diff options
| -rw-r--r-- | edit.php | 13 | ||||
| -rw-r--r-- | templates/list_topics.tpl | 6 | ||||
| -rw-r--r-- | templates/post_display.tpl | 4 |
3 files changed, 14 insertions, 9 deletions
@@ -1,6 +1,6 @@ <?php /** - * $Header: /cvsroot/bitweaver/_bit_boards/edit.php,v 1.8 2008/04/17 14:32:28 wjames5 Exp $ + * $Header: /cvsroot/bitweaver/_bit_boards/edit.php,v 1.9 2008/04/25 20:00:54 wjames5 Exp $ * Copyright (c) 2004 bitweaver Messageboards * All Rights Reserved. See copyright.txt for details and a complete list of authors. * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. @@ -16,15 +16,20 @@ require_once( '../bit_setup_inc.php' ); // Is package installed and enabled $gBitSystem->verifyPackage( 'boards' ); -// Now check permissions to access this page -$gBitSystem->verifyPermission('p_boards_edit' ); - if( isset( $_REQUEST['bitboard']['board_id'] ) ) { $_REQUEST['b'] = $_REQUEST['bitboard']['board_id']; } require_once(BOARDS_PKG_PATH.'lookup_inc.php' ); +//must be owner or admin to edit an existing board +if( $gContent->isValid() ) { + $gContent->verifyEditPermission(); +} else { + $gBitSystem->verifyPermission( 'p_boards_edit' ); +} + +// Editing page needs general ticket verification if( isset( $_REQUEST['bitboard']["title"] ) ) { $gContent->mInfo["title"] = $_REQUEST['bitboard']["title"]; } diff --git a/templates/list_topics.tpl b/templates/list_topics.tpl index 2738c15..61bd5e7 100644 --- a/templates/list_topics.tpl +++ b/templates/list_topics.tpl @@ -1,4 +1,4 @@ -{* $Header: /cvsroot/bitweaver/_bit_boards/templates/list_topics.tpl,v 1.19 2008/04/21 20:08:21 wjames5 Exp $ *} +{* $Header: /cvsroot/bitweaver/_bit_boards/templates/list_topics.tpl,v 1.20 2008/04/25 20:00:54 wjames5 Exp $ *} {strip} <div class="listing boards"> <div class="floaticon"> @@ -6,10 +6,10 @@ {if $board->getPreference('boards_mailing_list') || $board->hasAdminPermission()} <a class="item" href="{$smarty.const.BOARDS_PKG_URL}mailing_list.php?b={$board->mInfo.board_id}" title="{tr}Message Board Mailing List{/tr}">{biticon ipackage="icons" iname="internet-mail" iexplain="Edit Message Board"}</a> {/if} - {if $gBitUser->hasPermission( 'p_boards_edit' )} + {if $board->hasEditPermission()} <a title="{tr}Edit message board{/tr}" href="{$smarty.const.BOARDS_PKG_URL}edit.php?b={$board->mInfo.board_id}">{biticon ipackage="icons" iname="accessories-text-editor" iexplain="Edit Message Board"}</a> {/if} - {if $gBitUser->hasPermission( 'p_boards_remove' )} + {if $board->hasUserPermission( 'p_boards_remove', TRUE, TRUE )} <a title="{tr}Remove message board{/tr}" href="{$smarty.const.BOARDS_PKG_URL}board.php?remove=1&b={$board->mInfo.board_id}">{biticon ipackage="icons" iname="edit-delete" iexplain="Remove Message Board"}</a> {/if} {/if}<!-- end print_page --> diff --git a/templates/post_display.tpl b/templates/post_display.tpl index 74bdb1a..565dbf6 100644 --- a/templates/post_display.tpl +++ b/templates/post_display.tpl @@ -31,10 +31,10 @@ {if $comment.editable} <a href="{$comments_return_url}&post_comment_id={$comment.comment_id}&post_comment_request=1#editcomments" rel="nofollow">{biticon ipackage="icons" iname="accessories-text-editor" iexplain="Edit" iforce="icon"}</a> {/if} - {if $gBitUser->hasPermission( 'p_liberty_admin_comments' )} + {if $board->hasUserPermission( 'p_liberty_admin_comments' )} <a href="{$comments_return_url}&delete_comment_id={$comment.comment_id}" rel="nofollow">{biticon ipackage="icons" iname="edit-delete" iexplain="Remove" iforce="icon"}</a> {/if} - {if $gBitUser->hasPermission( 'p_boards_edit' ) && (($comment.user_id<0 && $comment.is_approved==0)||$comment.user_id>=0) && !$comment.is_warned} + {if $board->hasUserPermission( 'p_boards_edit' ) && (($comment.user_id<0 && $comment.is_approved==0)||$comment.user_id>=0) && !$comment.is_warned} {if $comment.user_id<0 && $comment.is_approved==0} <a title="{tr}Approve this post{/tr}" href="{$smarty.const.BOARDS_PKG_URL}post.php?t={$thread->mRootId}&action=1&comment_id={$comment.comment_id}"> {biticon ipackage="icons" iname="list-add" iexplain="Approve Post" iforce="icon"} |
