13.1.08 bug de permission de pages avec enfants
This commit is contained in:
parent
9512df44a6
commit
dfdeb5a5cc
|
|
@ -3,6 +3,8 @@
|
|||
|
||||
## Version 13.1.08
|
||||
|
||||
### Corrige des erreurs quand une page parente ou des pages enfants ont des permissions limitées.
|
||||
|
||||
### Améliorations
|
||||
|
||||
- Sauvegarde de l'état des sélecteurs dans les tables des fontes et des utilisateurs.
|
||||
|
|
|
|||
100
core/core.php
100
core/core.php
|
|
@ -83,13 +83,13 @@ class common
|
|||
"user"
|
||||
];
|
||||
/*
|
||||
Cette variable est supprimée du test dans le routeur.
|
||||
public static $accessExclude = [
|
||||
'login',
|
||||
'logout',
|
||||
"maintenance",
|
||||
];
|
||||
*/
|
||||
Cette variable est supprimée du test dans le routeur.
|
||||
public static $accessExclude = [
|
||||
'login',
|
||||
'logout',
|
||||
"maintenance",
|
||||
];
|
||||
*/
|
||||
private $data = [];
|
||||
private $hierarchy = [
|
||||
'all' => [],
|
||||
|
|
@ -300,19 +300,19 @@ class common
|
|||
|
||||
// Boutons de navigation dans la page
|
||||
public static $navIconTemplate = [
|
||||
'open' => [
|
||||
'left' => 'left-open',
|
||||
'right' => 'right-open',
|
||||
],
|
||||
'dir' => [
|
||||
'left' => 'left',
|
||||
'right' => 'right-dir',
|
||||
],
|
||||
'big' => [
|
||||
'left' => 'left-big',
|
||||
'right' => 'right-big',
|
||||
],
|
||||
];
|
||||
'open' => [
|
||||
'left' => 'left-open',
|
||||
'right' => 'right-open',
|
||||
],
|
||||
'dir' => [
|
||||
'left' => 'left',
|
||||
'right' => 'right-dir',
|
||||
],
|
||||
'big' => [
|
||||
'left' => 'left-big',
|
||||
'right' => 'right-big',
|
||||
],
|
||||
];
|
||||
|
||||
/**
|
||||
* Constructeur commun
|
||||
|
|
@ -321,15 +321,15 @@ class common
|
|||
{
|
||||
|
||||
// Extraction des données http
|
||||
if (isset($_POST)) {
|
||||
if (isset ($_POST)) {
|
||||
$this->input['_POST'] = $_POST;
|
||||
}
|
||||
if (isset($_COOKIE)) {
|
||||
if (isset ($_COOKIE)) {
|
||||
$this->input['_COOKIE'] = $_COOKIE;
|
||||
}
|
||||
|
||||
// Déterminer la langue du contenu du site
|
||||
if (isset($_SESSION['ZWII_CONTENT'])) {
|
||||
if (isset ($_SESSION['ZWII_CONTENT'])) {
|
||||
// Déterminé par la session présente
|
||||
self::$siteContent = $_SESSION['ZWII_CONTENT'];
|
||||
} else {
|
||||
|
|
@ -370,13 +370,13 @@ class common
|
|||
// Langue sélectionnée dans le compte, la langue du cookie sinon celle du compte ouvert
|
||||
self::$i18nUI = $this->getData(['user', $this->getUser('id'), 'language']);
|
||||
// Validation de la langue
|
||||
self::$i18nUI = isset(self::$i18nUI) && file_exists(self::I18N_DIR . self::$i18nUI . '.json')
|
||||
self::$i18nUI = isset (self::$i18nUI) && file_exists(self::I18N_DIR . self::$i18nUI . '.json')
|
||||
? self::$i18nUI
|
||||
: 'fr_FR';
|
||||
} else {
|
||||
if (isset($_SESSION['ZWII_UI'])) {
|
||||
if (isset ($_SESSION['ZWII_UI'])) {
|
||||
self::$i18nUI = $_SESSION['ZWII_UI'];
|
||||
} elseif (isset($_COOKIE['ZWII_UI'])) {
|
||||
} elseif (isset ($_COOKIE['ZWII_UI'])) {
|
||||
self::$i18nUI = $_COOKIE['ZWII_UI'];
|
||||
} else {
|
||||
self::$i18nUI = 'fr_FR';
|
||||
|
|
@ -422,8 +422,8 @@ class common
|
|||
// Données de proxy
|
||||
$proxy = $this->getData(['config', 'proxyType']) . $this->getData(['config', 'proxyUrl']) . ':' . $this->getData(['config', 'proxyPort']);
|
||||
if (
|
||||
!empty($this->getData(['config', 'proxyUrl'])) &&
|
||||
!empty($this->getData(['config', 'proxyPort']))
|
||||
!empty ($this->getData(['config', 'proxyUrl'])) &&
|
||||
!empty ($this->getData(['config', 'proxyPort']))
|
||||
) {
|
||||
$context = array(
|
||||
'http' => array(
|
||||
|
|
@ -441,7 +441,7 @@ class common
|
|||
}
|
||||
|
||||
// Mise à jour des données core
|
||||
include('core/include/update.inc.php');
|
||||
include ('core/include/update.inc.php');
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -466,12 +466,12 @@ class common
|
|||
if (preg_match('#\[(.*)\]#', $key, $secondKey)) {
|
||||
$firstKey = explode('[', $key)[0];
|
||||
$secondKey = $secondKey[1];
|
||||
if (empty($this->input['_POST'][$firstKey][$secondKey])) {
|
||||
if (empty ($this->input['_POST'][$firstKey][$secondKey])) {
|
||||
common::$inputNotices[$firstKey . '_' . $secondKey] = helper::translate('Obligatoire');
|
||||
}
|
||||
}
|
||||
// La clef est une chaine
|
||||
elseif (empty($this->input['_POST'][$key])) {
|
||||
elseif (empty ($this->input['_POST'][$key])) {
|
||||
common::$inputNotices[$key] = helper::translate('Obligatoire');
|
||||
}
|
||||
}
|
||||
|
|
@ -481,7 +481,7 @@ class common
|
|||
*/
|
||||
public function checkCSRF()
|
||||
{
|
||||
return ((empty($_POST['csrf']) or hash_equals($_POST['csrf'], $_SESSION['csrf']) === false) === false);
|
||||
return ((empty ($_POST['csrf']) or hash_equals($_POST['csrf'], $_SESSION['csrf']) === false) === false);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -511,8 +511,8 @@ class common
|
|||
{
|
||||
// Pas d'enregistrement lorsqu'une notice est présente ou tableau transmis vide
|
||||
if (
|
||||
!empty(self::$inputNotices)
|
||||
or empty($keys)
|
||||
!empty (self::$inputNotices)
|
||||
or empty ($keys)
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
|
@ -630,7 +630,7 @@ class common
|
|||
public function initData($module, $lang, $sampleSite = false)
|
||||
{
|
||||
// Tableau avec les données vierges
|
||||
require_once('core/module/install/ressource/defaultdata.php');
|
||||
require_once ('core/module/install/ressource/defaultdata.php');
|
||||
|
||||
if (!file_exists(self::DATA_DIR . $lang)) {
|
||||
mkdir(self::DATA_DIR . $lang, 0755);
|
||||
|
|
@ -736,21 +736,21 @@ class common
|
|||
}
|
||||
// Enfants
|
||||
foreach ($pages as $pageId => $pagePosition) {
|
||||
|
||||
if (
|
||||
// Page parent
|
||||
$parentId = $this->getData(['page', $pageId, 'parentPageId'])
|
||||
// Ignore les pages dont l'utilisateur n'a pas accès
|
||||
and (
|
||||
($this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
|
||||
and $this->getData(['page', $parentId, 'group']) === self::GROUP_VISITOR
|
||||
(
|
||||
$this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
|
||||
and
|
||||
$this->getData(['page', $parentId, 'group']) === self::GROUP_VISITOR
|
||||
)
|
||||
or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||
//and $this->getUser('group') >= $this->getData(['page', $parentId, 'group'])
|
||||
//and $this->getUser('group') >= $this->getData(['page', $pageId, 'group'])
|
||||
|
||||
// Modification qui tient compte du profil de la page
|
||||
and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $this->$parentId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $this->$parentId, 'profil']))
|
||||
and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $this->$pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil']))
|
||||
or (
|
||||
$this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||
and
|
||||
$this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil'])
|
||||
|
||||
)
|
||||
)
|
||||
|
|
@ -788,7 +788,7 @@ class common
|
|||
];
|
||||
}
|
||||
// Traitement
|
||||
if (empty($childIds)) {
|
||||
if (empty ($childIds)) {
|
||||
// Pas d'enfant, uniquement l'entrée du parent
|
||||
$parents[] = [
|
||||
'title' => html_entity_decode($this->getData(['page', $parentId, 'title']), ENT_QUOTES),
|
||||
|
|
@ -1069,7 +1069,7 @@ class common
|
|||
// Articles du blog
|
||||
if (
|
||||
$this->getData(['page', $parentPageId, 'moduleId']) === 'blog' &&
|
||||
!empty($this->getData(['module', $parentPageId]))
|
||||
!empty ($this->getData(['module', $parentPageId]))
|
||||
) {
|
||||
foreach ($this->getData(['module', $parentPageId, 'posts']) as $articleId => $article) {
|
||||
if ($this->getData(['module', $parentPageId, 'posts', $articleId, 'state']) === true) {
|
||||
|
|
@ -1091,7 +1091,7 @@ class common
|
|||
// La sous-page est un blog
|
||||
if (
|
||||
$this->getData(['page', $childKey, 'moduleId']) === 'blog' &&
|
||||
!empty($this->getData(['module', $childKey]))
|
||||
!empty ($this->getData(['module', $childKey]))
|
||||
) {
|
||||
foreach ($this->getData(['module', $childKey, 'posts']) as $articleId => $article) {
|
||||
if ($this->getData(['module', $childKey, 'posts', $articleId, 'state']) === true) {
|
||||
|
|
@ -1125,7 +1125,7 @@ class common
|
|||
}
|
||||
|
||||
// Submit your sitemaps to Google, Yahoo, Bing and Ask.com
|
||||
if (empty($this->getData(['config', 'proxyType']) . $this->getData(['config', 'proxyUrl']) . ':' . $this->getData(['config', 'proxyPort']))) {
|
||||
if (empty ($this->getData(['config', 'proxyType']) . $this->getData(['config', 'proxyUrl']) . ':' . $this->getData(['config', 'proxyPort']))) {
|
||||
$sitemap->submitSitemap();
|
||||
}
|
||||
|
||||
|
|
@ -1392,9 +1392,9 @@ class common
|
|||
public function saveLog($message = '')
|
||||
{
|
||||
// Journalisation
|
||||
$dataLog = helper::dateUTF8('%Y%m%d', time(), self::$i18nUI) . ';' . helper::dateUTF8('%H:%M', time(), self::$i18nUI). ';';
|
||||
$dataLog = helper::dateUTF8('%Y%m%d', time(), self::$i18nUI) . ';' . helper::dateUTF8('%H:%M', time(), self::$i18nUI) . ';';
|
||||
$dataLog .= helper::getIp($this->getData(['config', 'connect', 'anonymousIp'])) . ';';
|
||||
$dataLog .= empty($this->getUser('id')) ? 'visitor;' : $this->getUser('id') . ';';
|
||||
$dataLog .= empty ($this->getUser('id')) ? 'visitor;' : $this->getUser('id') . ';';
|
||||
$dataLog .= $message ? $this->getUrl() . ';' . $message : $this->getUrl();
|
||||
$dataLog .= PHP_EOL;
|
||||
if ($this->getData(['config', 'connect', 'log'])) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue