Menu
▾
▴
[phpws-comm-commits] modules/article/class AM_Lists.php, 1.17, 1.18 AM_Data.php, 1.15, 1.16 Article.php, 1.52, 1.53
|
From: Eloi G. <ada...@us...> - 2008-10-08 17:21:34
|
Update of /cvsroot/phpwebsite-comm/modules/article/class In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv18219/class Modified Files: AM_Lists.php AM_Data.php Article.php Log Message: Added ownership check before showing an edit link Index: AM_Data.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/article/class/AM_Data.php,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** AM_Data.php 21 Aug 2008 20:17:32 -0000 1.15 --- AM_Data.php 8 Oct 2008 17:21:18 -0000 1.16 *************** *** 211,215 **** if (!empty($object)) { /* if user can edit articles or can edit this article... */ ! if (Current_User::allow('article', 'edit_articles', $object->id) & !$object->isLocked($object->editlock, $object->edituser)) $link[] = PHPWS_Text::moduleLink(dgettext('article', 'Edit this article'), 'article', array('op'=>'edit', 'id' => $object->id)); /* if user can delete articles or can delete this article... */ --- 211,215 ---- if (!empty($object)) { /* if user can edit articles or can edit this article... */ ! if ((Current_User::allow('article', 'edit_articles', $object->id) || (Current_User::getId() && $object->created_id == Current_User::getId())) & !$object->isLocked($object->editlock, $object->edituser)) $link[] = PHPWS_Text::moduleLink(dgettext('article', 'Edit this article'), 'article', array('op'=>'edit', 'id' => $object->id)); /* if user can delete articles or can delete this article... */ Index: AM_Lists.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/article/class/AM_Lists.php,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** AM_Lists.php 21 Aug 2008 20:17:32 -0000 1.17 --- AM_Lists.php 8 Oct 2008 17:21:18 -0000 1.18 *************** *** 252,256 **** /* ACTION */ /* if user can edit articles or can edit this article... */ ! if (Current_User::allow('article', 'edit_articles', $created_id)) { /* If someone else is editing this page... */ if (PHPWS_Article::isLocked($editlock, $edituser)) --- 252,256 ---- /* ACTION */ /* if user can edit articles or can edit this article... */ ! if (Current_User::allow('article', 'edit_articles', $id) || (Current_User::getId() && $created_id == Current_User::getId())) { /* If someone else is editing this page... */ if (PHPWS_Article::isLocked($editlock, $edituser)) Index: Article.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/article/class/Article.php,v retrieving revision 1.52 retrieving revision 1.53 diff -C2 -d -r1.52 -r1.53 *** Article.php 21 Aug 2008 20:17:32 -0000 1.52 --- Article.php 8 Oct 2008 17:21:18 -0000 1.53 *************** *** 282,286 **** /* if user can edit articles or can edit this article... */ ! if (Current_User::allow('article', 'edit_articles', $this->id)) { /* If someone else is editing this article... */ if ($this->isLocked($this->editlock, $this->edituser)) --- 282,286 ---- /* if user can edit articles or can edit this article... */ ! if (Current_User::allow('article', 'edit_articles', $this->id) || (Current_User::getId() && $this->created_id == Current_User::getId())) { /* If someone else is editing this article... */ if ($this->isLocked($this->editlock, $this->edituser)) *************** *** 924,928 **** { $now = time(); ! return ($this->mainarticle || ($this->approved && $this->publication_date <= $now --- 924,928 ---- { $now = time(); ! return $this->mainarticle || ($this->approved && $this->publication_date <= $now *************** *** 930,934 **** || ($_REQUEST['module']=='article' && !$saving ! && Current_User::allow('article', 'edit_articles', $this->id)) || $GLOBALS['module']=='approval'); } --- 930,935 ---- || ($_REQUEST['module']=='article' && !$saving ! && (Current_User::allow('article', 'edit_articles', $this->id) ! || (Current_User::getId() && $this->created_id == Current_User::getId())) || $GLOBALS['module']=='approval'); } |
