claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove isMaintainer() and isSuperMaintainer and instead use the user

Browse Source 
classes is_maintainer() and is_super_maintainer.
This commit is contained in:
Chris Morgan
2004-12-19 19:30:27 +00:00
committed by WineHQ
parent ddbd9ed0cc
commit 77a038d4f9
10 changed files with 41 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin/addAppNote.php
View File

@@ -10,7 +10,7 @@ require(BASE."include/"."application.php");
global $apidb_root;
//check for admin privs
if(!loggedin() || (!havepriv("admin") && !isMaintainer($appId,$versionId)) )
if(!loggedin() || (!havepriv("admin") && !$_SESSION['current']->is_maintainer($appId,$versionId)) )
{
errorpage("Insufficient Privileges!");
exit;

10
admin/adminAppDataQueue.php
View File

@@ -61,7 +61,10 @@ if (!$_REQUEST['queueId'])
$c = 1;
while($ob = mysql_fetch_object($result))
{
if(isMaintainer($ob->queueappId,$ob->queueversionId) || havepriv("admin")) {
if($_SESSION['current']->is_maintainer($ob->queueappId,
$ob->queueversionId)
|| havepriv("admin"))
{
if ($c % 2 == 1) { $bgcolor = 'color0'; } else { $bgcolor = 'color1'; }
echo "<tr class=$bgcolor>\n";
echo " <td>".date("Y-n-t h:i:sa", $ob->submitTime)." &nbsp;</td>\n";
@@ -83,7 +86,10 @@ if (!$_REQUEST['queueId'])
} else // shows a particular appdata
{
if(!(havepriv("admin") || isMaintainer($obj_row->queueAppId,$obj_row->queueVersionId))) {
if(!(havepriv("admin") ||
$_SESSION['current']->is_maintainer($obj_row->queueAppId,
$obj_row->queueVersionId)))
{
errorpage("You don't have sufficient priviledges to use this page.");
exit;
}

2
admin/editAppNote.php
View File

@@ -11,7 +11,7 @@ global $apidb_root;
//check for admin privs
if(!loggedin() || (!havepriv("admin") && !isMaintainer($appId,$versionId)) )
if(!loggedin() || (!havepriv("admin") && !$_SESSION['current']->is_maintainer($appId,$versionId)) )
{
errorpage("Insufficient Privileges!");
exit;

2
admin/editAppVersion.php
View File

@@ -9,7 +9,7 @@ require(BASE."include/"."application.php");
//check for admin privs
if(!loggedin() || (!havepriv("admin") && !isMaintainer($_REQUEST['appId'], $_REQUEST['versionId'])) )
if(!loggedin() || (!havepriv("admin") && !$_SESSION['current']->is_maintainer($_REQUEST['appId'], $_REQUEST['versionId'])) )
{
errorpage("Insufficient Privileges!");
exit;

14
appview.php
View File

@@ -180,7 +180,7 @@ function display_notes($appId, $versionId = 0)
}
// display row
if (havepriv("admin") || isMaintainer($appId,$versionId) )
if (havepriv("admin") || $_SESSION['current']->is_maintainer($appId,$versionId) )
echo " <a href='admin/editAppNote.php?noteId=".$ob->noteId."&appId=$appId".$versionLink."'> $c. ".substr(stripslashes($ob->noteTitle),0,30)."</a><br>\n";
else
echo " <a href='noteview.php?noteId=".$ob->noteId."&appId=$appId".$versionLink."'> $c. ".substr(stripslashes($ob->noteTitle),0,30)."</a><br>\n";
@@ -367,7 +367,7 @@ if($appId && !$versionId)
if(loggedin())
{
/* are we already a maintainer? */
if(isSuperMaintainer($appId, $versionId)) /* yep */
if($_SESSION['current']->is_super_maintainer($appId) /* yep */
{
echo ' <form method=post name=message action="maintainerdelete.php"><input type=submit value="Remove yourself as a super maintainer" class=button>';
} else /* nope */
@@ -505,14 +505,14 @@ else if($appId && $versionId)
{
/* is this user a maintainer of this version by virtue of being a super maintainer */
/* of this app family? */
if(isSuperMaintainer($appId) && !isMaintainer($appId, $versionId))
if($_SESSION['current']->is_super_maintainer($appId) && !$_SESSION['current']->is_maintainer($appId, $versionId))
{
echo '<form method=post name=message action="maintainerdelete.php"><input type=submit value="Remove yourself as a supermaintainer" class=button>';
echo "<input type=hidden name='superMaintainer' value=1>";
} else
{
/* are we already a maintainer? */
if(isMaintainer($appId, $versionId)) /* yep */
if($_SESSION['current']->is_maintainer($appId, $versionId)) /* yep */
{
echo '<form method=post name=message action="maintainerdelete.php"><input type=submit value="Remove yourself as a maintainer" class=button>';
echo "<input type=hidden name='superMaintainer' value=0>";
@@ -534,7 +534,7 @@ else if($appId && $versionId)
echo "</center></td></tr>";
if (loggedin() && (havepriv("admin") || isMaintainer($appId, $versionId)))
if (loggedin() && (havepriv("admin") || $_SESSION['current']->is_maintainer($appId, $versionId)))
{
echo "<tr><td colspan = 2><center>";
echo '<form method=post name=message action=admin/editAppVersion.php?appId='.$appId.'&versionId='.$versionId.'>';
@@ -582,7 +582,7 @@ else if($appId && $versionId)
echo add_br(stripslashes($ob->noteDesc));
echo "</td></tr>\n";
if (loggedin() && (havepriv("admin") || isMaintainer($appId, $versionId)))
if (loggedin() && (havepriv("admin") || $_SESSION['current']->is_maintainer($appId, $versionId)))
{
echo "<tr width='100%' class=color1 align=center valign=top><td>";
echo '<form method=post name=message action=admin/editAppNote.php?noteId='.$ob->noteId.'&appId='.$appId.'&versionId='.$versionId.'>';
@@ -608,7 +608,7 @@ else if($appId && $versionId)
echo add_br(stripslashes($ob->noteDesc));
echo "</td></tr>\n";
if (loggedin() && (havepriv("admin") || isMaintainer($appId, $versionId)))
if (loggedin() && (havepriv("admin") || $_SESSION['current']->is_maintainer($appId, $versionId)))
{
echo "<tr width='100%' class=color1 align=center valign=top><td>";
echo '<form method=post name=message action=admin/editAppNote.php?noteId='.$ob->noteId.'&appId='.$appId.'&versionId='.$versionId.'>';

10
deletecomment.php
View File

@@ -10,9 +10,17 @@ $_REQUEST['versionId'] = strip_tags($_REQUEST['versionId']);
$_REQUEST['commentId'] = strip_tags($_REQUEST['commentId']);
$_REQUEST['commentId'] = mysql_escape_string($_REQUEST['commentId']);
if(!loggedin())
{
errorpage("You need to be logged in to delete a comment.");
exit;
}
/* if we aren't an admin or the maintainer of this app we shouldn't be */
/* allowed to delete any comments */
if(!havepriv("admin") && !isMaintainer($_REQUEST['appId'], $_REQUEST['versionId']))
if(!havepriv("admin") &&
!$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId']))
{
errorpage('You don\'t have admin privilages');
exit;

2
include/comments.php
View File

@@ -64,7 +64,7 @@ function view_app_comment($ob)
echo "</td></tr>\n";
// delete message button, for admins
if(havepriv("admin") || isMaintainer($ob->appId, $ob->versionId))
if(havepriv("admin") || $_SESSION['current']->is_maintainer($ob->appId, $ob->versionId))
{
echo "<tr>";
echo "<td><form method=\"post\" name=\"message\" action=\"".$apidb_root."deletecomment.php\"><input type=submit value='Delete' class=button>\n";

23
include/user.php
View File

@@ -217,7 +217,7 @@ class User {
*/
function is_maintainer($appId, $versionId)
{
if(!loggedin() || !$this->userid)
if(!$this->userid)
return false;
/* if this user is a super maintainer of this appid then they */
@@ -240,7 +240,7 @@ class User {
*/
function is_super_maintainer($appId)
{
if(!loggedin() || !$this->userid)
if(!$this->userid)
return false;
$query = "SELECT * FROM appMaintainers WHERE userid = '$this->userid' AND appId = '$appId' AND superMaintainer = '1'";
@@ -304,25 +304,6 @@ function havepriv($priv)
return $_SESSION['current']->checkpriv($priv);
}
function isMaintainer($appId, $versionId)
{
if(!loggedin())
return false;
return $_SESSION['current']->is_maintainer($appId, $versionId);
}
function isSuperMaintainer($appId)
{
if(!loggedin())
return false;
return $_SESSION['current']->is_super_maintainer($appId);
}
function debugging()
{
return ((loggedin() && $_SESSION['current']->getpref("debug") == "yes") || APPDB_DEBUG == 1);

4
maintainersubmit.php
View File

@@ -39,14 +39,14 @@ $versionId = strip_tags($_POST['versionId']);
$superMaintainer = strip_tags($_POST['superMaintainer']);
/* if the user is already a maintainer don't add them again */
if(isMaintainer($appId, $versionId))
if($_SESSION['current']->is_maintainer($appId, $versionId))
{
echo "You are already a maintainer of this app!";
exit;
}
/* if this user is a super maintainer they maintain all of the versionIds of this appId */
if(isSuperMaintainer($appId))
if($_SESSION['current']->is_super_maintainer($appId))
{
echo "You are already a supermaintainer of the whole application family!";
exit;

12
screenshots.php
View File

@@ -17,7 +17,9 @@ if($_REQUEST['cmd'])
//process screenshot upload
if($_REQUEST['cmd'] == "screenshot_upload")
{
if(havepriv("admin") || isMaintainer($_REQUEST['appId'], $_REQUEST['versionId']))
if(havepriv("admin") ||
$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId']))
{
if(!copy($_FILES['imagefile']['tmp_name'], "data/screenshots/".$_REQUEST['appId']."-".$_REQUEST['versionId']."-".basename($_FILES['imagefile']['name'])))
{
@@ -105,7 +107,9 @@ if($_REQUEST['cmd'])
}
} elseif($_REQUEST['cmd'] == "delete")
{
if(havepriv("admin") || isMaintainer($_REQUEST['appId'], $_REQUEST['versionId']))
if(havepriv("admin") ||
$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId']))
{
$result = mysql_query("DELETE FROM appData WHERE id = ".$_REQUEST['imageId']);
if($result)
@@ -193,7 +197,9 @@ if($result && mysql_num_rows($result))
echo $img;
//show admin delete link
if(loggedin() && (havepriv("admin") || isMaintainer($_REQUEST['appId'], $_REQUEST['versionId'])))
if(loggedin() && (havepriv("admin") ||
$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId'])))
{
echo "<div align=center>[<a href='screenshots.php?cmd=delete&imageId=$ob->id&appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."'>Delete Image</a>]</div>";
}