Index: branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php =================================================================== diff -u -r5303 -r5359 --- branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php (.../user_addimage.php) (revision 5303) +++ branches/unlabeled/unlabeled-1.11.2/admin/users/user_addimage.php (.../user_addimage.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); /* set the destination of the image upload, relative to the root path */ $DestDir = 'kernel/images/'; Index: branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php =================================================================== diff -u -r4078 -r5359 --- branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php (.../adduser.php) (revision 4078) +++ branches/unlabeled/unlabeled-1.25.2/admin/users/adduser.php (.../adduser.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php =================================================================== diff -u -r2859 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php (.../addrule.php) (revision 2859) +++ branches/unlabeled/unlabeled-1.6.32/admin/users/addrule.php (.../addrule.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_banlist'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php =================================================================== diff -u -r4247 -r5359 --- branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php (.../adduser_custom.php) (revision 4247) +++ branches/unlabeled/unlabeled-1.15.2/admin/users/adduser_custom.php (.../adduser_custom.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php =================================================================== diff -u -r4247 -r5359 --- branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php (.../session_list.php) (revision 4247) +++ branches/unlabeled/unlabeled-1.15.2/admin/logs/session_list.php (.../session_list.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sessionlog'); //admin only includes require_once ($pathtoroot.$admin."/include/elements.php"); Index: branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php =================================================================== diff -u -r2854 -r5359 --- branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php (.../step4.php) (revision 2854) +++ branches/unlabeled/unlabeled-1.11.32/admin/import/step4.php (.../step4.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:main_import'); //admin only util $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php =================================================================== diff -u -r3284 -r5359 --- branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php (.../config_theme.php) (revision 3284) +++ branches/unlabeled/unlabeled-1.12.20/admin/config/config_theme.php (.../config_theme.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:configure_themes'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.33.2/admin/browse.php =================================================================== diff -u -r5295 -r5359 --- branches/unlabeled/unlabeled-1.33.2/admin/browse.php (.../browse.php) (revision 5295) +++ branches/unlabeled/unlabeled-1.33.2/admin/browse.php (.../browse.php) (revision 5359) @@ -28,6 +28,7 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:browse'); if($application->GetVar('Action') == 'm_paste') define('REDIRECT_REQUIRED',1); // this script can issue redirect header define('REQUIRE_LAYER_HEADER', 1); @@ -71,9 +72,6 @@ } } - -$application->InitParser(); - $cat_templates = $objModules->ExecuteFunction('GetModuleInfo', 'catalog_template'); foreach ($cat_templates as $a_mod => $a_template) { if (!$a_template) continue; Index: branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php =================================================================== diff -u -r5352 -r5359 --- branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5352) +++ branches/unlabeled/unlabeled-1.8.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5359) @@ -276,6 +276,10 @@ $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params[ isset($params['permissions']) ? 'permissions' : 'perm_event'], 'next_template' => $t) : Array(); } + if (isset($params['index_file']) && $params['index_file']) { + $redirect_params['index_file'] = $params['index_file']; + } + return Array($redirect_template, $redirect_params); } Index: branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php =================================================================== diff -u -r5264 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php (.../sql_result.php) (revision 5264) +++ branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_result.php (.../sql_result.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sql_query'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php =================================================================== diff -u -r3561 -r5359 --- branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php (.../backup3.php) (revision 3561) +++ branches/unlabeled/unlabeled-1.5.32/admin/backup/backup3.php (.../backup3.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php =================================================================== diff -u -r2947 -r5359 --- branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php (.../backup2.php) (revision 2947) +++ branches/unlabeled/unlabeled-1.7.32/admin/backup/backup2.php (.../backup2.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.106.2/globals.php =================================================================== diff -u -r4866 -r5359 --- branches/unlabeled/unlabeled-1.106.2/globals.php (.../globals.php) (revision 4866) +++ branches/unlabeled/unlabeled-1.106.2/globals.php (.../globals.php) (revision 5359) @@ -2077,5 +2077,12 @@ } return true; } + + function checkViewPermission($section_name, $system = 1) + { + $application =& kApplication::Instance(); + $application->InitParser(); + $application->ProcessParsedTag('m', 'RequireLogin', Array('permissions' => $section_name.'.view', 'system' => $system, 'index_file' => 'index.php')); + } ?> Index: branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php =================================================================== diff -u -r2948 -r5359 --- branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php (.../user_addpermission.php) (revision 2948) +++ branches/unlabeled/unlabeled-1.9.32/admin/users/user_addpermission.php (.../user_addpermission.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php =================================================================== diff -u -r3286 -r5359 --- branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php (.../backup1.php) (revision 3286) +++ branches/unlabeled/unlabeled-1.9.20/admin/backup/backup1.php (.../backup1.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:backup'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php =================================================================== diff -u -r2856 -r5359 --- branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php (.../addmodule.php) (revision 2856) +++ branches/unlabeled/unlabeled-1.15.32/admin/modules/addmodule.php (.../addmodule.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:addmodule'); $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php =================================================================== diff -u -r5264 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php (.../sql_query.php) (revision 5264) +++ branches/unlabeled/unlabeled-1.6.32/admin/tools/sql_query.php (.../sql_query.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:sql_query'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php =================================================================== diff -u -r3003 -r5359 --- branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php (.../tag_listing.php) (revision 3003) +++ branches/unlabeled/unlabeled-1.5.26/admin/tag_listing.php (.../tag_listing.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:tag_library'); include_once($pathtoroot."kernel/include/tag-class.php"); Index: branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php =================================================================== diff -u -r2855 -r5359 --- branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php (.../adduser_items.php) (revision 2855) +++ branches/unlabeled/unlabeled-1.12.32/admin/users/adduser_items.php (.../adduser_items.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.12.2/admin/reviews.php =================================================================== diff -u -r4941 -r5359 --- branches/unlabeled/unlabeled-1.12.2/admin/reviews.php (.../reviews.php) (revision 4941) +++ branches/unlabeled/unlabeled-1.12.2/admin/reviews.php (.../reviews.php) (revision 5359) @@ -28,6 +28,7 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:reviews'); define('REQUIRE_LAYER_HEADER', 1); $b_topmargin = "0"; //$b_header_addon = "

"; Index: branches/unlabeled/unlabeled-1.60.2/kernel/units/users/users_event_handler.php =================================================================== diff -u -r4883 -r5359 --- branches/unlabeled/unlabeled-1.60.2/kernel/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4883) +++ branches/unlabeled/unlabeled-1.60.2/kernel/units/users/users_event_handler.php (.../users_event_handler.php) (revision 5359) @@ -10,6 +10,9 @@ { parent::mapPermissions(); $permissions = Array( + // admin + 'OnSetPersistantVariable' => Array('self' => 'view'), // because setting to logged in user only + // front 'OnRefreshForm' => Array('self' => true), Index: branches/unlabeled/unlabeled-1.5.32/admin/backup/export1.php =================================================================== diff -u -r3561 -r5359 --- branches/unlabeled/unlabeled-1.5.32/admin/backup/export1.php (.../export1.php) (revision 3561) +++ branches/unlabeled/unlabeled-1.5.32/admin/backup/export1.php (.../export1.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:export'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.10.2/admin/logs/searchlog.php =================================================================== diff -u -r4381 -r5359 --- branches/unlabeled/unlabeled-1.10.2/admin/logs/searchlog.php (.../searchlog.php) (revision 4381) +++ branches/unlabeled/unlabeled-1.10.2/admin/logs/searchlog.php (.../searchlog.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:searchlog'); $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.12.20/admin/users/adduser_images.php =================================================================== diff -u -r3284 -r5359 --- branches/unlabeled/unlabeled-1.12.20/admin/users/adduser_images.php (.../adduser_images.php) (revision 3284) +++ branches/unlabeled/unlabeled-1.12.20/admin/users/adduser_images.php (.../adduser_images.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.8.32/admin/tools/server_info.php =================================================================== diff -u -r2860 -r5359 --- branches/unlabeled/unlabeled-1.8.32/admin/tools/server_info.php (.../server_info.php) (revision 2860) +++ branches/unlabeled/unlabeled-1.8.32/admin/tools/server_info.php (.../server_info.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:server_info'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.32/admin/backup/restore4.php =================================================================== diff -u -r3561 -r5359 --- branches/unlabeled/unlabeled-1.5.32/admin/backup/restore4.php (.../restore4.php) (revision 3561) +++ branches/unlabeled/unlabeled-1.5.32/admin/backup/restore4.php (.../restore4.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:restore'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.11.26/admin/config/addtheme_templates.php =================================================================== diff -u -r3005 -r5359 --- branches/unlabeled/unlabeled-1.11.26/admin/config/addtheme_templates.php (.../addtheme_templates.php) (revision 3005) +++ branches/unlabeled/unlabeled-1.11.26/admin/config/addtheme_templates.php (.../addtheme_templates.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:configure_themes'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.5.2/admin/users/user_editgroup.php =================================================================== diff -u -r5154 -r5359 --- branches/unlabeled/unlabeled-1.5.2/admin/users/user_editgroup.php (.../user_editgroup.php) (revision 5154) +++ branches/unlabeled/unlabeled-1.5.2/admin/users/user_editgroup.php (.../user_editgroup.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); /* set the destination of the image upload, relative to the root path */ $DestDir = 'kernel/images/'; Index: branches/unlabeled/unlabeled-1.5.32/admin/import/step1.php =================================================================== diff -u -r3561 -r5359 --- branches/unlabeled/unlabeled-1.5.32/admin/import/step1.php (.../step1.php) (revision 3561) +++ branches/unlabeled/unlabeled-1.5.32/admin/import/step1.php (.../step1.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:main_import'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot.$admin."/include/elements.php"); Index: branches/unlabeled/unlabeled-1.6.10/admin/import/step2.php =================================================================== diff -u -r3666 -r5359 --- branches/unlabeled/unlabeled-1.6.10/admin/import/step2.php (.../step2.php) (revision 3666) +++ branches/unlabeled/unlabeled-1.6.10/admin/import/step2.php (.../step2.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:main_import'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot.$admin."/include/elements.php"); Index: branches/unlabeled/unlabeled-1.6.10/admin/import/step3.php =================================================================== diff -u -r3666 -r5359 --- branches/unlabeled/unlabeled-1.6.10/admin/import/step3.php (.../step3.php) (revision 3666) +++ branches/unlabeled/unlabeled-1.6.10/admin/import/step3.php (.../step3.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:main_import'); //admin only util $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.8.26/admin/config/edit_template.php =================================================================== diff -u -r3107 -r5359 --- branches/unlabeled/unlabeled-1.8.26/admin/config/edit_template.php (.../edit_template.php) (revision 3107) +++ branches/unlabeled/unlabeled-1.8.26/admin/config/edit_template.php (.../edit_template.php) (revision 5359) @@ -21,6 +21,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:configure_themes'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.8.2/kernel/units/general/helpers/permissions_helper.php =================================================================== diff -u -r5352 -r5359 --- branches/unlabeled/unlabeled-1.8.2/kernel/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5352) +++ branches/unlabeled/unlabeled-1.8.2/kernel/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5359) @@ -276,6 +276,10 @@ $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params[ isset($params['permissions']) ? 'permissions' : 'perm_event'], 'next_template' => $t) : Array(); } + if (isset($params['index_file']) && $params['index_file']) { + $redirect_params['index_file'] = $params['index_file']; + } + return Array($redirect_template, $redirect_params); } Index: branches/unlabeled/unlabeled-1.9.32/admin/logs/email_log.php =================================================================== diff -u -r2948 -r5359 --- branches/unlabeled/unlabeled-1.9.32/admin/logs/email_log.php (.../email_log.php) (revision 2948) +++ branches/unlabeled/unlabeled-1.9.32/admin/logs/email_log.php (.../email_log.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:emaillog'); //admin only includes require_once ($pathtoroot.$admin."/include/elements.php"); Index: branches/unlabeled/unlabeled-1.7.32/admin/logs/summary.php =================================================================== diff -u -r2947 -r5359 --- branches/unlabeled/unlabeled-1.7.32/admin/logs/summary.php (.../summary.php) (revision 2947) +++ branches/unlabeled/unlabeled-1.7.32/admin/logs/summary.php (.../summary.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:log_summary'); $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.7.32/admin/config/edit_banlist.php =================================================================== diff -u -r2947 -r5359 --- branches/unlabeled/unlabeled-1.7.32/admin/config/edit_banlist.php (.../edit_banlist.php) (revision 2947) +++ branches/unlabeled/unlabeled-1.7.32/admin/config/edit_banlist.php (.../edit_banlist.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_banlist'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.14.2/admin/config/addtheme.php =================================================================== diff -u -r5023 -r5359 --- branches/unlabeled/unlabeled-1.14.2/admin/config/addtheme.php (.../addtheme.php) (revision 5023) +++ branches/unlabeled/unlabeled-1.14.2/admin/config/addtheme.php (.../addtheme.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:configure_themes'); /* set the destination of the image upload, relative to the root path */ $DestDir = 'kernel/images/'; Index: branches/unlabeled/unlabeled-1.18.32/admin/users/user_list.php =================================================================== diff -u -r2857 -r5359 --- branches/unlabeled/unlabeled-1.18.32/admin/users/user_list.php (.../user_list.php) (revision 2857) +++ branches/unlabeled/unlabeled-1.18.32/admin/users/user_list.php (.../user_list.php) (revision 5359) @@ -20,6 +20,8 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); + require_login(); $pathtolocal = $pathtoroot."kernel/"; Index: branches/unlabeled/unlabeled-1.60.2/core/units/users/users_event_handler.php =================================================================== diff -u -r4883 -r5359 --- branches/unlabeled/unlabeled-1.60.2/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4883) +++ branches/unlabeled/unlabeled-1.60.2/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 5359) @@ -10,6 +10,9 @@ { parent::mapPermissions(); $permissions = Array( + // admin + 'OnSetPersistantVariable' => Array('self' => 'view'), // because setting to logged in user only + // front 'OnRefreshForm' => Array('self' => true), Index: branches/unlabeled/unlabeled-1.17.10/admin/users/adduser_groups.php =================================================================== diff -u -r3669 -r5359 --- branches/unlabeled/unlabeled-1.17.10/admin/users/adduser_groups.php (.../adduser_groups.php) (revision 3669) +++ branches/unlabeled/unlabeled-1.17.10/admin/users/adduser_groups.php (.../adduser_groups.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.7.20/admin/backup/restore2.php =================================================================== diff -u -r3304 -r5359 --- branches/unlabeled/unlabeled-1.7.20/admin/backup/restore2.php (.../restore2.php) (revision 3304) +++ branches/unlabeled/unlabeled-1.7.20/admin/backup/restore2.php (.../restore2.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:restore'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.6.32/admin/backup/restore1.php =================================================================== diff -u -r2859 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/backup/restore1.php (.../restore1.php) (revision 2859) +++ branches/unlabeled/unlabeled-1.6.32/admin/backup/restore1.php (.../restore1.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:restore'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php"); Index: branches/unlabeled/unlabeled-1.24.2/admin/advanced_view.php =================================================================== diff -u -r4851 -r5359 --- branches/unlabeled/unlabeled-1.24.2/admin/advanced_view.php (.../advanced_view.php) (revision 4851) +++ branches/unlabeled/unlabeled-1.24.2/admin/advanced_view.php (.../advanced_view.php) (revision 5359) @@ -28,6 +28,7 @@ require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:advanced_view'); define('REQUIRE_LAYER_HEADER', 1); $b_topmargin = "0"; //$b_header_addon = "

"; Index: branches/unlabeled/unlabeled-1.7.20/admin/users/banuser.php =================================================================== diff -u -r3304 -r5359 --- branches/unlabeled/unlabeled-1.7.20/admin/users/banuser.php (.../banuser.php) (revision 3304) +++ branches/unlabeled/unlabeled-1.7.20/admin/users/banuser.php (.../banuser.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); @@ -45,7 +46,7 @@ $objUsers->CreateEmptyEditTable("PortalUserId"); $objRelList->CreateEmptyEditTable("RelationshipId"); $objImages->CreateEmptyEditTable("ResourceId"); - $objCustomDataList->CreateEmptyEditTable("CustomDataId"); + $objCustomDataList->CreateEmptyEditTable('u'); $objUserGroupsList->CreateEmptyEditTable("PortalUserId"); } else @@ -71,7 +72,7 @@ $ids = $objEditItems->GetResourceIDList(); $objRelList->CopyToEditTable("SourceId",$ids); $objImages->CopyToEditTable("ResourceId",$ids); - $objCustomDataList->CopyToEditTable("ResourceId",$ids); + $objCustomDataList->CopyToEditTable('u', $ids); $objUserGroupsList->CopyToEditTable("PortalUserId", $user_ids); } Index: branches/unlabeled/unlabeled-1.10.26/admin/users/adduser_permissions.php =================================================================== diff -u -r3002 -r5359 --- branches/unlabeled/unlabeled-1.10.26/admin/users/adduser_permissions.php (.../adduser_permissions.php) (revision 3002) +++ branches/unlabeled/unlabeled-1.10.26/admin/users/adduser_permissions.php (.../adduser_permissions.php) (revision 5359) @@ -19,6 +19,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:user_list'); require_once ($pathtoroot.$admin."/include/elements.php"); require_once ($pathtoroot."kernel/admin/include/navmenu.php"); Index: branches/unlabeled/unlabeled-1.6.32/admin/backup/restore3.php =================================================================== diff -u -r2859 -r5359 --- branches/unlabeled/unlabeled-1.6.32/admin/backup/restore3.php (.../restore3.php) (revision 2859) +++ branches/unlabeled/unlabeled-1.6.32/admin/backup/restore3.php (.../restore3.php) (revision 5359) @@ -6,6 +6,7 @@ define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) ); require_once FULL_PATH.'/kernel/startup.php'; // new startup: end +checkViewPermission('in-portal:restore'); $pathtolocal = $pathtoroot."kernel/"; require_once ($pathtoroot."admin/include/elements.php");