Bug #22339 » 13941v3.patch
t3lib/class.t3lib_tcemain.php (working copy) | ||
---|---|---|
$brExist = $this->doesBranchExist('',$uid,$this->pMap['delete'],1); // returns the branch
|
||
if ($brExist != -1) { // Checks if we had permissions
|
||
if ($this->noRecordsFromUnallowedTables($brExist.$uid)) {
|
||
return t3lib_div::trimExplode(',',$brExist.$uid,1);
|
||
$pagesInBranch = t3lib_div::trimExplode(',', $brExist . $uid, 1);
|
||
foreach ($pagesInBranch as $pageInBranch) {
|
||
if (!$this->BE_USER->recordEditAccessInternals('pages', $pageInBranch, FALSE, FALSE, TRUE)) {
|
||
return 'Attempt to delete page which has prohibited localizations.';
|
||
}
|
||
}
|
||
return $pagesInBranch;
|
||
} else return 'Attempt to delete records from disallowed tables';
|
||
} else return 'Attempt to delete pages in branch without permissions';
|
||
} else {
|
||
$brExist = $this->doesBranchExist('',$uid,$this->pMap['delete'],1); // returns the branch
|
||
if ($brExist == '') { // Checks if branch exists
|
||
if ($this->noRecordsFromUnallowedTables($uid)) {
|
||
return array($uid);
|
||
if ($this->noRecordsFromUnallowedTables($uid)) {
|
||
if ($this->BE_USER->recordEditAccessInternals('pages', $uid, FALSE, FALSE, TRUE)) {
|
||
return array($uid);
|
||
} else return 'Attempt to delete page which has prohibited localizations.';
|
||
} else return 'Attempt to delete records from disallowed tables';
|
||
} else return 'Attempt to delete page which has subpages';
|
||
}
|
t3lib/class.t3lib_userauthgroup.php (working copy) | ||
---|---|---|
*/
|
||
function checkFullLanguagesAccess($table, $record) {
|
||
$recordLocalizationAccess = $this->checkLanguageAccess(0);
|
||
if ($recordLocalizationAccess && t3lib_BEfunc::isTableLocalizable($table)) {
|
||
if ($recordLocalizationAccess
|
||
&& (
|
||
t3lib_BEfunc::isTableLocalizable($table)
|
||
|| isset($GLOBALS['TCA'][$table]['ctrl']['transForeignTable'])
|
||
)
|
||
) {
|
||
$pointerField = $GLOBALS['TCA'][$table]['ctrl']['transOrigPointerField'];
|
||
if (isset($GLOBALS['TCA'][$table]['ctrl']['transForeignTable'])) {
|
||
$l10nTable = $GLOBALS['TCA'][$table]['ctrl']['transForeignTable'];
|
||
$pointerField = $GLOBALS['TCA'][$l10nTable]['ctrl']['transOrigPointerField'];
|
||
$pointerValue = $record['uid'];
|
||
} else {
|
||
$l10nTable = $table;
|
||
$pointerField = $GLOBALS['TCA'][$l10nTable]['ctrl']['transOrigPointerField'];
|
||
$pointerValue = $record[$pointerField] > 0 ? $record[$pointerField] : $record['uid'];
|
||
}
|
||
$recordLocalizations = t3lib_BEfunc::getRecordsByField(
|
||
$table,
|
||
$l10nTable,
|
||
$pointerField,
|
||
$record[$pointerField] > 0 ? $record[$pointerField] : $record['uid'],
|
||
$pointerValue,
|
||
'',
|
||
'',
|
||
'',
|
||
... | ... | |
if (is_array($recordLocalizations)) {
|
||
foreach($recordLocalizations as $localization) {
|
||
$recordLocalizationAccess = $recordLocalizationAccess && $this->checkLanguageAccess($localization[$GLOBALS['TCA'][$table]['ctrl']['languageField']]);
|
||
$recordLocalizationAccess = $recordLocalizationAccess
|
||
&& $this->checkLanguageAccess($localization[$GLOBALS['TCA'][$l10nTable]['ctrl']['languageField']]);
|
||
if (!$recordLocalizationAccess) {
|
||
break;
|
||
}
|
||
... | ... | |
$this->errorMsg = 'ERROR: The "languageField" field named "'.$TCA[$table]['ctrl']['languageField'].'" was not found in testing record!';
|
||
return FALSE;
|
||
}
|
||
} elseif (isset($TCA[$table]['ctrl']['transForeignTable']) && $checkFullLanguageAccess && !$this->checkFullLanguagesAccess($table, $idOrRow)) {
|
||
return FALSE;
|
||
}
|
||
// Checking authMode fields:
|