From 409d7af7c9c6c97c8c00cada876a2bf967fa1526 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 2 Jul 2006 14:16:22 +0200
Subject: disableactions support

This patch adds a config option to disable certain internal action commands of
DokuWiki's main dispatcher.

The options resendpasswd and openregister were removed because they can now set
through this new option.

The config plugin needs to be adjusted.

darcs-hash:20060702121622-7ad00-1e80e77bcfb0ae561fe7abd79cfbe1bb158be720.gz
---
 inc/actions.php | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

(limited to 'inc/actions.php')

diff --git a/inc/actions.php b/inc/actions.php
index 194beaad3..51fb0a84a 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -155,6 +155,12 @@ function act_clean($act){
   if($act == 'export_html') $act = 'export_xhtml';
   if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
 
+  // check if action is disabled
+  if(!actionOK($act)){
+    msg('Command disabled: '.htmlspecialchars($act),-1);
+    return 'show';
+  }
+
   //disable all acl related commands if ACL is disabled
   if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
                                              'subscribe','unsubscribe','profile',
@@ -198,17 +204,9 @@ function act_permcheck($act){
   }elseif(in_array($act,array('login','search','recent','profile'))){
     $permneed = AUTH_NONE;
   }elseif($act == 'register'){
-    if ($conf['openregister']){
-      $permneed = AUTH_NONE;
-    }else{
-      $permneed = AUTH_ADMIN;
-    }
+    $permneed = AUTH_NONE;
   }elseif($act == 'resendpwd'){
-    if ($conf['resendpasswd']) {
-      $permneed = AUTH_NONE;
-    }else{
-      $permneed = AUTH_ADMIN+1; // shouldn't get here if $conf['resendpasswd'] is off
-    }
+    $permneed = AUTH_NONE;
   }elseif($act == 'admin'){
     $permneed = AUTH_ADMIN;
   }else{
-- 
cgit v1.2.3