diff options
| author | Max Kremmel <xing@synapse.plus.com> | 2007-09-11 19:45:43 +0000 |
|---|---|---|
| committer | Max Kremmel <xing@synapse.plus.com> | 2007-09-11 19:45:43 +0000 |
| commit | 5d81342f3b4a4e0563385320e80c36525e2c4a61 (patch) | |
| tree | efdaf3c0a1a301462cc958af7f94dba4d004fce4 /read.php | |
| parent | 6d30434e027f0f1ad4c0300f0dad696f2a69d53e (diff) | |
| download | articles-5d81342f3b4a4e0563385320e80c36525e2c4a61.tar.gz articles-5d81342f3b4a4e0563385320e80c36525e2c4a61.tar.bz2 articles-5d81342f3b4a4e0563385320e80c36525e2c4a61.zip | |
fix permission checks to use gContent permission checks onlyPRE_LIB_ATTACHMENT_REFACTOR
Diffstat (limited to 'read.php')
| -rw-r--r-- | read.php | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -1,6 +1,6 @@ <?php /** - * @version $Header: /cvsroot/bitweaver/_bit_articles/read.php,v 1.21 2007/07/06 16:37:22 squareing Exp $ + * @version $Header: /cvsroot/bitweaver/_bit_articles/read.php,v 1.22 2007/09/11 19:45:43 squareing Exp $ * @package article * @subpackage functions */ @@ -13,7 +13,6 @@ require_once( '../bit_setup_inc.php' ); require_once( ARTICLES_PKG_PATH.'BitArticle.php' ); $gBitSystem->verifyPackage( 'articles' ); -$gBitSystem->verifyPermission( 'p_articles_read' ); if( !@BitBase::verifyId( $_REQUEST["article_id"] )) { $gBitSystem->fatalError( tra( "No article indicated" )); @@ -26,6 +25,8 @@ if( !$gContent->isValid() ) { $gBitSystem->fatalError( tra( 'Article cannot be found' )); } +$gContent->verifyPermission( 'p_articles_read' ); + // additionally we need to check if this article is a submission and see if user has perms to view it. if( $gContent->getField( 'status_id' ) != ARTICLE_STATUS_APPROVED ) { if( !( $gContent->hasUserPermission( 'p_articles_edit_submission' ) || $gContent->hasUserPermission( 'p_articles_approve_submission' ))) { |