diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2012-11-08 23:15:08 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2012-11-08 23:15:08 +0100 |
| commit | 04924b7a9d090c0814cfff3e6706263e4d5a46e8 (patch) | |
| tree | d83fc6b5683fbc9c639bfd1832f96dca2f3c8646 /lib/plugins/acl/admin.php | |
| parent | 1ea7a6bada66fc9b7a45f61b4892e4ea23196d89 (diff) | |
| parent | a731ed1d6736ca405b3559adfd9500affcc59412 (diff) | |
| download | rpg-04924b7a9d090c0814cfff3e6706263e4d5a46e8.tar.gz rpg-04924b7a9d090c0814cfff3e6706263e4d5a46e8.tar.bz2 | |
Merge branch 'master' into proxyconnect
* master: (169 commits)
added PCRE UTF-8 checks to do=check FS#2636
avoid multiple paralell update checks
fix regression bug in HTTPClient FS#2621
changed PAGEUTILS_ID_HIDEPAGE to has BEFORE/AFTER
TarLib code cleanup
TarLib: fixed appending in non-dynamic mode
fixed third method of adding files in TarLib
fix lone zero block in TarLib created archives
fix use of constructor in TarLib
Slovak language update
Korean language update
Latvian language update
added event PAGEUTILS_ID_HIDEPAGE
added test for isHiddenPage()
removed redundant variables in tpl_include_page() (because of 3ff8773b)
added cut off points for mobile devices as parameters to style.ini
Corrected typo: ruke -> rule
Persian language update
Spanish language update
russian language update
...
Diffstat (limited to 'lib/plugins/acl/admin.php')
| -rw-r--r-- | lib/plugins/acl/admin.php | 56 |
1 files changed, 30 insertions, 26 deletions
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php index a0d2e430e..1197892f2 100644 --- a/lib/plugins/acl/admin.php +++ b/lib/plugins/acl/admin.php @@ -56,22 +56,23 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { global $ID; global $auth; global $config_cascade; + global $INPUT; // fresh 1:1 copy without replacements $AUTH_ACL = file($config_cascade['acl']['default']); // namespace given? - if($_REQUEST['ns'] == '*'){ + if($INPUT->str('ns') == '*'){ $this->ns = '*'; }else{ - $this->ns = cleanID($_REQUEST['ns']); + $this->ns = cleanID($INPUT->str('ns')); } - if ($_REQUEST['current_ns']) { - $this->current_item = array('id' => cleanID($_REQUEST['current_ns']), 'type' => 'd'); - } elseif ($_REQUEST['current_id']) { - $this->current_item = array('id' => cleanID($_REQUEST['current_id']), 'type' => 'f'); + if ($INPUT->str('current_ns')) { + $this->current_item = array('id' => cleanID($INPUT->str('current_ns')), 'type' => 'd'); + } elseif ($INPUT->str('current_id')) { + $this->current_item = array('id' => cleanID($INPUT->str('current_id')), 'type' => 'f'); } elseif ($this->ns) { $this->current_item = array('id' => $this->ns, 'type' => 'd'); } else { @@ -79,24 +80,25 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { } // user or group choosen? - $who = trim($_REQUEST['acl_w']); - if($_REQUEST['acl_t'] == '__g__' && $who){ + $who = trim($INPUT->str('acl_w')); + if($INPUT->str('acl_t') == '__g__' && $who){ $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); - }elseif($_REQUEST['acl_t'] == '__u__' && $who){ + }elseif($INPUT->str('acl_t') == '__u__' && $who){ $this->who = ltrim($who,'@'); if($this->who != '%USER%' && $this->who != '%GROUP%'){ #keep wildcard as is $this->who = $auth->cleanUser($this->who); } - }elseif($_REQUEST['acl_t'] && - $_REQUEST['acl_t'] != '__u__' && - $_REQUEST['acl_t'] != '__g__'){ - $this->who = $_REQUEST['acl_t']; + }elseif($INPUT->str('acl_t') && + $INPUT->str('acl_t') != '__u__' && + $INPUT->str('acl_t') != '__g__'){ + $this->who = $INPUT->str('acl_t'); }elseif($who){ $this->who = $who; } // handle modifications - if(isset($_REQUEST['cmd']) && checkSecurityToken()){ + if($INPUT->has('cmd') && checkSecurityToken()){ + $cmd = $INPUT->extract('cmd')->str('cmd'); // scope for modifications if($this->ns){ @@ -109,19 +111,21 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { $scope = $ID; } - if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ + if($cmd == 'save' && $scope && $this->who && $INPUT->has('acl')){ // handle additions or single modifications $this->_acl_del($scope, $this->who); - $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); - }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ + $this->_acl_add($scope, $this->who, $INPUT->int('acl')); + }elseif($cmd == 'del' && $scope && $this->who){ // handle single deletions $this->_acl_del($scope, $this->who); - }elseif(isset($_REQUEST['cmd']['update'])){ + }elseif($cmd == 'update'){ + $acl = $INPUT->arr('acl'); + // handle update of the whole file - foreach((array) $_REQUEST['del'] as $where => $names){ + foreach($INPUT->arr('del') as $where => $names){ // remove all rules marked for deletion foreach($names as $who) - unset($_REQUEST['acl'][$where][$who]); + unset($acl[$where][$who]); } // prepare lines $lines = array(); @@ -134,7 +138,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { } } // re-add all rules - foreach((array) $_REQUEST['acl'] as $where => $opt){ + foreach($acl as $where => $opt){ foreach($opt as $who => $perm){ if ($who[0]=='@') { if ($who!='@ALL') { @@ -191,7 +195,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { echo '</div>'.NL; echo '<div class="footnotes"><div class="fn">'.NL; - echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; + echo '<sup><a id="fn__1" class="fn_bot" href="#fnt__1">1)</a></sup>'.NL; echo $this->getLang('p_include'); echo '</div></div>'; @@ -602,7 +606,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { echo '<tr>'; echo '<th>'.$this->getLang('where').'</th>'; echo '<th>'.$this->getLang('who').'</th>'; - echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; + echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" href="#fn__1">1)</a></sup></th>'; echo '<th>'.$lang['btn_delete'].'</th>'; echo '</tr>'; foreach($this->acl as $where => $set){ @@ -630,7 +634,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); echo '</td>'; - echo '<td align="center">'; + echo '<td class="check">'; echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; echo '</td>'; echo '</tr>'; @@ -638,7 +642,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { } echo '<tr>'; - echo '<th align="right" colspan="4">'; + echo '<th class="action" colspan="4">'; echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; echo '</th>'; echo '</tr>'; @@ -746,7 +750,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { } //build code - $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; + $ret .= '<label for="pbox'.$label.'"'.$class.'>'; $ret .= '<input '.buildAttributes($atts).' /> '; $ret .= $this->getLang('acl_perm'.$perm); $ret .= '</label>'.NL; |