Project

General

Profile

Feature #14383 » 0000485_v2.patch

Administrator Admin, 2010-03-26 08:35

View differences:

t3lib/class.t3lib_tcemain.php (working copy)
$status = 'new'; // Yes new record, change $record_status to 'insert'
} else { // Nope... $id is a number
$fieldArray = array();
$recordAccess = $this->checkRecordUpdateAccess($table,$id);
$recordAccess = $this->checkRecordUpdateAccess($table, $id, $data, $hookObjectsArr);
if (!$recordAccess) {
$propArr = $this->getRecordProperties($table,$id);
$this->log($table,$id,2,0,1,"Attempt to modify record '%s' (%s) without permission. Or non-existing page.",2,array($propArr['header'],$table.':'.$id),$propArr['event_pid']);
......
*
* @param string Record table
* @param integer Record UID
* @param array Record data
* @param array Hook objects
* @return boolean Returns true if the user may update the record given by $table and $id
*/
function checkRecordUpdateAccess($table,$id) {
function checkRecordUpdateAccess($table, $id, $data=false, &$hookObjectsArr=false) {
global $TCA;
$res = 0;
$res = null;
if (is_array($hookObjectsArr)) {
foreach($hookObjectsArr as $hookObj) {
if (method_exists($hookObj, 'checkRecordUpdateAccess')) {
$res = $hookObj->checkRecordUpdateAccess($table, $id, $data, $res, $this);
}
}
}
if($res === 1 || $res === 0) {
return $res;
} else {
$res = 0;
}
if ($TCA[$table] && intval($id)>0) {
if (isset($this->recUpdateAccessCache[$table][$id])) { // If information is cached, return it
return $this->recUpdateAccessCache[$table][$id];
(2-2/3)