makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge PR #607 branch 'nickvergessen/ticket/10679' into develop

Browse source 
* nickvergessen/ticket/10679:
  [ticket/10679] Update module basename, we added the xcp_ prefix in 3.1
  [ticket/10679] Use module_auth to limit access to the module
  [ticket/10679] Add new permission for changing profile field information
This commit is contained in:
Oleg Pudeyev 2012-12-07 08:32:13 -05:00
commit b0948fb347
6 changed files with 62 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/ucp/info/ucp_profile.php
View file

@ -19,7 +19,7 @@ class ucp_profile_info
'title' => 'UCP_PROFILE', 'title' => 'UCP_PROFILE',
'version' => '1.0.0', 'version' => '1.0.0',
'modes' => array( 'modes' => array(
'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => '', 'cat' => array('UCP_PROFILE')), 'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => 'acl_u_chgprofileinfo', 'cat' => array('UCP_PROFILE')),
'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => 'acl_u_sig', 'cat' => array('UCP_PROFILE')), 'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => 'acl_u_sig', 'cat' => array('UCP_PROFILE')),
'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')), 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')),
'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')), 'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')),

5
phpBB/includes/ucp/ucp_profile.php
View file

@ -251,6 +251,11 @@ class ucp_profile
break; break;
case 'profile_info': case 'profile_info':
// Do not display profile information panel if not authed to do so
if (!$auth->acl_get('u_chgprofileinfo'))
{
trigger_error('NO_AUTH_PROFILEINFO');
}
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);

52
phpBB/install/database_update.php
View file

@ -2731,8 +2731,6 @@ function change_database_data(&$no_updates, $version)
$config->set('display_last_subject', '1'); $config->set('display_last_subject', '1');
} }
$no_updates = false;
if (!isset($config['assets_version'])) if (!isset($config['assets_version']))
{ {
$config->set('assets_version', '1'); $config->set('assets_version', '1');
@ -2792,6 +2790,56 @@ function change_database_data(&$no_updates, $version)
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
// Add new permission u_chgprofileinfo and duplicate settings from u_sig
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
$auth_admin = new auth_admin();
// Only add the new permission if it does not already exist
if (empty($auth_admin->acl_options['id']['u_chgprofileinfo']))
{
$auth_admin->acl_add_option(array('global' => array('u_chgprofileinfo')));
// Now the tricky part, filling the permission
$old_id = $auth_admin->acl_options['id']['u_sig'];
$new_id = $auth_admin->acl_options['id']['u_chgprofileinfo'];
$tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE);
foreach ($tables as $table)
{
$sql = 'SELECT *
FROM ' . $table . '
WHERE auth_option_id = ' . $old_id;
$result = _sql($sql, $errored, $error_ary);
$sql_ary = array();
while ($row = $db->sql_fetchrow($result))
{
$row['auth_option_id'] = $new_id;
$sql_ary[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($sql_ary))
{
$db->sql_multi_insert($table, $sql_ary);
}
}
// Remove any old permission entries
$auth_admin->acl_clear_prefetch();
}
// Update the auth setting for the module
$sql = 'UPDATE ' . MODULES_TABLE . "
SET module_auth = 'acl_u_chgprofileinfo'
WHERE module_class = 'ucp'
AND module_basename = 'ucp_profile'
AND module_mode = 'profile_info'";
_sql($sql, $errored, $error_ary);
$no_updates = false;
break; break;
} }
} }

3
phpBB/install/schemas/schema_data.sql
View file

@ -387,6 +387,7 @@ INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgemail', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chggrp', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chggrp', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgname', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgname', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgpasswd', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgpasswd', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_chgprofileinfo', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_download', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_download', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_hideonline', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_hideonline', 1);
INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_ignoreflood', 1); INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('u_ignoreflood', 1);
@ -548,7 +549,7 @@ INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT
INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 22, auth_option_id, 1 FROM phpbb_acl_options WHERE auth_option LIKE 'f_%' AND auth_option NOT IN ('f_announce', 'f_attach', 'f_bump', 'f_delete', 'f_flash', 'f_icons', 'f_ignoreflood', 'f_sticky', 'f_user_lock', 'f_votechg'); INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 22, auth_option_id, 1 FROM phpbb_acl_options WHERE auth_option LIKE 'f_%' AND auth_option NOT IN ('f_announce', 'f_attach', 'f_bump', 'f_delete', 'f_flash', 'f_icons', 'f_ignoreflood', 'f_sticky', 'f_user_lock', 'f_votechg');
# New Member (u_) # New Member (u_)
INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 23, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_sendpm', 'u_masspm', 'u_masspm_group'); INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 23, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_sendpm', 'u_masspm', 'u_masspm_group', 'u_chgprofileinfo');
# New Member (f_) # New Member (f_)
INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 24, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'f_%' AND auth_option IN ('f_noapprove'); INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 24, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'f_%' AND auth_option IN ('f_noapprove');

1
phpBB/language/en/acp/permissions_phpbb.php
View file

@ -102,6 +102,7 @@ $lang = array_merge($lang, array(
'acl_u_chgemail' => array('lang' => 'Can change email address', 'cat' => 'profile'), 'acl_u_chgemail' => array('lang' => 'Can change email address', 'cat' => 'profile'),
'acl_u_chgavatar' => array('lang' => 'Can change avatar', 'cat' => 'profile'), 'acl_u_chgavatar' => array('lang' => 'Can change avatar', 'cat' => 'profile'),
'acl_u_chggrp' => array('lang' => 'Can change default usergroup', 'cat' => 'profile'), 'acl_u_chggrp' => array('lang' => 'Can change default usergroup', 'cat' => 'profile'),
'acl_u_chgprofileinfo' => array('lang' => 'Can change profile field information', 'cat' => 'profile'),
'acl_u_attach' => array('lang' => 'Can attach files', 'cat' => 'post'), 'acl_u_attach' => array('lang' => 'Can attach files', 'cat' => 'post'),
'acl_u_download' => array('lang' => 'Can download files', 'cat' => 'post'), 'acl_u_download' => array('lang' => 'Can download files', 'cat' => 'post'),

1
phpBB/language/en/ucp.php
View file

@ -318,6 +318,7 @@ $lang = array_merge($lang, array(
'NO_AUTH_FORWARD_MESSAGE' => 'You are not authorised to forward private messages.', 'NO_AUTH_FORWARD_MESSAGE' => 'You are not authorised to forward private messages.',
'NO_AUTH_GROUP_MESSAGE' => 'You are not authorised to send private messages to groups.', 'NO_AUTH_GROUP_MESSAGE' => 'You are not authorised to send private messages to groups.',
'NO_AUTH_PASSWORD_REMINDER' => 'You are not authorised to request a new password.', 'NO_AUTH_PASSWORD_REMINDER' => 'You are not authorised to request a new password.',
'NO_AUTH_PROFILEINFO' => 'You are not authorised to change your profile information.',
'NO_AUTH_READ_HOLD_MESSAGE' => 'You are not authorised to read private messages that are on hold.', 'NO_AUTH_READ_HOLD_MESSAGE' => 'You are not authorised to read private messages that are on hold.',
'NO_AUTH_READ_MESSAGE' => 'You are not authorised to read private messages.', 'NO_AUTH_READ_MESSAGE' => 'You are not authorised to read private messages.',
'NO_AUTH_READ_REMOVED_MESSAGE' => 'You are not able to read this message because it was removed by the author.', 'NO_AUTH_READ_REMOVED_MESSAGE' => 'You are not able to read this message because it was removed by the author.',