur_Author) = @each($author_array)) {
$this->template->set_var(array(
"AUTHOR_ID" => $cur_Author['id'],
|
