summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--edit.php13
-rw-r--r--templates/list_topics.tpl6
-rw-r--r--templates/post_display.tpl4
3 files changed, 14 insertions, 9 deletions
diff --git a/edit.php b/edit.php
index 07018aa..a354c89 100644
--- a/edit.php
+++ b/edit.php
@@ -1,6 +1,6 @@
<?php
/**
- * $Header: /cvsroot/bitweaver/_bit_boards/edit.php,v 1.8 2008/04/17 14:32:28 wjames5 Exp $
+ * $Header: /cvsroot/bitweaver/_bit_boards/edit.php,v 1.9 2008/04/25 20:00:54 wjames5 Exp $
* Copyright (c) 2004 bitweaver Messageboards
* All Rights Reserved. See copyright.txt for details and a complete list of authors.
* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
@@ -16,15 +16,20 @@ require_once( '../bit_setup_inc.php' );
// Is package installed and enabled
$gBitSystem->verifyPackage( 'boards' );
-// Now check permissions to access this page
-$gBitSystem->verifyPermission('p_boards_edit' );
-
if( isset( $_REQUEST['bitboard']['board_id'] ) ) {
$_REQUEST['b'] = $_REQUEST['bitboard']['board_id'];
}
require_once(BOARDS_PKG_PATH.'lookup_inc.php' );
+//must be owner or admin to edit an existing board
+if( $gContent->isValid() ) {
+ $gContent->verifyEditPermission();
+} else {
+ $gBitSystem->verifyPermission( 'p_boards_edit' );
+}
+
+// Editing page needs general ticket verification
if( isset( $_REQUEST['bitboard']["title"] ) ) {
$gContent->mInfo["title"] = $_REQUEST['bitboard']["title"];
}
diff --git a/templates/list_topics.tpl b/templates/list_topics.tpl
index 2738c15..61bd5e7 100644
--- a/templates/list_topics.tpl
+++ b/templates/list_topics.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_boards/templates/list_topics.tpl,v 1.19 2008/04/21 20:08:21 wjames5 Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_boards/templates/list_topics.tpl,v 1.20 2008/04/25 20:00:54 wjames5 Exp $ *}
{strip}
<div class="listing boards">
<div class="floaticon">
@@ -6,10 +6,10 @@
{if $board->getPreference('boards_mailing_list') || $board->hasAdminPermission()}
<a class="item" href="{$smarty.const.BOARDS_PKG_URL}mailing_list.php?b={$board->mInfo.board_id}" title="{tr}Message Board Mailing List{/tr}">{biticon ipackage="icons" iname="internet-mail" iexplain="Edit Message Board"}</a>
{/if}
- {if $gBitUser->hasPermission( 'p_boards_edit' )}
+ {if $board->hasEditPermission()}
<a title="{tr}Edit message board{/tr}" href="{$smarty.const.BOARDS_PKG_URL}edit.php?b={$board->mInfo.board_id}">{biticon ipackage="icons" iname="accessories-text-editor" iexplain="Edit Message Board"}</a>
{/if}
- {if $gBitUser->hasPermission( 'p_boards_remove' )}
+ {if $board->hasUserPermission( 'p_boards_remove', TRUE, TRUE )}
<a title="{tr}Remove message board{/tr}" href="{$smarty.const.BOARDS_PKG_URL}board.php?remove=1&amp;b={$board->mInfo.board_id}">{biticon ipackage="icons" iname="edit-delete" iexplain="Remove Message Board"}</a>
{/if}
{/if}<!-- end print_page -->
diff --git a/templates/post_display.tpl b/templates/post_display.tpl
index 74bdb1a..565dbf6 100644
--- a/templates/post_display.tpl
+++ b/templates/post_display.tpl
@@ -31,10 +31,10 @@
{if $comment.editable}
<a href="{$comments_return_url}&amp;post_comment_id={$comment.comment_id}&amp;post_comment_request=1#editcomments" rel="nofollow">{biticon ipackage="icons" iname="accessories-text-editor" iexplain="Edit" iforce="icon"}</a>
{/if}
- {if $gBitUser->hasPermission( 'p_liberty_admin_comments' )}
+ {if $board->hasUserPermission( 'p_liberty_admin_comments' )}
<a href="{$comments_return_url}&amp;delete_comment_id={$comment.comment_id}" rel="nofollow">{biticon ipackage="icons" iname="edit-delete" iexplain="Remove" iforce="icon"}</a>
{/if}
- {if $gBitUser->hasPermission( 'p_boards_edit' ) && (($comment.user_id<0 && $comment.is_approved==0)||$comment.user_id>=0) && !$comment.is_warned}
+ {if $board->hasUserPermission( 'p_boards_edit' ) && (($comment.user_id<0 && $comment.is_approved==0)||$comment.user_id>=0) && !$comment.is_warned}
{if $comment.user_id<0 && $comment.is_approved==0}
<a title="{tr}Approve this post{/tr}" href="{$smarty.const.BOARDS_PKG_URL}post.php?t={$thread->mRootId}&amp;action=1&amp;comment_id={$comment.comment_id}">
{biticon ipackage="icons" iname="list-add" iexplain="Approve Post" iforce="icon"}