diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-06-20 20:00:40 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-06-20 20:00:40 +0000 |
| commit | 72065fb8351b54eee5f1928c18e06ad81aa9b502 (patch) | |
| tree | 59052fb790134eed81b52b69150a1e231bd44083 /modules/comment.module | |
| parent | 7752dc4c7c4cffda07152d8ee89bce05f16a5d6c (diff) | |
| download | brdo-72065fb8351b54eee5f1928c18e06ad81aa9b502.tar.gz brdo-72065fb8351b54eee5f1928c18e06ad81aa9b502.tar.bz2 | |
- Added a brand-new access.module which allows you to manage 'roles'
(groups) and 'permissions' ... (inspired by Zope's system).
+ Once installed, click the help-link for more information.
+ See updates/2.00-to-x.xx.sql for the SQL updates.
- Modified loads of code to use our new access.module. The system
still has to mature though: new permissions have to be added and
existing permissions need stream-lining. Awaiting suggestions.
- As a direct result of the new access system, I had to rewrite the
way the top-level links in admin.php are rendered and displayed,
and xhtml-ified admin.php while I was at it.
TODO
- Home-brewed modules need updating, home-brewed themes not.
(Examples: file.module, trip_link.module)
- As soon we *finished* the refactoring of the user system (KJ has
been working on this refactoring already) we should consider to
embed this role and permission code into account.module ...
Diffstat (limited to 'modules/comment.module')
| -rw-r--r-- | modules/comment.module | 44 |
1 files changed, 27 insertions, 17 deletions
diff --git a/modules/comment.module b/modules/comment.module index 24b156443..ad9924603 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -4,11 +4,15 @@ function comment_search($keys) { global $user; $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20"); while ($comment = db_fetch_object($result)) { - $find[$i++] = array("title" => check_output($comment->subject), "link" => (user_access($user, "comment") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->userid, "date" => $comment->timestamp); + $find[$i++] = array("title" => check_output($comment->subject), "link" => (user_access($user, "edit user comments") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->userid, "date" => $comment->timestamp); } return $find; } +function comment_perm() { + return array("view comments", "post comments", "edit comments"); +} + function comment_edit($id) { global $REQUEST_URI; @@ -42,24 +46,30 @@ function comment_overview() { } function comment_admin() { - global $op, $id, $edit, $mod, $keys, $order; + global $user, $op, $id, $edit, $mod, $keys, $order; - print "<SMALL><A HREF=\"admin.php?mod=comment\">overview</A> | <A HREF=\"admin.php?mod=comment&op=search\">search comment</A></SMALL><HR>\n"; + if (user_access($user, "edit comments")) { - switch ($op) { - case "edit": - print comment_edit($id); - break; - case "search": - print search_form($keys); - print search_data($keys, $mod); - break; - case t("Submit"): - print status(comment_save(check_input($id), $edit)); - print comment_overview(); - break; - default: - print comment_overview(); + print "<SMALL><A HREF=\"admin.php?mod=comment\">overview</A> | <A HREF=\"admin.php?mod=comment&op=search\">search comment</A></SMALL><HR>\n"; + + switch ($op) { + case "edit": + print comment_edit($id); + break; + case "search": + print search_form($keys); + print search_data($keys, $mod); + break; + case t("Submit"): + print status(comment_save(check_input($id), $edit)); + print comment_overview(); + break; + default: + print comment_overview(); + } + } + else { + print message_access(); } } |