diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2007-06-27 21:49:10 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2007-06-27 21:49:10 +0200 |
| commit | 6957b2ea013b27781cc1ccce8b94267006cb917d (patch) | |
| tree | 966e5f969d03c55e405088e878736b8dbb3b1b84 /inc/template.php | |
| parent | 83666c1bae18becc7f41053ac3ac80444e3681c4 (diff) | |
| download | rpg-6957b2ea013b27781cc1ccce8b94267006cb917d.tar.gz rpg-6957b2ea013b27781cc1ccce8b94267006cb917d.tar.bz2 | |
check for auth object at certain functions
This is a follow up on the previous patch to disable authtentication without
disabling ACL on backend problems. It fixes a few errors that might occour
in this rare situation.
darcs-hash:20070627194910-7ad00-de5ac10e0d36ecf8906c080e1d3dc1b2fd85b45d.gz
Diffstat (limited to 'inc/template.php')
| -rw-r--r-- | inc/template.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/inc/template.php b/inc/template.php index 3bf9be114..c941a64f4 100644 --- a/inc/template.php +++ b/inc/template.php @@ -435,7 +435,7 @@ function tpl_button($type){ print html_topbtn(); return true; case 'login': - if($conf['useacl']){ + if($conf['useacl'] && $auth){ if($_SERVER['REMOTE_USER']){ print html_btn('logout',$ID,'',array('do' => 'logout',)); }else{ @@ -451,7 +451,7 @@ function tpl_button($type){ } return false; case 'subscription': - if($conf['useacl'] && $ACT == 'show' && $conf['subscribers'] == 1){ + if($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1){ if($_SERVER['REMOTE_USER']){ if($INFO['subscribed']){ print html_btn('unsubscribe',$ID,'',array('do' => 'unsubscribe',)); @@ -466,7 +466,7 @@ function tpl_button($type){ print html_btn('backlink',$ID,'',array('do' => 'backlink')); return true; case 'profile': - if($conf['useacl'] && $_SERVER['REMOTE_USER'] && + if($conf['useacl'] && $_SERVER['REMOTE_USER'] && $auth && $auth->canDo('Profile') && ($ACT!='profile')){ print html_btn('profile',$ID,'',array('do' => 'profile')); return true; @@ -564,7 +564,7 @@ function tpl_actionlink($type,$pre='',$suf=''){ } return false; case 'login': - if($conf['useacl']){ + if($conf['useacl'] && $auth){ if($_SERVER['REMOTE_USER']){ tpl_link(wl($ID,'do=logout'),$pre.$lang['btn_logout'].$suf,'class="action logout" rel="nofollow"'); }else{ @@ -581,7 +581,7 @@ function tpl_actionlink($type,$pre='',$suf=''){ return false; case 'subscribe': case 'subscription': - if($conf['useacl'] && $ACT == 'show' && $conf['subscribers'] == 1){ + if($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1){ if($_SERVER['REMOTE_USER']){ if($INFO['subscribed']) { tpl_link(wl($ID,'do=unsubscribe'),$pre.$lang['btn_unsubscribe'].$suf,'class="action unsubscribe" rel="nofollow"'); @@ -596,7 +596,7 @@ function tpl_actionlink($type,$pre='',$suf=''){ tpl_link(wl($ID,'do=backlink'),$pre.$lang['btn_backlink'].$suf, 'class="action backlink" rel="nofollow"'); return true; case 'profile': - if($conf['useacl'] && $_SERVER['REMOTE_USER'] && + if($conf['useacl'] && $auth && $_SERVER['REMOTE_USER'] && $auth->canDo('Profile') && ($ACT!='profile')){ tpl_link(wl($ID,'do=profile'),$pre.$lang['btn_profile'].$suf, 'class="action profile" rel="nofollow"'); return true; |