Commit 9c43e8fc authored by Dries's avatar Dries

Extremely large commit:

- Fixed tiny quote problem in account.php.

- Fixed tiny bug in comment.inc.

- Fixed tiny bug in comment.module.

- Fixed tiny bug in meta.module.

- Simplified user_access() API.

- Rewrote link system: still needs fine-tuning and testing so don't
  upgrade if you are running a production site. ;)

  Updated all modules and themes to reflect this change.  All other
  themes and modules need updating too!
parent 124694ee
......@@ -152,7 +152,7 @@ function account_content_edit() {
// construct form:
$result = db_query("SELECT * FROM blocks WHERE status = 1 ORDER BY module");
while ($block = db_fetch_object($result)) {
$entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '$block->name' AND user = '$user->id'"));
$entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '". check_input($block->name) ."' AND user = '$user->id'"));
$options .= "<INPUT TYPE=\"checkbox\" NAME=\"edit[$block->name]\"". ($entry->user ? " CHECKED" : "") ."> ". t($block->name) ."<BR>\n";
}
......
......@@ -7,13 +7,7 @@ function status($message) {
}
function admin_page($mod) {
global $menu, $user;
function module($name) {
global $menu, $user;
if (module_hook($name, "admin")) $output .= "<A HREF=\"admin.php?mod=$name\">$name</A> | ";
$menu .= $output;
}
global $user;
?>
<html>
......@@ -31,10 +25,11 @@ function module($name) {
<body bgcolor="#FFFFFF" link="#005599" vlink="#004499" alink="#FF0000">
<h1>Administration</h1>
<?php
$links[] = "<a href=\index.php\">home</a>";
foreach (module_list() as $name) {
if (module_hook($name, "admin")) $links[] = "<a href=\"admin.php?mod=$name\">$name</a>";
if (module_hook($name, "link")) $links = array_merge($links, module_invoke($name, "link", "admin"));
}
$links[] = "<a href=\"index.php\">home</a>";
print implode(" | ", $links) ."<hr />";
......@@ -45,7 +40,7 @@ function module($name) {
<?php
}
if (user_access($user, "access administration pages")) {
if (user_access("access administration pages")) {
user_rehash();
admin_page($mod);
}
......
......@@ -87,7 +87,7 @@ function comment_reply($pid, $id) {
$pid = 0;
}
if (user_access($user, "post comments")) {
if (user_access("post comments")) {
$theme->box(t("Reply"), comment_form(array(pid=>$pid, id=>$id)));
}
else {
......@@ -107,7 +107,7 @@ function comment_preview($edit) {
function comment_post($edit) {
global $theme, $user;
if (user_access($user, "post comments")) {
if (user_access("post comments")) {
// check comment submission rate:
throttle("post comment", variable_get(max_comment_rate, 60));
......@@ -213,7 +213,7 @@ function comment_uri($args = 0) {
else return ($mod) ? "module.php?mod=$mod" : "node.php";
}
function comment_link($comment, $return = 1) {
function comment_links($comment, $return = 1) {
global $theme;
if ($return) return "<A HREF=\"". comment_uri("id=$comment->lid#$comment->cid") ."\"><FONT COLOR=\"$theme->type\">". t("return") ."</FONT></A> | <A HREF=\"". comment_uri("op=reply&id=$comment->lid&pid=$comment->cid") ."\"><FONT COLOR=\"$theme->type\">". t("reply to this comment") ."</FONT></A>";
else return "<A HREF=\"". comment_uri("op=reply&id=$comment->lid&pid=$comment->cid") ."\"><FONT COLOR=\"$theme->type\">". t("reply to this comment") ."</FONT></A>";
......@@ -250,7 +250,7 @@ function comment_thread_max($cid, $mode, $threshold, $level = 0, $dummy = 0) {
while ($comment = db_fetch_object($result)) {
print "<UL>";
comment_view($comment, (comment_visible($comment, $threshold) ? comment_link($comment, 0) : 0));
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
comment_thread_max($comment->cid, $mode, $threshold, $level + 1, $dummy + 1);
print "</UL>";
}
......@@ -259,7 +259,7 @@ function comment_thread_max($cid, $mode, $threshold, $level = 0, $dummy = 0) {
function comment_render($lid, $cid) {
global $user, $theme, $REQUEST_URI;
if (user_access($user, "view comments")) {
if (user_access("access comments")) {
// Pre-process variables:
$lid = empty($lid) ? 0 : $lid;
......@@ -279,7 +279,7 @@ function comment_render($lid, $cid) {
if ($cid > 0) {
$result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE cid = '$cid'");
if ($comment = db_fetch_object($result)) {
comment_view($comment, comment_link($comment));
comment_view($comment, comment_links($comment));
}
}
else {
......@@ -297,7 +297,7 @@ function comment_render($lid, $cid) {
else if ($mode == 2) {
$result = comment_query($lid, $order);
while ($comment = db_fetch_object($result)) {
comment_view($comment, (comment_visible($comment, $threshold) ? comment_link($comment, 0) : 0));
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
}
}
else if ($mode == 3) {
......@@ -310,7 +310,7 @@ function comment_render($lid, $cid) {
else {
$result = comment_query($lid, $order, 0);
while ($comment = db_fetch_object($result)) {
comment_view($comment, (comment_visible($comment, $threshold) ? comment_link($comment, 0) : 0));
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
comment_thread_max($comment->cid, $mode, $threshold, $level + 1);
}
}
......
......@@ -24,8 +24,7 @@ function watchdog($type, $message) {
}
function throttle($type, $rate) {
global $user;
if (!user_access($user, "access administration pages")) {
if (!user_access("access administration pages")) {
if ($throttle = db_fetch_object(db_query("SELECT * FROM watchdog WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
die(message_throttle());
......@@ -135,8 +134,7 @@ function format_date($timestamp, $type = "medium", $format = "") {
}
function format_username($username) {
global $user;
if ($username) return (user_access($user, "add and edit user accounts") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>");
if ($username) return (user_access("administer accounts") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>");
else return variable_get(anonymous, "Anonymous");
}
......@@ -209,6 +207,27 @@ function field_merge($a, $b) {
return $a;
}
function link_page() {
$links[] = "<a href=\"index.php\">". t("home") ."</a>";
$links[] = "<a href=\"search.php\">". t("search") ."</a>";
$links[] = "<a href=\"submit.php\">". t("submit") ."</a>";
$links[] = "<a href=\"account.php\">". t("account") ."</a>";
foreach (module_list() as $name) {
if (module_hook($name, "link")) {
$links = array_merge($links, module_invoke($name, "link", "page"));
}
}
return $links;
}
function link_node($node) {
return module_invoke("node", "link", array("node", $node));
}
function timer_start() {
global $timer;
$timer = explode(" ", microtime());
......
......@@ -11,7 +11,7 @@ function module_iterate($function, $argument = "") {
}
// invoke hook $hook of module $name with optional arguments:
function module_invoke($name, $hook, $argument = "") {
function module_invoke($name, $hook, $argument = 0) {
$function = $name ."_". $hook;
return function_exists($function) ? $function($argument) : $argument;
}
......
......@@ -236,20 +236,11 @@ function node_index($node) {
function node_visible($node) {
global $user, $status;
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access($user, $node->type) || user_access($user, "add and edit nodes");
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access("administer nodes");
}
function node_access($account, $node) {
return strstr($node->moderate, $account->userid);
}
function node_links(&$links, &$node, $main = 0) {
if ($main) {
if ($node->body) $_links[] = array("node.php?id=$node->nid", t("read more"));
if ($node->comment) $_links[] = array("node.php?id=$node->nid", format_plural(node_get_comments($node->nid), "comment", "comments"));
}
$links = ($links ? array_merge($_links, $links) : $_links);
return count($links) ? $links : 0;
}
?>
\ No newline at end of file
<?php
class BaseTheme {
function links(&$links, $state = 0) {
// $state = 0 : default behaviour
// $state = 1 : main page
// $state = 2 : theme_link()
// Subject to change coz its messy
foreach ($links as $link) {
if ($link[0]) $_links[] = count($link) == 2 ? "<A HREF=\"$link[0]\"><FONT COLOR=\"$theme->link\">". t($link[1]) ."</FONT></A>" : t($link[0]);
}
return ($_links ? implode(" | ", $_links) : "");
function links($links, $delimiter = " | ") {
return implode($delimiter, $links);
}
}
......@@ -26,21 +18,6 @@ function theme_init() {
return new Theme();
}
function theme_link() {
global $user, $theme;
$links[] = array("index.php", t("home"));
$links[] = array("search.php", t("search"));
$links[] = array("submit.php", t("submit"));
$links[] = array("account.php", t("account"));
foreach (module_list() as $name) {
if (module_hook($name, "page")) $links[] = array("module.php?mod=$name", t($name));
}
return $theme->links($links, 2);
}
function theme_account($theme) {
global $user;
......@@ -55,13 +32,14 @@ function theme_account($theme) {
$content .= "<A HREF=\"account.php?op=edit&topic=content\">". t("edit your content") ."</A><BR>\n";
$content .= "<P>\n";
if (user_access($user, "access administration pages")) {
if (user_access("access administration pages")) {
$content .= "<A HREF=\"admin.php\">". strtr(t("administer %a"), array("%a" => variable_get("site_name", "drupal"))) ."</A><BR>\n";
$content .= "<P>\n";
}
foreach (module_list() as $name) {
if ($links = module_invoke($name, "menu")) {
if (module_hook($name, "link")) {
$links = module_invoke($name, "link", "menu");
foreach ($links as $link) $content .= "$link<BR>\n";
}
}
......@@ -119,29 +97,4 @@ function theme_moderation_results($theme, $node) {
$theme->box(t("Moderation results"), ($output ? $output : t("This node has not been moderated yet.")));
}
/*
//
// depricated -> new block strategy
//
function theme_new_headlines($theme, $num = 10) {
$result = db_query("SELECT nid, title FROM node WHERE status = 2 AND type = 'story' ORDER BY nid DESC LIMIT $num");
while ($node = db_fetch_object($result)) $content .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A></LI>\n";
$theme->box(t("Latest headlines"), $content);
}
function theme_old_headlines($theme, $num = 10) {
global $user;
$result = db_query("SELECT id, subject, timestamp FROM story WHERE status = 2 ORDER BY timestamp DESC LIMIT ". ($user->nodes ? $user->nodes : $num) .", $num");
while ($node = db_fetch_object($result)) {
if ($time != date("F jS", $node->timestamp)) {
$content .= "<P><B>". date("l, M jS", $node->timestamp) ."</B></P>\n";
$time = date("F jS", $node->timestamp);
}
$content .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A></LI>\n";
}
$theme->box(t("Older headlines"), $content);
}
*/
?>
......@@ -52,12 +52,14 @@ function user_save($account, $array) {
return user_load(($account->userid ? $account->userid : $array[userid]));
}
function user_access($account, $perm) {
if ($account->id == 1) {
function user_access($perm) {
global $user;
if ($user->id == 1) {
return 1;
}
else if ($account->perm) {
return strstr($account->perm, $perm);
else if ($user->perm) {
return strstr($user->perm, $perm);
}
else {
return db_fetch_object(db_query("SELECT * FROM role WHERE name = 'anonymous user' AND perm LIKE '%$perm%'"));
......
......@@ -7,7 +7,7 @@
$theme->header();
if (user_access($user, "view content")) {
if (user_access("view content")) {
$result = db_query("SELECT nid, type FROM node WHERE ". ($meta ? "attributes LIKE '%". check_input($meta) ."%' AND " : "") ." promote = '1' AND status = '". node_status("posted") ."' AND timestamp <= '". ($date > 0 ? check_input($date) : time()) ."' ORDER BY timestamp DESC LIMIT ". ($user->nodes ? $user->nodes : variable_get(default_nodes_main, 10)));
while ($node = db_fetch_object($result)) {
node_view(node_get_object(array("nid" => $node->nid, "type" => $node->type)), 1);
......
......@@ -21,7 +21,15 @@ function access_help() {
}
function access_perm() {
return array("access administration pages", "view content", "search content", "post content", "edit roles and permissions");
return array("access administration pages", "access content", "search content", "post content", "administer roles and permissions");
}
function access_link($type) {
if ($type == "admin" && user_access("administer roles and permissions")) {
$links[] = "<a href=\"admin.php?mod=access\">roles and permissions</a>";
}
return $links ? $links : array();
}
function access_get_role($rid) {
......@@ -125,9 +133,9 @@ function access_init() {
}
function access_admin() {
global $user, $edit, $op, $id;
global $edit, $op, $id;
if (user_access($user, "edit roles and permissions")) {
if (user_access("administer roles and permissions")) {
print "<SMALL><A HREF=\"admin.php?mod=access&op=add\">add new role</A> | <A HREF=\"admin.php?mod=access&op=role\">role overview</A> | <A HREF=\"admin.php?mod=access&op=perm\">permission overview</A> | <A HREF=\"admin.php?mod=access&op=help\">help</A></SMALL><HR>\n";
......
......@@ -33,7 +33,15 @@ function account_help() {
}
function account_perm() {
return array("add and edit user accounts");
return array("administer users");
}
function account_link($type) {
if ($type == "admin" && user_access("administer users")) {
$links[] = "<a href=\"admin.php?mod=account\">user accounts</a>";
}
return $links ? $links : array();
}
function account_conf_options() {
......@@ -42,10 +50,9 @@ function account_conf_options() {
}
function account_search($keys) {
global $user;
$result = db_query("SELECT * FROM users WHERE userid LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->userid, "link" => (user_access($user, "add and edit user accounts") ? "admin.php?mod=account&op=view&name=". urlencode($account->userid) : "account.php?op=view&name=". urlencode($account->userid)), "user" => $account->userid);
$find[$i++] = array("title" => $account->userid, "link" => (user_access("administer users") ? "admin.php?mod=account&op=view&name=". urlencode($account->userid) : "account.php?op=view&name=". urlencode($account->userid)), "user" => $account->userid);
}
return $find;
}
......@@ -248,9 +255,9 @@ function account_query($type = "") {
}
function account_admin() {
global $user, $op, $edit, $id, $mod, $keys, $order, $name, $query;
global $op, $edit, $id, $mod, $keys, $order, $name, $query;
if (user_access($user, "add and edit user accounts")) {
if (user_access("administer users")) {
print "<SMALL><A HREF=\"admin.php?mod=account&op=access\">access control</A> | <A HREF=\"admin.php?mod=account&op=add\">add new account</A> | <A HREF=\"admin.php?mod=account&op=listing\">account listings</A> | <A HREF=\"admin.php?mod=account&op=search\">search account</A> | <A HREF=\"admin.php?mod=account\">overview</A> | <A HREF=\"admin.php?mod=account&op=help\">help</A></SMALL><HR>";
$query = $query ? $query : 0;
......
......@@ -12,7 +12,15 @@ function import_help() {
}
function import_perm() {
return array("add and edit news feeds");
return array("administer news feeds");
}
function import_link($type) {
if ($type == "admin") {
$links[] = "<a href=\"admin.php?mod=import\">news feeds</a>";
}
return $links ? $links : array();
}
function import_cron() {
......@@ -241,9 +249,9 @@ function import_view_item() {
}
function import_admin() {
global $user, $op, $id, $type, $edit;
global $op, $id, $type, $edit;
if (user_access($user, "add and edit news feeds")) {
if (user_access("administer news feeds")) {
print "<SMALL><A HREF=\"admin.php?mod=import&type=bundle&op=add\">add new bundle</A> | <A HREF=\"admin.php?mod=import&type=feed&op=add\">add new feed</A> | <A HREF=\"admin.php?mod=import&type=bundle&op=view\">available bundles</A> | <A HREF=\"admin.php?mod=import&type=item&op=view\">available items</A> | <A HREF=\"admin.php?mod=import&op=view\">overview</A> | <A HREF=\"admin.php?mod=import&op=help\">help</A></SMALL><HR>";
......
......@@ -12,7 +12,15 @@ function import_help() {
}
function import_perm() {
return array("add and edit news feeds");
return array("administer news feeds");
}
function import_link($type) {
if ($type == "admin") {
$links[] = "<a href=\"admin.php?mod=import\">news feeds</a>";
}
return $links ? $links : array();
}
function import_cron() {
......@@ -241,9 +249,9 @@ function import_view_item() {
}
function import_admin() {
global $user, $op, $id, $type, $edit;
global $op, $id, $type, $edit;
if (user_access($user, "add and edit news feeds")) {
if (user_access("administer news feeds")) {
print "<SMALL><A HREF=\"admin.php?mod=import&type=bundle&op=add\">add new bundle</A> | <A HREF=\"admin.php?mod=import&type=feed&op=add\">add new feed</A> | <A HREF=\"admin.php?mod=import&type=bundle&op=view\">available bundles</A> | <A HREF=\"admin.php?mod=import&type=item&op=view\">available items</A> | <A HREF=\"admin.php?mod=import&op=view\">overview</A> | <A HREF=\"admin.php?mod=import&op=help\">help</A></SMALL><HR>";
......
......@@ -10,7 +10,15 @@ function block_help() {
}
function block_perm() {
return array("add and edit blocks");
return array("administer blocks");
}
function block_link($type) {
if ($type == "admin" && user_access("adminsiter blocks")) {
$links[] = "<a href=\"admin.php?mod=block\">blocks</a>";
}
return $links ? $links : array();
}
function block_admin_save($edit) {
......@@ -114,9 +122,9 @@ function block_init() {
}
function block_admin() {
global $user, $op, $edit;
global $op, $edit;
if (user_access($user, "add and edit blocks")) {
if (user_access("administer blocks")) {
print "<SMALL><A HREF=\"admin.php?mod=block\">configure</A> | <A HREF=\"admin.php?mod=block&op=preview\">preview</A> | <A HREF=\"admin.php?mod=block&op=help\">help</A></SMALL><HR>\n";
......
......@@ -10,7 +10,15 @@ function block_help() {
}
function block_perm() {
return array("add and edit blocks");
return array("administer blocks");
}
function block_link($type) {
if ($type == "admin" && user_access("adminsiter blocks")) {
$links[] = "<a href=\"admin.php?mod=block\">blocks</a>";
}
return $links ? $links : array();
}
function block_admin_save($edit) {
......@@ -114,9 +122,9 @@ function block_init() {
}
function block_admin() {
global $user, $op, $edit;
global $op, $edit;
if (user_access($user, "add and edit blocks")) {
if (user_access("administer blocks")) {
print "<SMALL><A HREF=\"admin.php?mod=block\">configure</A> | <A HREF=\"admin.php?mod=block&op=preview\">preview</A> | <A HREF=\"admin.php?mod=block&op=help\">help</A></SMALL><HR>\n";
......
......@@ -10,7 +10,19 @@ function Book($book) {
}
function book_perm() {
return array("edit book");
return array("administer book");
}
function book_link($type) {
if ($type == "admin" && user_access("administer book")) {
$links[] = "<a href=\"admin.php?mod=book\">". t("collaborative book") ."</a>";
}
if ($type == "page" && user_access("access content")) {
$links[] = "<a href=\"module.php?mod=book\">". t("collaborative book") ."</a>";
}
return $links ? $links : array();
}
function book_status() {
......@@ -70,10 +82,10 @@ function book_view($node, $main = 0) {
}
function book_search($keys) {
global $status, $user;
global $status;
$result = db_query("SELECT n.*, u.userid FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN users u ON n.author = u.id WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (user_access($user, "add and edit nodes") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->userid, "date" => $node->timestamp);
$find[$i++] = array("title" => check_output($node->title), "link" => (user_access("administer nodes") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->userid, "date" => $node->timestamp);
}
return $find;
}
......@@ -90,13 +102,13 @@ function book_parent_query($parent) {
}
function book_toc($parent = "", $indent = "", $toc = array()) {
global $status, $user;
global $status;
// select all child nodes:
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND ". book_parent_query($parent) ." ORDER BY b.weight");
// add root node:
if (user_access($user, "add and edit nodes")) {
if (user_access("administer nodes")) {
$toc[0] = "<root>";
}
......@@ -125,7 +137,7 @@ function book_form($edit = array()) {
$form .= form_textarea(t("Content"), "body", $edit[body], 70, 20, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_textarea(t("Log message"), "log", $edit[log], 70, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "add and edit nodes")) {
if (user_access("administer nodes")) {
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
......@@ -155,7 +167,7 @@ function book_save($edit) {
if (!$edit[nid]) {
node_save($edit, array(author => $user->id, body, comment => variable_get("book_comment", 0), log, moderate => variable_get("book_moderate", ""), parent, pid, promote => variable_get("book_promote", 0), score => 0, status => variable_get("book_status", $status[queued]), timestamp => time(), title, type => "book", votes => 0, weight));
}
else if (user_access($user, "add and edit nodes")) {
else if (user_access("administer nodes")) {
node_save($edit, array(body, log, parent, title, type => "book", weight));
}
}
......@@ -207,8 +219,7 @@ function book_tree($parent = "", $depth = 0) {
}
function book_admin() {
global $user;
if (user_access($user, "edit book")) {
if (user_access("administer book")) {
print book_tree();
}
else {
......@@ -217,9 +228,9 @@ function book_admin() {
}
function book_page() {
global $user, $status, $theme;
global $status, $theme;
if (user_access($user, "view content")) {
if (user_access("access content")) {
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE b.parent = 0 AND n.status = $status[posted] ORDER BY b.weight");
while ($node = db_fetch_object($result)) {
......
......@@ -10,7 +10,19 @@ function Book($book) {
}
function book_perm() {
return array("edit book");
return array("administer book");
}
function book_link($type) {
if ($type == "admin" && user_access("administer book")) {
$links[] = "<a href=\"admin.php?mod=book\">". t("collaborative book") ."</a>";
}
if ($type == "page" && user_access("access content")) {
$links[] = "<a href=\"module.php?mod=book\">". t("collaborative book") ."</a>";
}
return $links ? $links : array();
}
function book_status() {
......@@ -70,10 +82,10 @@ function book_view($node, $main = 0) {
}
function book_search($keys) {
global $status, $user;
global $status;
$result = db_query("SELECT n.*, u.userid FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN users u ON n.author = u.id WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (user_access($user, "add and edit nodes") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->userid, "date" => $node->timestamp);
$find[$i++] = array("title" => check_output($node->title), "link" => (user_access("administer nodes") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->userid, "date" => $node->timestamp);
}
return $find;
}
......@@ -90,13 +102,13 @@ function book_parent_query($parent) {
}
function book_toc($parent = "", $indent = "", $toc = array()) {
global $status, $user;
global $status;
// select all child nodes:
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND ". book_parent_query($parent) ." ORDER BY b.weight");
// add root node:
if (user_access($user, "add and edit nodes")) {
if (user_access("administer nodes")) {
$toc[0] = "<root>";
}
......@@ -125,7 +137,7 @@ function book_form($edit = array()) {
$form .= form_textarea(t("Content"), "body", $edit[body], 70, 20, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_textarea(t("Log message"), "log", $edit[log], 70, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "add and edit nodes")) {
if (user_access("administer nodes")) {
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
......@@ -155,7 +167,7 @@ function book_save($edit) {
if (!$edit[nid]) {
node_save($edit, array(author => $user->id, body, comment => variable_get("book_comment", 0), log, moderate => variable_get("book_moderate", ""), parent, pid, promote => variable_get("book_promote", 0), score => 0, status => variable_get("book_status", $status[queued]), timestamp => time(), title, type => "book", votes => 0, weight));
}
else if (user_access($user, "add and edit nodes")) {
else if (user_access("administer nodes")) {
node_save($edit, array(body, log, parent, title, type => "book", weight));
}
}
......@@ -207,8 +219,7 @@ function book_tree($parent = "", $depth = 0) {
}
function book_admin() {
global $user;
if (user_access($user, "edit book")) {
if (user_access("administer book")) {
print book_tree();
}
else {
......@@ -217,9 +228,9 @@ function book_admin() {
}
function book_page() {
global $user, $status, $theme;
global $status, $theme;
if (user_access($user, "view content")) {
if (user_access("access content")) {
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE b.parent = 0 AND n.status = $status[posted] ORDER BY b.weight");
while ($node = db_fetch_object($result)) {
......
......@@ -30,7 +30,15 @@ function box_help() {
}
function box_perm() {
return array("add and edit boxes");
return array("administer boxes");
}
function box_link($type) {
if ($type == "admin" && user_access("administer boxes")) {
$links[] = "<a href=\"admin.php?mod=box\">boxes</a>";
}
return $links ? $links : array();
}
function box_block() {
......@@ -142,9 +150,9 @@ function box_admin_save($id, $subject, $content, $info, $link, $type) {
}
function box_admin() {
global $user, $op, $id, $subject, $content, $info, $link, $type;
global $op, $id, $subject, $content, $info, $link, $type;
if (user_access($user, "add and edit boxes")) {
if (user_access("administer boxes")) {