diff options
| author | neoraider <devnull@localhost> | 2006-04-14 02:20:03 +0200 |
|---|---|---|
| committer | neoraider <devnull@localhost> | 2006-04-14 02:20:03 +0200 |
| commit | 9b75fe7dbb5d0facae0ad516b580886c3e5a7aec (patch) | |
| tree | 55e2c642398b0502c618c87ae297e867b85a1bef | |
| parent | 1f93dbaae6aa262ae32592e08605e26af9d98a0f (diff) | |
| download | neon-9b75fe7dbb5d0facae0ad516b580886c3e5a7aec.tar neon-9b75fe7dbb5d0facae0ad516b580886c3e5a7aec.zip | |
Rechteverwaltung ?berarbeitet.
| -rw-r--r-- | code/pages.inc.php | 90 | ||||
| -rw-r--r-- | config/neon.sql | 36 | ||||
| -rw-r--r-- | pages/Login.c.xml | 2 | ||||
| -rw-r--r-- | pages/Login.n.xml | 2 | ||||
| -rw-r--r-- | pages/Logout.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/Copy.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/Delete.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/Edit.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/Handle.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/New.c.xml | 2 | ||||
| -rw-r--r-- | pages/Pages/Rename.c.xml | 2 | ||||
| -rw-r--r-- | pages/Privileges.c.xml | 12 | ||||
| -rw-r--r-- | pages/Privileges/Update.c.xml | 39 | ||||
| -rw-r--r-- | pages/Users.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/Delete.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/Group.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/Handle.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/New.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/Password.c.xml | 2 | ||||
| -rw-r--r-- | pages/Users/Rename.c.xml | 2 | ||||
| -rw-r--r-- | pages/default.e.xml | 2 | ||||
| -rw-r--r-- | pages/phpexec.e.xml | 2 |
23 files changed, 124 insertions, 91 deletions
diff --git a/code/pages.inc.php b/code/pages.inc.php index d712242..50ca2b7 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -80,30 +80,28 @@ } function HasAccess($page, $type) { - if($GLOBALS['user']->IsAdmin()) return $this->Exists($page, $type); + if(!$this->Exists($page, $type)) return false; + if($GLOBALS['user']->IsAdmin()) return true; $gid = $GLOBALS['user']->gid; - $pagedata = $this->GetPageData($page, $type); - - if(!$pagedata) - return false; + $access = $this->GetAccess($page, $type); - return ((hexdec(substr($pagedata['access'], ($gid/8)*2, 2)) & (1 << ($gid%8))) != 0); + return ((hexdec($access[$gid/4]) & (1 << ($gid%4))) != 0); } function GetPageData($page, $type) { if(!$this->Exists($page, $type)) return null; if(!$this->pages[$page . '.' . $type]) { - $res = $GLOBALS['db']->Execute('SELECT template, HEX(access), data FROM pages WHERE name = ? AND type = ?', array($page, $type)); + $res = $GLOBALS['db']->Execute('SELECT template, data FROM pages WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) { - parse_str($res->fields[2], $data); + parse_str($res->fields[1], $data); $data = array_map('Unquote', $data); $this->pages[$page . '.' . $type] = array('name' => $page, 'type' => $type, 'template' => $res->fields[0], - 'access' => $res->fields[1], 'data' => $data); + 'access' => '', 'data' => $data); } else { $filename = $GLOBALS['modules']->pages[$page . '.' . $type]; @@ -141,6 +139,11 @@ $this->pages[$page . '.' . $type] = array('name' => $page, 'type' => $type, 'template' => $template, 'access' => $access, 'data' => $data); } + + $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); + + if($res->RecordCount()) + $this->pages[$page . '.' . $type]['access'] = $res->fields[0]; } return $this->pages[$page . '.' . $type]; @@ -149,7 +152,7 @@ function Add($name, $type, $template) { if($this->Exists($name, $type)) return false; - $GLOBALS['db']->Execute('INSERT INTO pages (name, template, access, data, type) VALUES (?, ?, "", "", ?)', + $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, "", ?)', array($name, $template, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); @@ -161,26 +164,22 @@ foreach($data as $key => $val) $string .= urlencode($key) . '=' . urlencode($val) . '&'; - $GLOBALS['db']->Execute('UPDATE pages SET data = ? WHERE name = ? AND type = ?', + $res = $GLOBALS['db']->Execute('SELECT id FROM pages WHERE name = ? AND type = ?', + array($page, $type)); + + if($res->RecordCount()) { + $GLOBALS['db']->Execute('UPDATE pages SET data = ? WHERE name = ? AND type = ?', array(substr($string, 0, -1), $page, $type)); - if($GLOBALS['db']->Affected_Rows()) return true; + return true; + } $pagedata = $this->GetPageData($page, $type); - $string = ''; - - foreach($pagedata['data'] as $key => $val) - $string .= urlencode($key) . '=' . urlencode($val) . '&'; - - $access = ''; - - for($i = 0; $i < strlen($pagedata['access']); $i+=2) - $access .= chr(hexdec(substr($pagedata['access'], $i, 2))); - - - $GLOBALS['db']->Execute('INSERT INTO pages (name, template, access, data, type) VALUES (?, ?, ?, ?, ?)', - array($page, $pagedata['template'], $access, $string, $type)); + $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', + array($page, $type, $pagedata['access'])); + $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, ?, ?)', + array($page, $pagedata['template'], $string, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } @@ -188,6 +187,7 @@ function Rename($page, $type, $new_name) { if($this->Exists($new_name, $type)) return false; + $GLOBALS['db']->Execute('UPDATE privs SET name = ? WHERE name = ? AND type = ?', array($new_name, $page, $type)); $GLOBALS['db']->Execute('UPDATE pages SET name = ? WHERE name = ? AND type = ?', array($new_name, $page, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); @@ -204,13 +204,14 @@ foreach($pagedata['data'] as $key => $val) $string .= urlencode($key) . '=' . urlencode($val) . '&'; - $GLOBALS['db']->Execute('INSERT INTO pages (name, template, access, data, type) VALUES (?, ?, "", ?, ?)', + $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, ?, ?)', array($new_name, $pagedata['template'], $string, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Delete($page, $type) { + $GLOBALS['db']->Execute('DELETE FROM privs WHERE name = ? AND type = ?', array($page, $type)); $GLOBALS['db']->Execute('DELETE FROM pages WHERE name = ? AND type = ?', array($page, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); @@ -230,6 +231,43 @@ return $pages; } + + function GetAccess($page, $type) { + $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); + + if($res->RecordCount()) + return $res->fields[0]; + + $pagedata = $this->GetPageData($page, $type); + + return $pagedata['access']; + } + + function SetAccess($page, $type, $access) { + $res = $GLOBALS['db']->Execute('SELECT id FROM privs WHERE name = ? AND type = ?', array($page, $type)); + + if($res->RecordCount()) { + $GLOBALS['db']->Execute('UPDATE privs SET readaccess = ? WHERE name = ? AND type = ?', array($access, $page, $type)); + + return true; + } + + $pagedata = $this->GetPageData($page, $type); + + if(strlen($access) > strlen($pagedata['access'])) { + if(eregi('^' . $pagedata['access'] . '0+$', $access)) return true; + } + elseif(strlen($access) < strlen($pagedata['access'])) { + if(eregi('^' . $access . '0+$', $pagedata['access'])) return true; + } + else { + if(strcasecmp($access, $pagedata['access']) == 0) return true; + } + + $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', array($page, $type, $access)); + + return ($GLOBALS['db']->Affected_Rows() > 0); + } } $GLOBALS['pages'] = new Pages; diff --git a/config/neon.sql b/config/neon.sql index 266528a..4d663dd 100644 --- a/config/neon.sql +++ b/config/neon.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 13. April 2006 um 02:38 +-- Erstellungszeit: 14. April 2006 um 02:13 -- Server Version: 5.0.19 -- PHP-Version: 5.1.2-1+b1 -- @@ -71,20 +71,42 @@ CREATE TABLE `pages` ( `id` bigint(20) NOT NULL, `name` varchar(255) NOT NULL default '', `template` varchar(255) NOT NULL, - `access` blob NOT NULL, `data` longtext NOT NULL, `type` enum('c','n','e') NOT NULL default 'c', PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`,`type`) -) TYPE=MyISAM AUTO_INCREMENT=56 ; +) TYPE=MyISAM AUTO_INCREMENT=58 ; -- -- Daten für Tabelle `pages` -- -INSERT INTO `pages` VALUES (47, 'Home:Startseite', 'default', 0x09, 'title=Startseite&content=Welcome+to+Neon&', 'c'); -INSERT INTO `pages` VALUES (48, 'Test:LoremIpsum', 'default', 0x09, 'title=Lorem+Ipsum&content=Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Ut+a+sapien.+Aliquam+aliquet+purus+molestie+dolor.+Integer+quis+eros+ut+erat+posuere+dictum.+Curabitur+dignissim.+Integer+orci.+Fusce+vulputate+lacus+at+ipsum.+Quisque+in+libero+nec+mi+laoreet+volutpat.+Aliquam+eros+pede%2C+scelerisque+quis%2C+tristique+cursus%2C+placerat+convallis%2C+velit.+Nam+condimentum.+Nulla+ut+mauris.+Curabitur+adipiscing%2C+mauris+non+dictum+aliquam%2C+arcu+risus+dapibus+diam%2C+nec+sollicitudin+quam+erat+quis+ligula.+Aenean+massa+nulla%2C+volutpat+eu%2C+accumsan+et%2C+fringilla+eget%2C+odio.+Nulla+placerat+porta+justo.+Nulla+vitae+turpis.+Praesent+lacus.%0AVestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Aliquam+ultricies+lacus+eu+dui.+Duis+viverra+risus+et+eros.+Aenean+odio+dolor%2C+tristique+quis%2C+commodo+id%2C+posuere+sit+amet%2C+dui.+Pellentesque+velit.+Aliquam+erat+volutpat.+Duis+sagittis+nibh+sed+justo.+Sed+ultrices+nisl+sed+pede.+Sed+tempor+lorem+in+leo.+Integer+gravida+tincidunt+nunc.+Vivamus+ut+quam+vel+ligula+tristique+condimentum.+Proin+facilisis.+Aliquam+sagittis+lacinia+mi.+Donec+sagittis+luctus+dui.+Maecenas+quam+ante%2C+vestibulum+auctor%2C+blandit+in%2C+iaculis+in%2C+velit.+Aliquam+at+ligula.+Nam+a+tellus.+Aliquam+eu+nulla+at+turpis+vulputate+hendrerit.+Proin+at+diam.+Curabitur+euismod.%0ALorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Quisque+vel+erat+eget+diam+consectetuer+iaculis.+Cras+ante+velit%2C+suscipit+et%2C+porta+tempus%2C+dignissim+quis%2C+magna.+Vivamus+viverra%2C+turpis+nec+rhoncus+ultricies%2C+diam+turpis+eleifend+nisl%2C+a+eleifend+ante+felis+ac+sapien.+Integer+bibendum.+Suspendisse+in+mi+non+neque+bibendum+convallis.+Suspendisse+potenti.+Sed+sit+amet+purus+at+felis+adipiscing+aliquam.+Vivamus+et+nisl+sit+amet+mauris+aliquet+molestie.+Integer+tortor+massa%2C+aliquam+a%2C+lacinia+nonummy%2C+sagittis+nec%2C+eros.+Nunc+non+mauris+id+eros+venenatis+adipiscing.+Cras+et+lectus+ut+nisl+pharetra+ornare.+Proin+leo+risus%2C+elementum+eget%2C+ultrices+vitae%2C+molestie+sed%2C+erat.+Curabitur+et+lectus+in+tellus+egestas+hendrerit.+Sed+dapibus+ipsum.+Quisque+sit+amet+ligula.+Suspendisse+odio+dolor%2C+semper+id%2C+feugiat+quis%2C+sodales+id%2C+mauris.+Curabitur+id+ligula+ac+libero+malesuada+pharetra.%0ASuspendisse+potenti.+Cras+ut+mi+sit+amet+quam+consequat+consequat.+Aenean+ut+lectus.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Suspendisse+vel+sapien.+Nullam+non+turpis.+Pellentesque+elementum+pharetra+ligula.+In+rhoncus.+Aliquam+vel+enim+consequat+sem+aliquet+hendrerit.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Nam+felis.%0ACum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Maecenas+tortor+metus%2C+pellentesque+nec%2C+vehicula+vitae%2C+suscipit+sed%2C+quam.+Aenean+scelerisque+sodales+tortor.+Sed+purus.+Curabitur+turpis+est%2C+bibendum+tristique%2C+porttitor+tempor%2C+pulvinar+vitae%2C+tortor.+Nullam+malesuada+dapibus+orci.+Vivamus+aliquet+tempus+velit.+Curabitur+interdum+posuere+risus.+Duis+egestas%2C+ipsum+sit+amet+molestie+tincidunt%2C+ligula+libero+pretium+risus%2C+non+faucibus+tellus+felis+mattis+sapien.+Ut+eu+velit+at+massa+auctor+mattis.+Nam+tristique+velit+quis+nisl.%0AVivamus+neque+velit%2C+ornare+vitae%2C+tempor+vel%2C+ultrices+et%2C+wisi.+Cras+pede.+Phasellus+nunc+turpis%2C+cursus+non%2C+rhoncus+vitae%2C+sollicitudin+vel%2C+velit.+Vivamus+suscipit+lorem+sed+felis.+Vestibulum+vestibulum+ultrices+turpis.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Praesent+ornare+nulla+nec+justo.+Sed+nec+risus+ac+risus+fermentum+vestibulum.+Etiam+viverra+viverra+sem.+Etiam+molestie+mi+quis+metus+hendrerit+tristique.%0AQuisque+lobortis+euismod+metus.+Nam+ante.+Nulla+fermentum%2C+risus+non+pulvinar+porttitor%2C+enim+pede+egestas+nibh%2C+sit+amet+posuere+metus+tortor+id+enim.+Donec+at+sem.+Vestibulum+in+lectus+ut+diam+lacinia+lacinia.+Maecenas+sit+amet+nulla.+Suspendisse+vel+dolor.+Nunc+hendrerit+elit+vitae+quam.+In+nonummy+velit+nec+lorem.+Etiam+rhoncus+felis+a+turpis.+Aliquam+vel+nulla.+Ut+nonummy%2C+nisl+non+sodales+iaculis%2C+mi+tellus+viverra+diam%2C+eget+euismod+dui+turpis+at+mi.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+hymenaeos.+Vestibulum+nec+quam+ac+lectus+sagittis+tincidunt.%0ANulla+facilisi.+Nam+varius+ante+dignissim+arcu.+Suspendisse+molestie+dignissim+neque.+Suspendisse+leo+ipsum%2C+rutrum+cursus%2C+malesuada+id%2C+dapibus+sed%2C+urna.+Fusce+sollicitudin+laoreet+diam.+Mauris+eu+quam+eget+nulla+fermentum+adipiscing.+In+hac+habitasse+platea+dictumst.+Morbi+ut+odio+vitae+eros+luctus+luctus.+Ut+diam.+Phasellus+ullamcorper+arcu+vitae+wisi.+Pellentesque+urna+odio%2C+varius+eget%2C+dignissim+quis%2C+vehicula+placerat%2C+nunc.+Ut+nec+metus+quis+nulla+posuere+eleifend.%0ASuspendisse+nibh.+Nunc+vulputate+leo+id+urna.+Donec+dictum.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Suspendisse+dictum%2C+magna+consectetuer+hendrerit+volutpat%2C+sapien+felis+faucibus+justo%2C+ac+dictum+lacus+pede+in+metus.+Nam+commodo.+Sed+consequat%2C+leo+pretium+sagittis+congue%2C+ante+nunc+laoreet+nisl%2C+ac+aliquam+risus+tellus+commodo+elit.+Cras+at+elit.+Pellentesque+suscipit+erat+vitae+mauris.+Sed+iaculis+eros+vitae+mauris.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Suspendisse+id+ante+et+elit+accumsan+semper.+Sed+et+nibh+eget+purus+scelerisque+volutpat.+Sed+mi.+Proin+tellus+felis%2C+tincidunt+eget%2C+dictum+et%2C+adipiscing+et%2C+urna.+Cras+accumsan+diam+sed+turpis.+Etiam+sollicitudin+lacus.%0ANam+iaculis+blandit+purus.+Mauris+odio+nibh%2C+hendrerit+id%2C+cursus+vel%2C+sagittis+a%2C+dolor.+Nullam+turpis+lacus%2C+ultrices+vel%2C+sagittis+vitae%2C+dapibus+vel%2C+elit.+Suspendisse+auctor%2C+sapien+et+suscipit+tempor%2C+turpis+enim+consequat+sem%2C+eu+dictum+nunc+lorem+at+massa.+Pellentesque+scelerisque+purus.+Etiam+sed+enim.+Maecenas+sed+tortor+id+turpis+consequat+consequat.+Curabitur+fringilla.+Sed+risus+wisi%2C+dictum+a%2C+sagittis+nec%2C+luctus+ac%2C+neque.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Sed+nibh+neque%2C+aliquam+ut%2C+sagittis+id%2C+gravida+et%2C+est.+Aenean+consectetuer+pretium+enim.+Aenean+tellus+quam%2C+condimentum+a%2C+adipiscing+et%2C+lacinia+vel%2C+ante.+Praesent+faucibus+dignissim+enim.+Aliquam+tincidunt.+Mauris+leo+ante%2C+condimentum+eget%2C+vestibulum+sit+amet%2C+fringilla+eget%2C+diam.+Nam+ultricies+ullamcorper+nibh.+Etiam+neque.+Ut+posuere+laoreet+pede.&', 'c'); -INSERT INTO `pages` VALUES (49, 'Test:BBCode', 'bbcode', 0x09, 'title=BBCode&code=Test%0A%5Bb%5DTest%5Bb%5D%0A%5Bi%5DTest%5B%2Fi%5D%0A%5Bu%5DTest%5B%2Fu%5D&', 'c'); +INSERT INTO `pages` VALUES (47, 'Home:Startseite', 'default', 'title=Startseite&content=Welcome+to+Neon&', 'c'); +INSERT INTO `pages` VALUES (48, 'Test:LoremIpsum', 'default', 'title=Lorem+Ipsum&content=Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Ut+a+sapien.+Aliquam+aliquet+purus+molestie+dolor.+Integer+quis+eros+ut+erat+posuere+dictum.+Curabitur+dignissim.+Integer+orci.+Fusce+vulputate+lacus+at+ipsum.+Quisque+in+libero+nec+mi+laoreet+volutpat.+Aliquam+eros+pede%2C+scelerisque+quis%2C+tristique+cursus%2C+placerat+convallis%2C+velit.+Nam+condimentum.+Nulla+ut+mauris.+Curabitur+adipiscing%2C+mauris+non+dictum+aliquam%2C+arcu+risus+dapibus+diam%2C+nec+sollicitudin+quam+erat+quis+ligula.+Aenean+massa+nulla%2C+volutpat+eu%2C+accumsan+et%2C+fringilla+eget%2C+odio.+Nulla+placerat+porta+justo.+Nulla+vitae+turpis.+Praesent+lacus.%0AVestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Aliquam+ultricies+lacus+eu+dui.+Duis+viverra+risus+et+eros.+Aenean+odio+dolor%2C+tristique+quis%2C+commodo+id%2C+posuere+sit+amet%2C+dui.+Pellentesque+velit.+Aliquam+erat+volutpat.+Duis+sagittis+nibh+sed+justo.+Sed+ultrices+nisl+sed+pede.+Sed+tempor+lorem+in+leo.+Integer+gravida+tincidunt+nunc.+Vivamus+ut+quam+vel+ligula+tristique+condimentum.+Proin+facilisis.+Aliquam+sagittis+lacinia+mi.+Donec+sagittis+luctus+dui.+Maecenas+quam+ante%2C+vestibulum+auctor%2C+blandit+in%2C+iaculis+in%2C+velit.+Aliquam+at+ligula.+Nam+a+tellus.+Aliquam+eu+nulla+at+turpis+vulputate+hendrerit.+Proin+at+diam.+Curabitur+euismod.%0ALorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Quisque+vel+erat+eget+diam+consectetuer+iaculis.+Cras+ante+velit%2C+suscipit+et%2C+porta+tempus%2C+dignissim+quis%2C+magna.+Vivamus+viverra%2C+turpis+nec+rhoncus+ultricies%2C+diam+turpis+eleifend+nisl%2C+a+eleifend+ante+felis+ac+sapien.+Integer+bibendum.+Suspendisse+in+mi+non+neque+bibendum+convallis.+Suspendisse+potenti.+Sed+sit+amet+purus+at+felis+adipiscing+aliquam.+Vivamus+et+nisl+sit+amet+mauris+aliquet+molestie.+Integer+tortor+massa%2C+aliquam+a%2C+lacinia+nonummy%2C+sagittis+nec%2C+eros.+Nunc+non+mauris+id+eros+venenatis+adipiscing.+Cras+et+lectus+ut+nisl+pharetra+ornare.+Proin+leo+risus%2C+elementum+eget%2C+ultrices+vitae%2C+molestie+sed%2C+erat.+Curabitur+et+lectus+in+tellus+egestas+hendrerit.+Sed+dapibus+ipsum.+Quisque+sit+amet+ligula.+Suspendisse+odio+dolor%2C+semper+id%2C+feugiat+quis%2C+sodales+id%2C+mauris.+Curabitur+id+ligula+ac+libero+malesuada+pharetra.%0ASuspendisse+potenti.+Cras+ut+mi+sit+amet+quam+consequat+consequat.+Aenean+ut+lectus.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Suspendisse+vel+sapien.+Nullam+non+turpis.+Pellentesque+elementum+pharetra+ligula.+In+rhoncus.+Aliquam+vel+enim+consequat+sem+aliquet+hendrerit.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Nam+felis.%0ACum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Maecenas+tortor+metus%2C+pellentesque+nec%2C+vehicula+vitae%2C+suscipit+sed%2C+quam.+Aenean+scelerisque+sodales+tortor.+Sed+purus.+Curabitur+turpis+est%2C+bibendum+tristique%2C+porttitor+tempor%2C+pulvinar+vitae%2C+tortor.+Nullam+malesuada+dapibus+orci.+Vivamus+aliquet+tempus+velit.+Curabitur+interdum+posuere+risus.+Duis+egestas%2C+ipsum+sit+amet+molestie+tincidunt%2C+ligula+libero+pretium+risus%2C+non+faucibus+tellus+felis+mattis+sapien.+Ut+eu+velit+at+massa+auctor+mattis.+Nam+tristique+velit+quis+nisl.%0AVivamus+neque+velit%2C+ornare+vitae%2C+tempor+vel%2C+ultrices+et%2C+wisi.+Cras+pede.+Phasellus+nunc+turpis%2C+cursus+non%2C+rhoncus+vitae%2C+sollicitudin+vel%2C+velit.+Vivamus+suscipit+lorem+sed+felis.+Vestibulum+vestibulum+ultrices+turpis.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Praesent+ornare+nulla+nec+justo.+Sed+nec+risus+ac+risus+fermentum+vestibulum.+Etiam+viverra+viverra+sem.+Etiam+molestie+mi+quis+metus+hendrerit+tristique.%0AQuisque+lobortis+euismod+metus.+Nam+ante.+Nulla+fermentum%2C+risus+non+pulvinar+porttitor%2C+enim+pede+egestas+nibh%2C+sit+amet+posuere+metus+tortor+id+enim.+Donec+at+sem.+Vestibulum+in+lectus+ut+diam+lacinia+lacinia.+Maecenas+sit+amet+nulla.+Suspendisse+vel+dolor.+Nunc+hendrerit+elit+vitae+quam.+In+nonummy+velit+nec+lorem.+Etiam+rhoncus+felis+a+turpis.+Aliquam+vel+nulla.+Ut+nonummy%2C+nisl+non+sodales+iaculis%2C+mi+tellus+viverra+diam%2C+eget+euismod+dui+turpis+at+mi.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+hymenaeos.+Vestibulum+nec+quam+ac+lectus+sagittis+tincidunt.%0ANulla+facilisi.+Nam+varius+ante+dignissim+arcu.+Suspendisse+molestie+dignissim+neque.+Suspendisse+leo+ipsum%2C+rutrum+cursus%2C+malesuada+id%2C+dapibus+sed%2C+urna.+Fusce+sollicitudin+laoreet+diam.+Mauris+eu+quam+eget+nulla+fermentum+adipiscing.+In+hac+habitasse+platea+dictumst.+Morbi+ut+odio+vitae+eros+luctus+luctus.+Ut+diam.+Phasellus+ullamcorper+arcu+vitae+wisi.+Pellentesque+urna+odio%2C+varius+eget%2C+dignissim+quis%2C+vehicula+placerat%2C+nunc.+Ut+nec+metus+quis+nulla+posuere+eleifend.%0ASuspendisse+nibh.+Nunc+vulputate+leo+id+urna.+Donec+dictum.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Suspendisse+dictum%2C+magna+consectetuer+hendrerit+volutpat%2C+sapien+felis+faucibus+justo%2C+ac+dictum+lacus+pede+in+metus.+Nam+commodo.+Sed+consequat%2C+leo+pretium+sagittis+congue%2C+ante+nunc+laoreet+nisl%2C+ac+aliquam+risus+tellus+commodo+elit.+Cras+at+elit.+Pellentesque+suscipit+erat+vitae+mauris.+Sed+iaculis+eros+vitae+mauris.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Suspendisse+id+ante+et+elit+accumsan+semper.+Sed+et+nibh+eget+purus+scelerisque+volutpat.+Sed+mi.+Proin+tellus+felis%2C+tincidunt+eget%2C+dictum+et%2C+adipiscing+et%2C+urna.+Cras+accumsan+diam+sed+turpis.+Etiam+sollicitudin+lacus.%0ANam+iaculis+blandit+purus.+Mauris+odio+nibh%2C+hendrerit+id%2C+cursus+vel%2C+sagittis+a%2C+dolor.+Nullam+turpis+lacus%2C+ultrices+vel%2C+sagittis+vitae%2C+dapibus+vel%2C+elit.+Suspendisse+auctor%2C+sapien+et+suscipit+tempor%2C+turpis+enim+consequat+sem%2C+eu+dictum+nunc+lorem+at+massa.+Pellentesque+scelerisque+purus.+Etiam+sed+enim.+Maecenas+sed+tortor+id+turpis+consequat+consequat.+Curabitur+fringilla.+Sed+risus+wisi%2C+dictum+a%2C+sagittis+nec%2C+luctus+ac%2C+neque.+Lorem+ipsum+dolor+sit+amet%2C+consectetuer+adipiscing+elit.+Sed+nibh+neque%2C+aliquam+ut%2C+sagittis+id%2C+gravida+et%2C+est.+Aenean+consectetuer+pretium+enim.+Aenean+tellus+quam%2C+condimentum+a%2C+adipiscing+et%2C+lacinia+vel%2C+ante.+Praesent+faucibus+dignissim+enim.+Aliquam+tincidunt.+Mauris+leo+ante%2C+condimentum+eget%2C+vestibulum+sit+amet%2C+fringilla+eget%2C+diam.+Nam+ultricies+ullamcorper+nibh.+Etiam+neque.+Ut+posuere+laoreet+pede.&', 'c'); +INSERT INTO `pages` VALUES (49, 'Test:BBCode', 'bbcode', 'title=BBCode&code=Test%0A%5Bb%5DTest%5Bb%5D%0A%5Bi%5DTest%5B%2Fi%5D%0A%5Bu%5DTest%5B%2Fu%5D&', 'c'); + +-- -------------------------------------------------------- + +-- +-- Tabellenstruktur für Tabelle `privs` +-- + +CREATE TABLE `privs` ( + `id` bigint(20) NOT NULL, + `name` varchar(255) NOT NULL, + `type` enum('c','n','e') NOT NULL, + `readaccess` text NOT NULL, + PRIMARY KEY (`id`), + UNIQUE KEY `name` (`name`,`type`) +) TYPE=MyISAM AUTO_INCREMENT=9 ; + +-- +-- Daten für Tabelle `privs` +-- + +INSERT INTO `privs` VALUES (6, 'Home:Startseite', 'c', '9'); +INSERT INTO `privs` VALUES (2, 'Test:LoremIpsum', 'c', '9'); +INSERT INTO `privs` VALUES (3, 'Test:BBCode', 'c', '9'); -- -------------------------------------------------------- @@ -107,6 +129,6 @@ CREATE TABLE `users` ( -- Daten für Tabelle `users` -- -INSERT INTO `users` VALUES (1, '', 0, 'NeoRaider', 'gamezock', '2006-04-13 02:30:31'); +INSERT INTO `users` VALUES (1, '', 0, 'NeoRaider', 'gamezock', '2006-04-14 02:13:08'); INSERT INTO `users` VALUES (3, '', 0, 'sicarius', 'armleuchter', '2006-03-05 23:46:46'); INSERT INTO `users` VALUES (4, '', 0, 'morti', 'return', '2006-03-05 22:02:27'); diff --git a/pages/Login.c.xml b/pages/Login.c.xml index 5175136..666bf4e 100644 --- a/pages/Login.c.xml +++ b/pages/Login.c.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>01</access> + <access>1</access> <type>c</type> </info> <data> diff --git a/pages/Login.n.xml b/pages/Login.n.xml index c6c50b3..4e58e32 100644 --- a/pages/Login.n.xml +++ b/pages/Login.n.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>01</access> + <access>1</access> <type>n</type> </info> <data> diff --git a/pages/Logout.c.xml b/pages/Logout.c.xml index 4fcb5b2..88bbae3 100644 --- a/pages/Logout.c.xml +++ b/pages/Logout.c.xml @@ -3,7 +3,7 @@ <info> <name>Logout</name> <template>phpexec</template> - <access>08</access> + <access>8</access> <type>c</type> </info> <data> diff --git a/pages/Pages.c.xml b/pages/Pages.c.xml index 8435abd..7722ac5 100644 --- a/pages/Pages.c.xml +++ b/pages/Pages.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Copy.c.xml b/pages/Pages/Copy.c.xml index 49aede8..e0b2ea8 100644 --- a/pages/Pages/Copy.c.xml +++ b/pages/Pages/Copy.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Copy</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Delete.c.xml b/pages/Pages/Delete.c.xml index 62c8f41..60d7cb6 100644 --- a/pages/Pages/Delete.c.xml +++ b/pages/Pages/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Delete</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Edit.c.xml b/pages/Pages/Edit.c.xml index bf4ea6a..6680ef6 100644 --- a/pages/Pages/Edit.c.xml +++ b/pages/Pages/Edit.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Edit</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Handle.c.xml b/pages/Pages/Handle.c.xml index 55aae8b..47fa776 100644 --- a/pages/Pages/Handle.c.xml +++ b/pages/Pages/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Handle</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/New.c.xml b/pages/Pages/New.c.xml index 8ee794e..aae764d 100644 --- a/pages/Pages/New.c.xml +++ b/pages/Pages/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:New</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Rename.c.xml b/pages/Pages/Rename.c.xml index be485e2..9744a85 100644 --- a/pages/Pages/Rename.c.xml +++ b/pages/Pages/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Rename</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Privileges.c.xml b/pages/Privileges.c.xml index 7374abb..dd263ac 100644 --- a/pages/Privileges.c.xml +++ b/pages/Privileges.c.xml @@ -3,7 +3,7 @@ <info> <name>Privileges</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> @@ -59,16 +59,18 @@ foreach($pages as $page) { if($page[strlen($page)-1] != $type) continue; - $pagedata = $GLOBALS['pages']->GetPageData(substr($page, 0, -2), $type); + $page = substr($page, 0, -2); + + $access = $GLOBALS['pages']->GetAccess($page, $type); echo '<tr class="line' . ($linex ? '1' : '2') . '">'; $linex = !$linex; - echo '<td class="page">' . $pagedata['name'] . '</td>'; + echo '<td class="page">' . $page . '</td>'; foreach($groups as $group) { - echo '<td><input type="checkbox" name="' . $pagedata['name'] . ':' . $group[0] . '" value="true" '; - if((hexdec(substr($pagedata['access'], ($group[0]/8)*2, 2)) & (1 << ($group[0]%8))) != 0) echo 'checked="checked" '; + echo '<td><input type="checkbox" name="' . $page . ':' . $group[0] . '" value="true" '; + if((hexdec($access[$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo 'checked="checked" '; echo '/></td>'; } diff --git a/pages/Privileges/Update.c.xml b/pages/Privileges/Update.c.xml index 033bb7f..a8a8c54 100644 --- a/pages/Privileges/Update.c.xml +++ b/pages/Privileges/Update.c.xml @@ -3,7 +3,7 @@ <info> <name>Privileges:Update</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> @@ -30,46 +30,17 @@ $page = substr($page, 0, -2); - $access = array_fill(0, $group_max/8 + 1, 0); + $access = join('', array_fill(0, $group_max/4 + 1, '0')); - foreach($groups as $group) { + foreach($groups as $group) if(isset($_POST[$page . ':' . $group[0]])) - $access[$group[0]/8] |= (1 << ($group[0]%8)); - } + $access[$group[0]/4] = dechex(hexdec($access[$group[0]/4]) | (1 << ($group[0]%4))); - $privileges = join('', array_map('chr', $access)); - - $GLOBALS['db']->Execute('UPDATE pages SET access = ? WHERE name = ?', array($privileges, $page)); - - if($GLOBALS['db']->Affected_Rows()) continue; - - $pagedata = $GLOBALS['pages']->GetPageData($page, $_POST['type']); - - $access = ''; - - for($i = 0; $i < strlen($pagedata['access']); $i+=2) - $access .= chr(hexdec(substr($pagedata['access'], $i, 2))); - - if($access == substr($privileges, 0, strlen($access))) { - for($i = strlen($access); $i < strlen($privileges); $i++) - if($privileges[$i] != 0) break; - - if($i == strlen($privileges)) continue; - } - - $string = ''; - - foreach($pagedata['data'] as $key => $val) - $string .= urlencode($key) . '=' . urlencode($val) . '&'; - - $GLOBALS['db']->Execute('INSERT INTO pages (name, template, access, data, type) VALUES (?, ?, ?, ?, ?)', - array($page, $pagedata['template'], $access, $string, $_POST['type'])); + $GLOBALS['pages']->SetAccess($page, $_POST['type'], $access); } header('Location: ' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=' . $_POST['type'], false)); exit(); - - $GLOBALS['pages']->GetPageData() ?> ]]> </code> diff --git a/pages/Users.c.xml b/pages/Users.c.xml index 076f035..d268cb9 100644 --- a/pages/Users.c.xml +++ b/pages/Users.c.xml @@ -3,7 +3,7 @@ <info> <name>Users</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Delete.c.xml b/pages/Users/Delete.c.xml index c4d9594..b5307db 100644 --- a/pages/Users/Delete.c.xml +++ b/pages/Users/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Delete</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Group.c.xml b/pages/Users/Group.c.xml index 3a7f216..ae3b487 100644 --- a/pages/Users/Group.c.xml +++ b/pages/Users/Group.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Group</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Handle.c.xml b/pages/Users/Handle.c.xml index 9002d9f..138873a 100644 --- a/pages/Users/Handle.c.xml +++ b/pages/Users/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Handle</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/New.c.xml b/pages/Users/New.c.xml index 2356c37..41334e4 100644 --- a/pages/Users/New.c.xml +++ b/pages/Users/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:New</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Password.c.xml b/pages/Users/Password.c.xml index 5544e6b..30663c0 100644 --- a/pages/Users/Password.c.xml +++ b/pages/Users/Password.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Password</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Rename.c.xml b/pages/Users/Rename.c.xml index c076b10..3484aba 100644 --- a/pages/Users/Rename.c.xml +++ b/pages/Users/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Rename</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>c</type> </info> <data> diff --git a/pages/default.e.xml b/pages/default.e.xml index da641dd..65d2229 100644 --- a/pages/default.e.xml +++ b/pages/default.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>e</type> </info> <data> diff --git a/pages/phpexec.e.xml b/pages/phpexec.e.xml index d56262d..82f0ed9 100644 --- a/pages/phpexec.e.xml +++ b/pages/phpexec.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>00</access> + <access>0</access> <type>e</type> </info> <data> |