diff options
Diffstat (limited to 'code/pages.inc.php')
-rw-r--r-- | code/pages.inc.php | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/code/pages.inc.php b/code/pages.inc.php index 4516303..710bb44 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -2,9 +2,9 @@ if(!defined('PAGES_INC')) { define('PAGES_INC', 1); - include('code/db.inc.php'); - include('code/user.inc.php'); - include('code/handlers.inc.php'); + require_once('code/db.inc.php'); + require_once('code/user.inc.php'); + require_once('code/handlers.inc.php'); class Pages { function Get($name, $type, $extra = null) { @@ -12,14 +12,14 @@ return array('title' => $name, 'content' => ErrorMessage('PageNotFound', array('page' => $name))); - $res = $GLOBALS['db']->Query('SELECT id, handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + $res = $GLOBALS['db']->Execute('SELECT id, handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$this->HasAccess($name, $type)) return array('title' => $name, 'content' => ErrorMessage('Forbidden', array('page' => $name))); parse_str($res->fields[2], $data); - $data = array_map('stripslashes', $data); + $data = array_map('Unquote', $data); if($extra) $data = array_merge($data, $extra); $data['_id'] = $res->fields[0]; $data['_page'] = $name; @@ -32,14 +32,14 @@ return array('title' => $name, 'content' => ErrorMessage('PageNotFound', array('page' => $name))); - $res = $GLOBALS['db']->Query('SELECT id, handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + $res = $GLOBALS['db']->Execute('SELECT id, handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$GLOBALS['user']->IsAdmin()) return array('title' => $name, 'content' => ErrorMessage('Forbidden', array('page' => $name))); parse_str($res->fields[2], $data = null); - $data = array_map('stripslashes', $data); + $data = array_map('Unquote', $data); $data['_id'] = $res->fields[0]; $data['_page'] = $name; @@ -47,15 +47,16 @@ } function Exists($name, $type) { - $res = $GLOBALS['db']->Query('SELECT id FROM pages WHERE name = ? AND type = ?', array($name, $type)); + $res = $GLOBALS['db']->Execute('SELECT id FROM pages WHERE name = ? AND type = ?', array($name, $type)); return ($res->RecordCount() > 0); } function HasAccess($name, $type) { - $res = $GLOBALS['db']->Query('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); + $gid = $GLOBALS['user']->GetGid(); + $res = $GLOBALS['db']->Execute('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); - return ($GLOBALS['user']->IsAdmin() || ($res->fields[0] & (1 << $GLOBALS['user']->GetGid())) != 0); + return ($GLOBALS['user']->IsAdmin() || (ord($res->fields[0][$gid/8]) & (1 << ($gid%8))) != 0); } } |