Index: branches/5.2.x/core/units/helpers/permissions_helper.php
===================================================================
diff -u -N -r14699 -r14731
--- branches/5.2.x/core/units/helpers/permissions_helper.php	(.../permissions_helper.php)	(revision 14699)
+++ branches/5.2.x/core/units/helpers/permissions_helper.php	(.../permissions_helper.php)	(revision 14731)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: permissions_helper.php 14699 2011-10-26 11:39:38Z alex $
+* @version	$Id: permissions_helper.php 14731 2011-11-03 11:34:47Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -545,87 +545,87 @@
 
 		function CheckUserPermission($user_id, $name, $type = 1, $cat_id = null)
 		{
-			if ($user_id == USER_ROOT) {
+			if ( $user_id == USER_ROOT ) {
 				// "root" is allowed anywhere
-				return $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
+				return substr($name, -5) == '.deny' || $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
 			}
 
-			if (!isset($cat_id)) {
+			if ( !isset($cat_id) ) {
 				$cat_id = $this->Application->GetVar('m_cat_id');
 			}
 
-			if ($type == 1) {
+			if ( $type == 1 ) {
 				// "system" permission are always checked per "Home" category (ID = 0)
 				$cat_id = 0;
 			}
-			elseif ("$cat_id" === "0") {
+			elseif ( "$cat_id" === "0" ) {
 				$cat_id = $this->Application->getBaseCategory();
 			}
 
 			// perm cache is build only based on records in db, that's why if permission is not explicitly denied, then
 			// that (perm cache creator) code thinks that it is allowed & adds corresponding record and code below will
 			// return incorrect results
 
-			if ($user_id == $this->Application->RecallVar('user_id')) {
+			if ( $user_id == $this->Application->RecallVar('user_id') ) {
 				$groups = explode(',', $this->Application->RecallVar('UserGroups'));
 			}
 			else { // checking not current user
 				$sql = 'SELECT GroupId
-						FROM '.TABLE_PREFIX.'UserGroup
-						WHERE (PortalUserId = '.$user_id.') AND ( (MembershipExpires IS NULL) OR ( MembershipExpires >= UNIX_TIMESTAMP() ) )';
+						FROM ' . TABLE_PREFIX . 'UserGroup
+						WHERE (PortalUserId = ' . $user_id . ') AND ( (MembershipExpires IS NULL) OR ( MembershipExpires >= UNIX_TIMESTAMP() ) )';
 				$groups = $this->Conn->GetCol($sql);
-				array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
+				array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup'));
 			}
 
 			$cache_key = $name . '|' . $type . '|' . $cat_id . '|' . implode(',', $groups);
 			$perm_value = $this->Application->getCache('permissions[%' . ($type == 1 ? 'G' : 'C') . 'PermSerial%]:' . $cache_key);
 
-			if ($perm_value !== false) {
+			if ( $perm_value !== false ) {
 				return $perm_value;
 			}
 
-			if (preg_match('/(.*)\.VIEW$/', $name) && ($type == 0)) {
+			if ( preg_match('/(.*)\.VIEW$/', $name) && ($type == 0) ) {
 				// cached view permission of category: begin
-				if (strpos($cat_id, '|') !== false) {
+				if ( strpos($cat_id, '|') !== false ) {
 					$category_path = explode('|', substr($cat_id, 1, -1));
 					$cat_id = end($category_path);
 				}
 
 				$sql = 'SELECT PermissionConfigId
-						FROM '.TABLE_PREFIX.'PermissionConfig
-						WHERE PermissionName = '.$this->Conn->qstr($name);
+						FROM ' . TABLE_PREFIX . 'PermissionConfig
+						WHERE PermissionName = ' . $this->Conn->qstr($name);
 				$perm_id = $this->Conn->GetOne($sql);
 
 				$sql = 'SELECT PermId
-						FROM '.TABLE_PREFIX.'PermCache
-						WHERE (PermId = '.$perm_id.') AND (CategoryId = '.(int)$cat_id.')';
+						FROM ' . TABLE_PREFIX . 'PermCache
+						WHERE (PermId = ' . $perm_id . ') AND (CategoryId = ' . (int)$cat_id . ')';
 
-				$view_filters = Array();
+				$view_filters = Array ();
 				foreach ($groups as $group) {
-					$view_filters[] = 'FIND_IN_SET('.$group.', ACL)';
+					$view_filters[] = 'FIND_IN_SET(' . $group . ', ACL)';
 				}
-				$sql .= ' AND ('.implode(' OR ', $view_filters).')';
+				$sql .= ' AND (' . implode(' OR ', $view_filters) . ')';
 				$perm_value = $this->Conn->GetOne($sql) ? 1 : 0;
 
 				$this->Application->setCache('permissions[%CPermSerial%]:' . $cache_key, $perm_value);
 				return $perm_value;
 				// cached view permission of category: end
 			}
 
-			if (is_numeric($cat_id) && $cat_id == 0) {
-				$cat_hierarchy = Array(0);
+			if ( is_numeric($cat_id) && $cat_id == 0 ) {
+				$cat_hierarchy = Array (0);
 			}
 			else {
-				if (strpos($cat_id, '|') !== false) {
+				if ( strpos($cat_id, '|') !== false ) {
 					$cat_hierarchy = $cat_id;
 				}
 				else {
 					$sql = 'SELECT ParentPath
-							FROM '.$this->Application->getUnitOption('c', 'TableName').'
-							WHERE CategoryId = '.$cat_id;
+							FROM ' . $this->Application->getUnitOption('c', 'TableName') . '
+							WHERE CategoryId = ' . $cat_id;
 					$cat_hierarchy = $this->Conn->GetOne($sql);
-					if ($cat_hierarchy === false) {
-						// category was deleted, but refrence to it stays in other tables -> data integrity is broken
+					if ( $cat_hierarchy === false ) {
+						// category was deleted, but reference to it stays in other tables -> data integrity is broken
 						$cat_hierarchy = '|' . $this->Application->getBaseCategory() . '|';
 					}
 				}
@@ -636,13 +636,14 @@
 			}
 
 			$perm_value = 0;
-			$groups = implode(',',$groups);
+			$groups = implode(',', $groups);
 			foreach ($cat_hierarchy as $category_id) {
 				$sql = 'SELECT SUM(PermissionValue)
-						FROM '.TABLE_PREFIX.'Permissions
-						WHERE Permission = "'.$name.'" AND CatId = '.$category_id.' AND GroupId IN ('.$groups.') AND Type = '.$type;
+						FROM ' . TABLE_PREFIX . 'Permissions
+						WHERE Permission = "' . $name . '" AND CatId = ' . $category_id . ' AND GroupId IN (' . $groups . ') AND Type = ' . $type;
 				$res = $this->Conn->GetOne($sql);
-				if ($res !== false && !is_null($res)) {
+
+				if ( $res !== false && !is_null($res) ) {
 					$perm_value = $res ? 1 : 0;
 					break;
 				}