diff options
Diffstat (limited to 'code/pages.inc.php')
-rw-r--r-- | code/pages.inc.php | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/code/pages.inc.php b/code/pages.inc.php index 541b0ea..f24f283 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -9,7 +9,7 @@ class Pages { function Get($name, $type) { if(!$this->Exists($name, $type)) { - $message = $GLOBALS['handlers']['default']->HandleErrorMessage('PageNotFound', array('page' => $name)); + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -19,7 +19,7 @@ $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$this->HasAccess($name, $type)) { - $message = $GLOBALS['handlers'][$res->fields[0]]->HandleErrorMessage('Forbidden', array('page' => $name)); + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -30,7 +30,33 @@ $data = array_map('stripslashes', $data); $data['_page'] = $name; - return $GLOBALS['handlers'][$res->fields[0]]->HandleContentData($data); + return $GLOBALS['handlers'][$res->fields[0]]->Get($data); + } + + function Edit($name, $type) { + if(!$this->Exists($name, $type)) { + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + + if(!$GLOBALS['user']->IsAdmin()) { + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + parse_str($res->fields[1], $data); + $data = array_map('stripslashes', $data); + $data['_page'] = $name; + + return $GLOBALS['handlers'][$res->fields[0]]->Edit($data); } function Exists($name, $type) { @@ -40,12 +66,9 @@ } function HasAccess($name, $type) { - $user = $GLOBALS['user']; - $res = DBQuery('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); - return ((($user->GetUid() != 0) && ($user->GetGid() == 0)) - || ($res->fields[0] & (1 << $user->GetGid())) != 0); + return ($GLOBALS['user']->IsAdmin() || ($res->fields[0] & (1 << $GLOBALS['user']->GetGid())) != 0); } } |