Index: branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php =================================================================== diff -u -r5303 -r5359 --- branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php (.../user_addimage.php) (revision 5303) +++ branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php (.../user_addimage.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); /* set the destination of the image upload, relative to the root path */ $DestDir = 'kernel/images/'; Index: branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php =================================================================== diff -u -r4078 -r5359 --- branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php (.../adduser.php) (revision 4078) +++ branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php (.../adduser.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php =================================================================== diff -u -r2859 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php (.../addrule.php) (revision 2859) +++ branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php (.../addrule.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_banlist'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php =================================================================== diff -u -r4247 -r5359 --- branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php (.../adduser_custom.php) (revision 4247) +++ branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php (.../adduser_custom.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php =================================================================== diff -u -r4247 -r5359 --- branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php (.../session_list.php) (revision 4247) +++ branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php (.../session_list.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sessionlog'); //admin only includes require_once ($pathtoroot.$admin."/include/elements.php"); Index: branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php =================================================================== diff -u -r2854 -r5359 --- branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php (.../step4.php) (revision 2854) +++ branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php (.../step4.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:main_import'); //admin only util $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php =================================================================== diff -u -r3284 -r5359 --- branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php (.../config_theme.php) (revision 3284) +++ branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php (.../config_theme.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:configure_themes'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.33.2/admin/browse.php =================================================================== diff -u -r5295 -r5359 --- branches/unlabeled/unlabeled-1.33.2/admin/browse.php (.../browse.php) (revision 5295) +++ branches/unlabeled/unlabeled-1.33.2/admin/browse.php (.../browse.php) (revision 5359) @@ -28,6 +28,7 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:browse'); if($application->GetVar('Action') == 'm_paste') define('REDIRECT_REQUIRED',1); // this script can issue redirect header define('REQUIRE_LAYER_HEADER', 1); @@ -71,9 +72,6 @@ } } - -$application->InitParser(); - $cat_templates = $objModules->ExecuteFunction('GetModuleInfo', 'catalog_template'); foreach ($cat_templates as $a_mod => $a_template) { if (!$a_template) continue; Index: branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php =================================================================== diff -u -r5352 -r5359 --- branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5352) +++ branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5359) @@ -276,6 +276,10 @@ $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params[ isset($params['permissions']) ? 'permissions' : 'perm_event'], 'next_template' => $t) : Array(); } + if (isset($params['index_file']) && $params['index_file']) { + $redirect_params['index_file'] = $params['index_file']; + } + return Array($redirect_template, $redirect_params); } Index: branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php =================================================================== diff -u -r5264 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php (.../sql_result.php) (revision 5264) +++ branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php (.../sql_result.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sql_query'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php =================================================================== diff -u -r3561 -r5359 --- branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php (.../backup3.php) (revision 3561) +++ branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php (.../backup3.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php =================================================================== diff -u -r2947 -r5359 --- branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php (.../backup2.php) (revision 2947) +++ branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php (.../backup2.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.106.2/globals.php =================================================================== diff -u -r4866 -r5359 --- branches/unlabeled/unlabeled-1.106.2/globals.php (.../globals.php) (revision 4866) +++ branches/unlabeled/unlabeled-1.106.2/globals.php (.../globals.php) (revision 5359) @@ -2077,5 +2077,12 @@ } return true; } + + function checkViewPermission($section_name, $system = 1) + { + $application =& kApplication::Instance(); + $application->InitParser(); + $application->ProcessParsedTag('m', 'RequireLogin', Array('permissions' => $section_name.'.view', 'system' => $system, 'index_file' => 'index.php')); + } ?> Index: branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php =================================================================== diff -u -r2948 -r5359 --- branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php (.../user_addpermission.php) (revision 2948) +++ branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php (.../user_addpermission.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php =================================================================== diff -u -r3286 -r5359 --- branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php (.../backup1.php) (revision 3286) +++ branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php (.../backup1.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php =================================================================== diff -u -r2856 -r5359 --- branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php (.../addmodule.php) (revision 2856) +++ branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php (.../addmodule.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:addmodule'); $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php =================================================================== diff -u -r5264 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php (.../sql_query.php) (revision 5264) +++ branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php (.../sql_query.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sql_query'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php =================================================================== diff -u -r3003 -r5359 --- branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php (.../tag_listing.php) (revision 3003) +++ branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php (.../tag_listing.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:tag_library'); include_once($pathtoroot."kernel/include/tag-class.php"); Index: branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php =================================================================== diff -u -r2855 -r5359 --- branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php (.../adduser_items.php) (revision 2855) +++ branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php (.../adduser_items.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.12.2/admin/reviews.php =================================================================== diff -u -r4941 -r5359 --- branches/unlabeled/unlabeled-1.12.2/admin/reviews.php (.../reviews.php) (revision 4941) +++ branches/unlabeled/unlabeled-1.12.2/admin/reviews.php (.../reviews.php) (revision 5359) @@ -28,6 +28,7 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:reviews'); define('REQUIRE_LAYER_HEADER', 1); $b_topmargin = "0"; //$b_header_addon = "