Index: branches/5.1.x/core/kernel/db/db_event_handler.php
===================================================================
diff -u -r12657 -r13086
--- branches/5.1.x/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 12657)
+++ branches/5.1.x/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 13086)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: db_event_handler.php 12657 2009-10-04 20:07:31Z alex $
+* @version	$Id: db_event_handler.php 13086 2010-01-12 19:47:40Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -9,7 +9,7 @@
 * the GNU General Public License, and as distributed it includes
 * or is derivative of works licensed under the GNU General Public License
 * or other free or open source software licenses.
-* See http://www.in-portal.net/license/ for copyright notices and details.
+* See http://www.in-portal.org/license for copyright notices and details.
 */
 
 	defined('FULL_PATH') or die('restricted access!');
@@ -71,7 +71,7 @@
 		 */
 		function CheckPermission(&$event)
 		{
-			if (!$this->Application->IsAdmin()) {
+			if (!$this->Application->isAdmin) {
 				$allow_events = Array('OnSearch', 'OnSearchReset', 'OnNew');
 				if (in_array($event->Name, $allow_events)) {
 					// allow search on front
@@ -98,7 +98,7 @@
 			}
 
 			if ($event->Name == 'OnSaveWidths') {
-				return $this->Application->IsAdmin() && $this->Application->LoggedIn();
+				return $this->Application->isAdminUser;
 			}
 
 			return parent::CheckPermission($event);
@@ -397,6 +397,9 @@
 		 */
 		function dbBuild(&$object, &$event)
 		{
+			// for permission checking inside item/list build events
+			$event->setEventParam('top_prefix', $this->Application->GetTopmostPrefix($event->Prefix, true));
+
 			$object->Configure( $event->getEventParam('populate_ml_fields') || $this->Application->getUnitOption($event->Prefix, 'PopulateMlFields') );
 			$this->PrepareObject($object, $event);
 
@@ -514,7 +517,7 @@
 					$status_checked = true;
 					$editing_mode = defined('EDITING_MODE') ? EDITING_MODE : false;
 
-					if ($user_id != -1 && !$this->Application->IsAdmin() && !($editing_mode || $this->checkItemStatus($event))) {
+					if ($user_id != -1 && !$this->Application->isAdmin && !($editing_mode || $this->checkItemStatus($event))) {
 						// non-root user AND on front-end AND (not editing mode || incorrect status)
 						$perm_status = false;
 					}
@@ -528,9 +531,23 @@
 					if ($this->Application->isDebugMode()) {
 						$this->Application->Debugger->appendTrace();
 					}
+
 					trigger_error('ItemLoad Permission Failed for prefix ['.$event->getPrefixSpecial().'] in <strong>'.($status_checked ? 'checkItemStatus' : 'CheckPermission').'</strong>', E_USER_WARNING);
-					$next_template = $this->Application->IsAdmin() ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate');
-					$this->Application->Redirect($next_template, Array('next_template' => $this->Application->GetVar('t')));
+					$template = $this->Application->isAdmin ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate');
+
+					if (MOD_REWRITE) {
+						$redirect_params = Array (
+							'm_cat_id' => 0,
+							'next_template' => urlencode('external:' . $_SERVER['REQUEST_URI']),
+						);
+					}
+					else {
+						$redirect_params = Array (
+							'next_template' => $this->Application->GetVar('t'),
+						);
+					}
+
+					$this->Application->Redirect($template, $redirect_params);
 				}
 			}
 
@@ -1190,6 +1207,7 @@
 		function OnDelete(&$event)
 		{
 			if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
+				$event->status = erFAIL;
 				return;
 			}
 
@@ -1286,6 +1304,7 @@
 		function OnMassDelete(&$event)
 		{
 			if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
+				$event->status = erFAIL;
 				return;
 			}
 
@@ -1335,7 +1354,7 @@
 		function OnEdit(&$event)
 		{
 			$this->setTempWindowID($event);
-			$this->StoreSelectedIDs($event);
+			$ids = $this->StoreSelectedIDs($event);
 			$var_name = $event->getPrefixSpecial().'_file_pending_actions'.$this->Application->GetVar('m_wid');
 			$this->Application->RemoveVar($var_name);
 
@@ -1344,7 +1363,9 @@
 
 			$temp->PrepareEdit();
 
-			$event->redirect = false;
+			$event->SetRedirectParam('m_lang', $this->Application->GetDefaultLanguageId());
+			$event->SetRedirectParam($event->getPrefixSpecial() . '_id', array_shift($ids));
+			$event->SetRedirectParam('pass', 'all,' . $event->getPrefixSpecial());
 		}
 
 		/**
@@ -1390,7 +1411,9 @@
 				}
 				else {
 					$this->Application->RemoveVar($changes_var_name);
+					$event->status = erFAIL;
 				}
+
 				$this->clearSelectedIDs($event);
 
 				$event->redirect_params = Array('opener' => 'u');
@@ -1528,6 +1551,9 @@
 
 				$this->Application->SetVar($event->getPrefixSpecial() . '_id', $object->GetID());
 			}
+			else {
+				$event->MasterEvent->status = $event->status;
+			}
 
 			$event->SetRedirectParam('opener', 's');
 		}
@@ -1589,17 +1615,18 @@
 		{
 			$this->setTempWindowID($event);
 			$this->clearSelectedIDs($event);
+			$this->Application->SetVar('m_lang', $this->Application->GetDefaultLanguageId());
 
 			$object =& $event->getObject( Array('skip_autoload' => true) );
 
 			$temp =& $this->Application->recallObject($event->Prefix.'_TempHandler', 'kTempTablesHandler');
 			$temp->PrepareEdit();
 
 			$object->setID(0);
-			$this->Application->SetVar($event->getPrefixSpecial().'_id',0);
+			$this->Application->SetVar($event->getPrefixSpecial().'_id', 0);
 			$this->Application->SetVar($event->getPrefixSpecial().'_PreCreate', 1);
 
-			$event->redirect=false;
+			$event->redirect = false;
 		}
 
 		/**
@@ -1653,6 +1680,7 @@
 		function iterateItems(&$event)
 		{
 			if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
+				$event->status = erFAIL;
 				return;
 			}
 
@@ -1710,6 +1738,7 @@
 		function OnMassClone(&$event)
 		{
 			if ($this->Application->CheckPermission('SYSTEM_ACCESS.READONLY', 1)) {
+				$event->status = erFAIL;
 				return;
 			}
 
@@ -1843,6 +1872,16 @@
 		}
 
 		/**
+		 * Occurs before validation attempt
+		 *
+		 * @param kEvent $event
+		 */
+		function OnBeforeItemValidate(&$event)
+		{
+
+		}
+
+		/**
 		 * Occurs after successful item validation
 		 *
 		 * @param kEvent $event
@@ -2357,10 +2396,16 @@
 			$admin_ses =& $this->Application->recallObject('Session.admin');
 			/* @var $admin_ses Session */
 
+			if ($admin_ses->RecallVar('user_id') == -1) {
+				return true;
+			}
+
 			$backup_user_id = $this->Application->RecallVar('user_id'); // 1. backup user
 			$this->Application->StoreVar('user_id', $admin_ses->RecallVar('user_id')); // 2. fake user_id
 
 			$check_event = new kEvent($event->getPrefixSpecial() . ':OnProcessSelected'); // 3. event, that have "add|edit" rule
+			$check_event->setEventParam('top_prefix', $this->Application->GetTopmostPrefix($event->Prefix, true));
+
 			$allowed_to_upload = $this->CheckPermission($check_event); // 4. check permission
 
 			$this->Application->StoreVar('user_id', $backup_user_id); // 5. restore user id
@@ -2389,7 +2434,6 @@
 			$schedule = $schedule ? unserialize($schedule) : Array ();
 			$schedule[] = Array ('action' => 'delete', 'file' => $path = FULL_PATH . $options['upload_dir'] . $this->Application->GetVar('file'));
 			$this->Application->StoreVar($var_name, serialize($schedule));
-			$this->Application->Session->SaveData();
 		}
 
 		/**
@@ -2452,7 +2496,7 @@
 		 */
 		function OnSuggestValues(&$event)
 		{
-			if (!$this->Application->IsAdmin() || !$this->Application->LoggedIn()) {
+			if (!$this->Application->isAdminUser) {
 				// very careful here, because this event allows to
 				// view every object field -> limit only to logged-in admins
 				return ;