From 4371b627d51ffc5af9498fa1877d8e519a5f2c6e Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Sun, 18 Feb 2001 15:14:56 +0000 Subject: - added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs --- modules/comment/comment.module | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/comment/comment.module') diff --git a/modules/comment/comment.module b/modules/comment/comment.module index 4d73e3caf..ef0bce34a 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -8,7 +8,7 @@ function comment_find($keys) { $find = array(); $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%". check_input($keys) ."%' OR c.comment LIKE '%". check_input($keys) ."%' ORDER BY c.timestamp DESC LIMIT 20"); while ($comment = db_fetch_object($result)) { - array_push($find, array("subject" => check_output($comment->subject), "link" => (user_permission($user) ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp)); + array_push($find, array("subject" => check_output($comment->subject), "link" => (user_access($user, "comment") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp)); } return $find; } -- cgit v1.2.3