forked from ZwiiCMS-Team/ZwiiCMS
Modif Sylvain
This commit is contained in:
parent
ef71b79225
commit
87d2e22577
6
.gitignore
vendored
6
.gitignore
vendored
@ -36,9 +36,3 @@ site/data/journal.log
|
|||||||
.DS_Store
|
.DS_Store
|
||||||
site/.DS_Store
|
site/.DS_Store
|
||||||
site/file/.DS_Store
|
site/file/.DS_Store
|
||||||
site/tmp/5f7f5e998762c.png
|
|
||||||
site/tmp/5f7f5e9987628.png
|
|
||||||
site/tmp/5f7f5ea3e983b.png
|
|
||||||
site/tmp/5f7f5ea3e9837.png
|
|
||||||
site/tmp/5f7f5ea20d5eb.png
|
|
||||||
site/tmp/5f7f5ea20d5ee.png
|
|
||||||
|
@ -1797,6 +1797,8 @@ class core extends common {
|
|||||||
}
|
}
|
||||||
// Check l'accès à la page
|
// Check l'accès à la page
|
||||||
$access = null;
|
$access = null;
|
||||||
|
$accessInfo['userName'] = '';
|
||||||
|
$accessInfo['pageId'] = '';
|
||||||
if($this->getData(['page', $this->getUrl(0)]) !== null) {
|
if($this->getData(['page', $this->getUrl(0)]) !== null) {
|
||||||
if(
|
if(
|
||||||
$this->getData(['page', $this->getUrl(0), 'group']) === self::GROUP_VISITOR
|
$this->getData(['page', $this->getUrl(0), 'group']) === self::GROUP_VISITOR
|
||||||
@ -1816,6 +1818,7 @@ class core extends common {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Contrôle si la page demandée est en édition ou accès à la gestion du site
|
* Contrôle si la page demandée est en édition ou accès à la gestion du site
|
||||||
* conditions de blocage :
|
* conditions de blocage :
|
||||||
@ -1824,8 +1827,6 @@ class core extends common {
|
|||||||
* - Une partie de l'URL fait partie de la liste de filtrage (édition d'un module etc..)
|
* - Une partie de l'URL fait partie de la liste de filtrage (édition d'un module etc..)
|
||||||
* - L'édition est ouverte depuis un temps dépassé, on considère que la page est restée ouverte et qu'elle ne sera pas validée
|
* - L'édition est ouverte depuis un temps dépassé, on considère que la page est restée ouverte et qu'elle ne sera pas validée
|
||||||
*/
|
*/
|
||||||
$accessInfo['userName'] = '';
|
|
||||||
$accessInfo['pageId'] = '';
|
|
||||||
foreach($this->getData(['user']) as $userId => $userIds){
|
foreach($this->getData(['user']) as $userId => $userIds){
|
||||||
$t = explode('/',$this->getData(['user', $userId, 'accessUrl']));
|
$t = explode('/',$this->getData(['user', $userId, 'accessUrl']));
|
||||||
if ( $this->getuser('id') &&
|
if ( $this->getuser('id') &&
|
||||||
|
@ -70,14 +70,6 @@ class page extends common {
|
|||||||
* Duplication
|
* Duplication
|
||||||
*/
|
*/
|
||||||
public function duplicate() {
|
public function duplicate() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// Adresse sans le token
|
// Adresse sans le token
|
||||||
$url = explode('&',$this->getUrl(2));
|
$url = explode('&',$this->getUrl(2));
|
||||||
// La page n'existe pas
|
// La page n'existe pas
|
||||||
@ -134,14 +126,6 @@ class page extends common {
|
|||||||
* Création
|
* Création
|
||||||
*/
|
*/
|
||||||
public function add() {
|
public function add() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$pageTitle = 'Nouvelle page';
|
$pageTitle = 'Nouvelle page';
|
||||||
$pageId = helper::increment(helper::filter($pageTitle, helper::FILTER_ID), $this->getData(['page']));
|
$pageId = helper::increment(helper::filter($pageTitle, helper::FILTER_ID), $this->getData(['page']));
|
||||||
$this->setData([
|
$this->setData([
|
||||||
@ -186,14 +170,6 @@ class page extends common {
|
|||||||
* Suppression
|
* Suppression
|
||||||
*/
|
*/
|
||||||
public function delete() {
|
public function delete() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// $url prend l'adresse sans le token
|
// $url prend l'adresse sans le token
|
||||||
$url = explode('&',$this->getUrl(2));
|
$url = explode('&',$this->getUrl(2));
|
||||||
// La page n'existe pas
|
// La page n'existe pas
|
||||||
@ -290,11 +266,11 @@ class page extends common {
|
|||||||
}
|
}
|
||||||
// Suppression
|
// Suppression
|
||||||
else {
|
else {
|
||||||
|
// Met à jour le site map
|
||||||
|
$this->createSitemap('all');
|
||||||
// Effacer la page
|
// Effacer la page
|
||||||
$this->deleteData(['page', $url[0]]);
|
$this->deleteData(['page', $url[0]]);
|
||||||
$this->deleteData(['module', $url[0]]);
|
$this->deleteData(['module', $url[0]]);
|
||||||
// Met à jour le site map
|
|
||||||
$this->createSitemap('all');
|
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl(false),
|
'redirect' => helper::baseUrl(false),
|
||||||
@ -315,9 +291,9 @@ class page extends common {
|
|||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
]);
|
]);
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
// La page existe
|
// La page existe
|
||||||
|
else {
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if($this->isPost()) {
|
if($this->isPost()) {
|
||||||
// Génére l'ID si le titre de la page a changé
|
// Génére l'ID si le titre de la page a changé
|
||||||
@ -348,9 +324,10 @@ class page extends common {
|
|||||||
$this->setData(['config', 'homePageId', $pageId]);
|
$this->setData(['config', 'homePageId', $pageId]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Pour éditeurs et adminisrateurs
|
||||||
|
if( $this->getUser('group') >= self::GROUP_MODERATOR){
|
||||||
// Supprime les données du module en cas de changement de module
|
// Supprime les données du module en cas de changement de module
|
||||||
if( !empty($this->getInput('pageEditModuleId') )
|
if( $this->getInput('pageEditModuleId') !== $this->getData(['page', $this->getUrl(2), 'moduleId'])) {
|
||||||
AND $this->getInput('pageEditModuleId') !== $this->getData(['page', $this->getUrl(2), 'moduleId'])) {
|
|
||||||
$this->deleteData(['module', $pageId]);
|
$this->deleteData(['module', $pageId]);
|
||||||
}
|
}
|
||||||
// Supprime l'ancienne page si l'id a changée
|
// Supprime l'ancienne page si l'id a changée
|
||||||
@ -452,6 +429,11 @@ class page extends common {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
// Sinon pour le rédacteur seul le contenu peut changer
|
||||||
|
else{
|
||||||
|
$this->setData(['page', $pageId, 'content', (empty($this->getInput('pageEditContent', null)) ? '<p> </p>' : $this->getInput('pageEditContent', null))]);
|
||||||
|
}
|
||||||
// Met à jour le site map
|
// Met à jour le site map
|
||||||
$this->createSitemap('all');
|
$this->createSitemap('all');
|
||||||
// Redirection vers la configuration
|
// Redirection vers la configuration
|
||||||
@ -509,5 +491,6 @@ class page extends common {
|
|||||||
'view' => 'edit'
|
'view' => 'edit'
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
echo template::formOpen('pageEditForm');
|
echo template::formOpen('pageEditForm');
|
||||||
// Mise à jour de la liste des pages pour TinyMCE
|
// Mise à jour de la liste des pages pour TinyMCE
|
||||||
$this->pages2Json(); ?>
|
$this->pages2Json();
|
||||||
|
// Validation des buttons réservés aux modérateurs et administrateurs
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col2">
|
<div class="col2">
|
||||||
<?php $href = helper::baseUrl() . $this->getUrl(2); ?>
|
<?php $href = helper::baseUrl() . $this->getUrl(2); ?>
|
||||||
@ -14,23 +15,23 @@ echo template::formOpen('pageEditForm');
|
|||||||
]); ?>
|
]); ?>
|
||||||
</div>
|
</div>
|
||||||
<div class="col2 offset4">
|
<div class="col2 offset4">
|
||||||
<?php if ( $module::$actions['duplicate'] < $this->getUser('group')): ?>
|
<?php if( $this->getUser('group') >= self::GROUP_MODERATOR ){
|
||||||
<?php echo template::button('pageEditDuplicate', [
|
echo template::button('pageEditDuplicate', [
|
||||||
'href' => helper::baseUrl() . 'page/duplicate/' . $this->getUrl(2) . '&csrf=' . $_SESSION['csrf'],
|
'href' => helper::baseUrl() . 'page/duplicate/' . $this->getUrl(2) . '&csrf=' . $_SESSION['csrf'],
|
||||||
'value' => 'Dupliquer',
|
'value' => 'Dupliquer',
|
||||||
'ico' => 'clone'
|
'ico' => 'clone'
|
||||||
]); ?>
|
]);
|
||||||
<?php endif;?>
|
}?>
|
||||||
</div>
|
</div>
|
||||||
<div class="col2">
|
<div class="col2">
|
||||||
<?php if ( $module::$actions['delete'] < $this->getUser('group')): ?>
|
<?php if( $this->getUser('group') >= self::GROUP_MODERATOR ){
|
||||||
<?php echo template::button('pageEditDelete', [
|
echo template::button('pageEditDelete', [
|
||||||
'class' => 'buttonRed',
|
'class' => 'buttonRed',
|
||||||
'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(2) . '&csrf=' . $_SESSION['csrf'],
|
'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(2) . '&csrf=' . $_SESSION['csrf'],
|
||||||
'value' => 'Supprimer',
|
'value' => 'Supprimer',
|
||||||
'ico' => 'cancel'
|
'ico' => 'cancel'
|
||||||
]); ?>
|
]);
|
||||||
<?php endif;?>
|
}?>
|
||||||
</div>
|
</div>
|
||||||
<div class="col2">
|
<div class="col2">
|
||||||
<?php echo template::submit('pageEditSubmit'); ?>
|
<?php echo template::submit('pageEditSubmit'); ?>
|
||||||
@ -51,23 +52,25 @@ echo template::formOpen('pageEditForm');
|
|||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col9">
|
<div class="col9">
|
||||||
<?php echo template::hidden('pageEditModuleRedirect'); ?>
|
<?php echo template::hidden('pageEditModuleRedirect'); ?>
|
||||||
<?php echo template::select('pageEditModuleId', $listModules, [
|
<?php echo template::select('pageEditModuleId', $module::$moduleIds, [
|
||||||
'help' => 'En cas de changement de module, les données du module précédent seront supprimées.',
|
'help' => 'En cas de changement de module, les données du module précédent seront supprimées.',
|
||||||
'label' => 'Module',
|
'label' => 'Module',
|
||||||
'selected' => $this->getData(['page', $this->getUrl(2), 'moduleId'])
|
'selected' => $this->getData(['page', $this->getUrl(2), 'moduleId']),
|
||||||
|
'disabled' => $this->getUser('group') >= self::GROUP_MODERATOR ? false : true
|
||||||
]); ?>
|
]); ?>
|
||||||
<!-- Confirmation de suppression e ca sd'annulation -->
|
|
||||||
<?php echo template::hidden('pageEditModuleIdOld',['value' => $this->getData(['page', $this->getUrl(2), 'moduleId'])]); ?>
|
<?php echo template::hidden('pageEditModuleIdOld',['value' => $this->getData(['page', $this->getUrl(2), 'moduleId'])]); ?>
|
||||||
<?php echo template::hidden('pageEditModuleIdOldText',[
|
<?php echo template::hidden('pageEditModuleIdOldText',[
|
||||||
'value' => array_key_exists($this->getData(['page', $this->getUrl(2), 'moduleId']),$module::$moduleNames)? $module::$moduleNames[$this->getData(['page', $this->getUrl(2), 'moduleId'])] : ucfirst($this->getData(['page', $this->getUrl(2), 'moduleId']))
|
'value' => array_key_exists($this->getData(['page', $this->getUrl(2), 'moduleId']),$module::$moduleNames)? $module::$moduleNames[$this->getData(['page', $this->getUrl(2), 'moduleId'])] : ucfirst($this->getData(['page', $this->getUrl(2), 'moduleId']))
|
||||||
]); ?>
|
]); ?>
|
||||||
</div>
|
</div>
|
||||||
<div class="col3 verticalAlignBottom">
|
<div class="col3 verticalAlignBottom">
|
||||||
<?php echo template::button('pageEditModuleConfig', [
|
<?php if( $this->getUser('group') >= self::GROUP_MODERATOR){
|
||||||
|
echo template::button('pageEditModuleConfig', [
|
||||||
'disabled' => (bool) $this->getData(['page', $this->getUrl(2), 'moduleId']) === false,
|
'disabled' => (bool) $this->getData(['page', $this->getUrl(2), 'moduleId']) === false,
|
||||||
'uniqueSubmission' => true,
|
'uniqueSubmission' => true,
|
||||||
'value' => template::ico('gear')
|
'value' => template::ico('gear')
|
||||||
]); ?>
|
]);
|
||||||
|
}?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@ -90,7 +93,8 @@ echo template::formOpen('pageEditForm');
|
|||||||
<?php echo template::select('configModulePosition', $module::$modulePosition,[
|
<?php echo template::select('configModulePosition', $module::$modulePosition,[
|
||||||
'help' => 'En position libre ajoutez le module en plaçant [MODULE] à l\'endroit voulu dans votre page.',
|
'help' => 'En position libre ajoutez le module en plaçant [MODULE] à l\'endroit voulu dans votre page.',
|
||||||
'label' => 'Position du module',
|
'label' => 'Position du module',
|
||||||
'selected' => $this->getData(['page', $this->getUrl(2), 'modulePosition'])
|
'selected' => $this->getData(['page', $this->getUrl(2), 'modulePosition']),
|
||||||
|
'disabled' => $this->getUser('group') >= self::GROUP_MODERATOR ? false : true
|
||||||
]); ?>
|
]); ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@ -162,6 +166,7 @@ echo template::formOpen('pageEditForm');
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<?php if( $this->getUser('group') >= self::GROUP_MODERATOR){ ?>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col12" id="pageEditMenu">
|
<div class="col12" id="pageEditMenu">
|
||||||
<div class="block" id="location">
|
<div class="block" id="location">
|
||||||
@ -289,4 +294,4 @@ echo template::formOpen('pageEditForm');
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php echo template::formClose(); ?>
|
<?php } echo template::formClose(); ?>
|
||||||
|
@ -367,6 +367,7 @@ class user extends common {
|
|||||||
// Check la captcha
|
// Check la captcha
|
||||||
if(
|
if(
|
||||||
$this->getData(['config','connect','captcha'])
|
$this->getData(['config','connect','captcha'])
|
||||||
|
//$this->getInput('userLoginCaptcha', helper::FILTER_INT) !== $this->getInput('userLoginCaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('userLoginCaptchaSecondNumber', helper::FILTER_INT))
|
||||||
AND password_verify($this->getInput('userLoginCaptcha', helper::FILTER_INT), $this->getInput('userLoginCaptchaResult') ) === false )
|
AND password_verify($this->getInput('userLoginCaptcha', helper::FILTER_INT), $this->getInput('userLoginCaptchaResult') ) === false )
|
||||||
{
|
{
|
||||||
self::$inputNotices['userLoginCaptcha'] = 'Incorrect';
|
self::$inputNotices['userLoginCaptcha'] = 'Incorrect';
|
||||||
@ -444,7 +445,6 @@ class user extends common {
|
|||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => 'Connexion réussie',
|
'notification' => 'Connexion réussie',
|
||||||
'redirect' => helper::baseUrl(),
|
'redirect' => helper::baseUrl(),
|
||||||
//'redirect' => helper::baseUrl() . str_replace('_', '/', str_replace('__', '#', $this->getUrl(2))),
|
|
||||||
'state' => true
|
'state' => true
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
26
core/vendor/filemanager/config/config.php
vendored
26
core/vendor/filemanager/config/config.php
vendored
@ -13,6 +13,16 @@ ob_start('mb_output_handler');
|
|||||||
date_default_timezone_set('Europe/Paris');
|
date_default_timezone_set('Europe/Paris');
|
||||||
setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration
|
setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration
|
||||||
|
|
||||||
|
// Validation des actions (delete, rename) par lecture du groupe de l'utilisateur via cookie et user.json
|
||||||
|
if( is_file('../../../site/data/user.json')){
|
||||||
|
$json = file_get_contents('../../../site/data/user.json');
|
||||||
|
}
|
||||||
|
else{
|
||||||
|
$json = '{}';
|
||||||
|
}
|
||||||
|
$user = json_decode($json, true);
|
||||||
|
$val = $user['user'][$_COOKIE["ZWII_USER_ID"]]['group'] >= 3 ? true : false;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Optional security
|
| Optional security
|
||||||
@ -336,18 +346,18 @@ $config = array(
|
|||||||
//*************************
|
//*************************
|
||||||
//Permissions configuration
|
//Permissions configuration
|
||||||
//******************
|
//******************
|
||||||
'delete_files' => true,
|
'delete_files' => $val,
|
||||||
'create_folders' => true,
|
'create_folders' => true,
|
||||||
'delete_folders' => true,
|
'delete_folders' => $val,
|
||||||
'upload_files' => true,
|
'upload_files' => true,
|
||||||
'rename_files' => true,
|
'rename_files' => $val,
|
||||||
'rename_folders' => true,
|
'rename_folders' => $val,
|
||||||
'duplicate_files' => true,
|
'duplicate_files' => true,
|
||||||
'extract_files' => true,
|
'extract_files' => true,
|
||||||
'copy_cut_files' => true, // for copy/cut files
|
'copy_cut_files' => $val, // for copy/cut files
|
||||||
'copy_cut_dirs' => true, // for copy/cut directories
|
'copy_cut_dirs' => $val, // for copy/cut directories
|
||||||
'chmod_files' => true, // change file permissions
|
'chmod_files' => $val, // change file permissions
|
||||||
'chmod_dirs' => true, // change folder permissions
|
'chmod_dirs' => $val, // change folder permissions
|
||||||
'preview_text_files' => true, // eg.: txt, log etc.
|
'preview_text_files' => true, // eg.: txt, log etc.
|
||||||
'edit_text_files' => true, // eg.: txt, log etc.
|
'edit_text_files' => true, // eg.: txt, log etc.
|
||||||
'create_text_files' => true, // only create files with exts. defined in $config['editable_text_file_exts']
|
'create_text_files' => true, // only create files with exts. defined in $config['editable_text_file_exts']
|
||||||
|
@ -21,12 +21,12 @@ class blog extends common {
|
|||||||
const EDIT_ADMIN = '03'; // Groupe des admin
|
const EDIT_ADMIN = '03'; // Groupe des admin
|
||||||
|
|
||||||
public static $actions = [
|
public static $actions = [
|
||||||
'add' => self::GROUP_EDITOR,
|
'add' => self::GROUP_MODERATOR,
|
||||||
'comment' => self::GROUP_MODERATOR,
|
'comment' => self::GROUP_MODERATOR,
|
||||||
'commentApprove' => self::GROUP_MODERATOR,
|
'commentApprove' => self::GROUP_MODERATOR,
|
||||||
'commentDelete' => self::GROUP_MODERATOR,
|
'commentDelete' => self::GROUP_MODERATOR,
|
||||||
'commentDeleteAll' => self::GROUP_MODERATOR,
|
'commentDeleteAll' => self::GROUP_MODERATOR,
|
||||||
'config' => self::GROUP_EDITOR,
|
'config' => self::GROUP_MODERATOR,
|
||||||
'delete' => self::GROUP_MODERATOR,
|
'delete' => self::GROUP_MODERATOR,
|
||||||
'edit' => self::GROUP_EDITOR,
|
'edit' => self::GROUP_EDITOR,
|
||||||
'index' => self::GROUP_VISITOR
|
'index' => self::GROUP_VISITOR
|
||||||
@ -375,13 +375,6 @@ class blog extends common {
|
|||||||
* Suppression
|
* Suppression
|
||||||
*/
|
*/
|
||||||
public function delete() {
|
public function delete() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
} else {
|
|
||||||
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
@ -407,7 +400,6 @@ class blog extends common {
|
|||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Édition
|
* Édition
|
||||||
@ -469,7 +461,7 @@ class blog extends common {
|
|||||||
}
|
}
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
'redirect' => $this->getUser('group') >= self::GROUP_MODERATOR ? helper::baseUrl() . $this->getUrl(0) . '/config' : helper::baseUrl() . $this->getUrl(0),
|
||||||
'notification' => 'Modifications enregistrées',
|
'notification' => 'Modifications enregistrées',
|
||||||
'state' => true
|
'state' => true
|
||||||
]);
|
]);
|
||||||
@ -479,7 +471,7 @@ class blog extends common {
|
|||||||
ksort(self::$users);
|
ksort(self::$users);
|
||||||
foreach(self::$users as $userId => &$userFirstname) {
|
foreach(self::$users as $userId => &$userFirstname) {
|
||||||
// Les membres ne sont pas éditeurs, les exclure de la liste
|
// Les membres ne sont pas éditeurs, les exclure de la liste
|
||||||
if ( $this->getData(['user', $userId, 'group']) < self::GROUP_MODERATOR) {
|
if ( $this->getData(['user', $userId, 'group']) < self::GROUP_EDITOR) {
|
||||||
unset(self::$users[$userId]);
|
unset(self::$users[$userId]);
|
||||||
}
|
}
|
||||||
$userFirstname = $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']) . ' (' . self::$groupEdits[$this->getData(['user', $userId, 'group'])] . ')';
|
$userFirstname = $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']) . ' (' . self::$groupEdits[$this->getData(['user', $userId, 'group'])] . ')';
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php if(
|
<?php if(
|
||||||
$this->getUser('group') >= self::GROUP_MODERATOR
|
$this->getUser('group') >= self::GROUP_EDITOR
|
||||||
AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||||
): ?>
|
): ?>
|
||||||
<div class="col2">
|
<div class="col2">
|
||||||
|
@ -103,6 +103,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<?php if( $this->getUser('group') >= self::GROUP_MODERATOR){ ?>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col6">
|
<div class="col6">
|
||||||
<div class="block">
|
<div class="block">
|
||||||
@ -145,4 +146,4 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php echo template::formClose(); ?>
|
<?php } echo template::formClose(); ?>
|
||||||
|
@ -36,13 +36,13 @@ class gallery extends common {
|
|||||||
public static $thumbs = [];
|
public static $thumbs = [];
|
||||||
|
|
||||||
public static $actions = [
|
public static $actions = [
|
||||||
'config' => self::GROUP_EDITOR,
|
'config' => self::GROUP_MODERATOR,
|
||||||
'delete' => self::GROUP_MODERATOR,
|
'delete' => self::GROUP_MODERATOR,
|
||||||
'dirs' => self::GROUP_EDITOR,
|
'dirs' => self::GROUP_MODERATOR,
|
||||||
'sortGalleries' => self::GROUP_EDITOR,
|
'sortGalleries' => self::GROUP_MODERATOR,
|
||||||
'sortPictures' => self::GROUP_EDITOR,
|
'sortPictures' => self::GROUP_MODERATOR,
|
||||||
'edit' => self::GROUP_EDITOR,
|
'edit' => self::GROUP_MODERATOR,
|
||||||
'theme' => self::GROUP_EDITOR,
|
'theme' => self::GROUP_MODERATOR,
|
||||||
'index' => self::GROUP_VISITOR
|
'index' => self::GROUP_VISITOR
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -287,13 +287,6 @@ class gallery extends common {
|
|||||||
* Suppression
|
* Suppression
|
||||||
*/
|
*/
|
||||||
public function delete() {
|
public function delete() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
} else {
|
|
||||||
// $url prend l'adresse sans le token
|
// $url prend l'adresse sans le token
|
||||||
// La galerie n'existe pas
|
// La galerie n'existe pas
|
||||||
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
||||||
@ -321,7 +314,6 @@ class gallery extends common {
|
|||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Liste des dossiers
|
* Liste des dossiers
|
||||||
|
@ -15,10 +15,10 @@
|
|||||||
class news extends common {
|
class news extends common {
|
||||||
|
|
||||||
public static $actions = [
|
public static $actions = [
|
||||||
'add' => self::GROUP_EDITOR,
|
'add' => self::GROUP_MODERATOR,
|
||||||
'config' => self::GROUP_EDITOR,
|
'config' => self::GROUP_MODERATOR,
|
||||||
'delete' => self::GROUP_MODERATOR,
|
'delete' => self::GROUP_MODERATOR,
|
||||||
'edit' => self::GROUP_EDITOR,
|
'edit' => self::GROUP_MODERATOR,
|
||||||
'index' => self::GROUP_VISITOR
|
'index' => self::GROUP_VISITOR
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -117,13 +117,6 @@ class news extends common {
|
|||||||
* Suppression
|
* Suppression
|
||||||
*/
|
*/
|
||||||
public function delete() {
|
public function delete() {
|
||||||
// Contrôle d'accès
|
|
||||||
if ( self::$actions[__FUNCTION__] >= $this->getUser('group')) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'access' => false
|
|
||||||
]);
|
|
||||||
} else {
|
|
||||||
// La news n'existe pas
|
// La news n'existe pas
|
||||||
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
@ -150,7 +143,6 @@ class news extends common {
|
|||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Édition
|
* Édition
|
||||||
|
Loading…
Reference in New Issue
Block a user