Bug #22339 » 13941v4.patch
| t3lib/class.t3lib_tcemain.php (working copy) | ||
|---|---|---|
|
// Now, the $uid is the actual record we will copy while $origUid is the record we asked to get copied - but that could be a live version.
|
||
|
*/
|
||
|
if ($this->doesRecordExist($table,$uid,'show')) { // This checks if the record can be selected which is all that a copy action requires.
|
||
|
if (($language > 0 && $this->BE_USER->checkLanguageAccess($language) ) || $this->BE_USER->recordEditAccessInternals($table, $uid, false, false, true)) { //Used to check language and general editing rights
|
||
|
$fullCheckNeeded = ($table != 'pages');
|
||
|
if (($language > 0 && $this->BE_USER->checkLanguageAccess($language) ) || $this->BE_USER->recordEditAccessInternals($table, $uid, false, false, $fullCheckNeeded)) { //Used to check language and general editing rights
|
||
|
$data = Array();
|
||
|
$nonFields = array_unique(t3lib_div::trimExplode(',','uid,perms_userid,perms_groupid,perms_user,perms_group,perms_everybody,t3ver_oid,t3ver_wsid,t3ver_id,t3ver_label,t3ver_state,t3ver_swapmode,t3ver_count,t3ver_stage,t3ver_tstamp,'.$excludeFields,1));
|
||
| ... | ... | |
|
}
|
||
|
// Checking if there is anything else disallowing moving the record by checking if editing is allowed
|
||
|
$mayEditAccess = $this->BE_USER->recordEditAccessInternals($table, $uid, false, false, true);
|
||
|
$fullCheckNeeded = ($table != 'pages');
|
||
|
$mayEditAccess = $this->BE_USER->recordEditAccessInternals($table, $uid, false, false, $fullCheckNeeded);
|
||
|
// If moving is allowed, begin the processing:
|
||
|
if ($mayEditAccess) {
|
||
| ... | ... | |
|
$brExist = $this->doesBranchExist('',$uid,$this->pMap['delete'],1); // returns the branch
|
||
|
if ($brExist != -1) { // Checks if we had permissions
|
||
|
if ($this->noRecordsFromUnallowedTables($brExist.$uid)) {
|
||
|
return t3lib_div::trimExplode(',',$brExist.$uid,1);
|
||
|
$pagesInBranch = t3lib_div::trimExplode(',', $brExist . $uid, 1);
|
||
|
foreach ($pagesInBranch as $pageInBranch) {
|
||
|
if (!$this->BE_USER->recordEditAccessInternals('pages', $pageInBranch, FALSE, FALSE, TRUE)) {
|
||
|
return 'Attempt to delete page which has prohibited localizations.';
|
||
|
}
|
||
|
}
|
||
|
return $pagesInBranch;
|
||
|
} else return 'Attempt to delete records from disallowed tables';
|
||
|
} else return 'Attempt to delete pages in branch without permissions';
|
||
|
} else {
|
||
|
$brExist = $this->doesBranchExist('',$uid,$this->pMap['delete'],1); // returns the branch
|
||
|
if ($brExist == '') { // Checks if branch exists
|
||
|
if ($this->noRecordsFromUnallowedTables($uid)) {
|
||
|
return array($uid);
|
||
|
if ($this->noRecordsFromUnallowedTables($uid)) {
|
||
|
if ($this->BE_USER->recordEditAccessInternals('pages', $uid, FALSE, FALSE, TRUE)) {
|
||
|
return array($uid);
|
||
|
} else return 'Attempt to delete page which has prohibited localizations.';
|
||
|
} else return 'Attempt to delete records from disallowed tables';
|
||
|
} else return 'Attempt to delete page which has subpages';
|
||
|
}
|
||
| t3lib/class.t3lib_userauthgroup.php (working copy) | ||
|---|---|---|
|
*/
|
||
|
function checkFullLanguagesAccess($table, $record) {
|
||
|
$recordLocalizationAccess = $this->checkLanguageAccess(0);
|
||
|
if ($recordLocalizationAccess && t3lib_BEfunc::isTableLocalizable($table)) {
|
||
|
if ($recordLocalizationAccess
|
||
|
&& (
|
||
|
t3lib_BEfunc::isTableLocalizable($table)
|
||
|
|| isset($GLOBALS['TCA'][$table]['ctrl']['transForeignTable'])
|
||
|
)
|
||
|
) {
|
||
|
$pointerField = $GLOBALS['TCA'][$table]['ctrl']['transOrigPointerField'];
|
||
|
if (isset($GLOBALS['TCA'][$table]['ctrl']['transForeignTable'])) {
|
||
|
$l10nTable = $GLOBALS['TCA'][$table]['ctrl']['transForeignTable'];
|
||
|
$pointerField = $GLOBALS['TCA'][$l10nTable]['ctrl']['transOrigPointerField'];
|
||
|
$pointerValue = $record['uid'];
|
||
|
} else {
|
||
|
$l10nTable = $table;
|
||
|
$pointerField = $GLOBALS['TCA'][$l10nTable]['ctrl']['transOrigPointerField'];
|
||
|
$pointerValue = $record[$pointerField] > 0 ? $record[$pointerField] : $record['uid'];
|
||
|
}
|
||
|
$recordLocalizations = t3lib_BEfunc::getRecordsByField(
|
||
|
$table,
|
||
|
$l10nTable,
|
||
|
$pointerField,
|
||
|
$record[$pointerField] > 0 ? $record[$pointerField] : $record['uid'],
|
||
|
$pointerValue,
|
||
|
'',
|
||
|
'',
|
||
|
'',
|
||
| ... | ... | |
|
if (is_array($recordLocalizations)) {
|
||
|
foreach($recordLocalizations as $localization) {
|
||
|
$recordLocalizationAccess = $recordLocalizationAccess && $this->checkLanguageAccess($localization[$GLOBALS['TCA'][$table]['ctrl']['languageField']]);
|
||
|
$recordLocalizationAccess = $recordLocalizationAccess
|
||
|
&& $this->checkLanguageAccess($localization[$GLOBALS['TCA'][$l10nTable]['ctrl']['languageField']]);
|
||
|
if (!$recordLocalizationAccess) {
|
||
|
break;
|
||
|
}
|
||
| ... | ... | |
|
$this->errorMsg = 'ERROR: The "languageField" field named "'.$TCA[$table]['ctrl']['languageField'].'" was not found in testing record!';
|
||
|
return FALSE;
|
||
|
}
|
||
|
} elseif (isset($TCA[$table]['ctrl']['transForeignTable']) && $checkFullLanguageAccess && !$this->checkFullLanguagesAccess($table, $idOrRow)) {
|
||
|
return FALSE;
|
||
|
}
|
||
|
// Checking authMode fields:
|
||
- « Previous
- 1
- 2
- 3
- 4
- Next »