diff options
| author | patdenice <patdenice@piwigo.org> | 2010-12-14 13:47:24 +0000 |
|---|---|---|
| committer | patdenice <patdenice@piwigo.org> | 2010-12-14 13:47:24 +0000 |
| commit | 731f8888a45d4b48e94bff05187e0e2ca40d4ef5 (patch) | |
| tree | 1fc44a3a59beafe636b74127498d0ed62decdc76 | |
| parent | bf1aa6fcf1f6d9038a0723e4f0213e416ec5ee62 (diff) | |
feature 2060: Remove adviser mode.
First commit: only php files.
git-svn-id: http://piwigo.org/svn/trunk@8126 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
28 files changed, 120 insertions, 161 deletions
diff --git a/admin/cat_list.php b/admin/cat_list.php index dd79287bd..98dfecc03 100644 --- a/admin/cat_list.php +++ b/admin/cat_list.php @@ -103,7 +103,7 @@ $navigation.= '</a>'; // | virtual categories management | // +-----------------------------------------------------------------------+ // request to delete a virtual category / not for an adviser -if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser()) +if (isset($_GET['delete']) and is_numeric($_GET['delete'])) { delete_categories(array($_GET['delete'])); array_push($page['infos'], l10n('Virtual album deleted')); diff --git a/admin/comments.php b/admin/comments.php index 4bb4490ac..7bafef70a 100644 --- a/admin/comments.php +++ b/admin/comments.php @@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR); // | actions | // +-----------------------------------------------------------------------+ -if (!empty($_POST) and !is_adviser()) +if (!empty($_POST)) { if (empty($_POST['comments'])) { diff --git a/admin/configuration.php b/admin/configuration.php index 0f088cc3e..36a2901ae 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -106,7 +106,7 @@ $display_info_checkboxes = array( ); //------------------------------ verification and registration of modifications -if (isset($_POST['submit']) and !is_adviser()) +if (isset($_POST['submit'])) { $int_pattern = '/^\d+$/'; @@ -323,14 +323,11 @@ switch ($page['section']) include_once(PHPWG_ROOT_PATH.'profile.php'); $errors = array(); - if ( !is_adviser() ) + if (save_profile_from_post($edit_user, $errors)) { - if (save_profile_from_post($edit_user, $errors)) - { - // Reload user - $edit_user = build_user($conf['guest_id'], false); - array_push($page['infos'], l10n('Information data registered in database')); - } + // Reload user + $edit_user = build_user($conf['guest_id'], false); + array_push($page['infos'], l10n('Information data registered in database')); } $page['errors'] = array_merge($page['errors'], $errors); diff --git a/admin/extend_for_templates.php b/admin/extend_for_templates.php index a6cd56d92..a36b60b03 100644 --- a/admin/extend_for_templates.php +++ b/admin/extend_for_templates.php @@ -117,7 +117,7 @@ $available_templates = array_merge( // | selected templates | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit']) and !is_adviser()) +if (isset($_POST['submit'])) { $replacements = array(); $i = 0; diff --git a/admin/group_list.php b/admin/group_list.php index d79b3aa9a..a7a8f8a83 100644 --- a/admin/group_list.php +++ b/admin/group_list.php @@ -42,7 +42,7 @@ if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default'] // | delete a group | // +-----------------------------------------------------------------------+ -if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser()) +if (isset($_GET['delete']) and is_numeric($_GET['delete'])) { // destruction of the access linked to the group $query = ' @@ -85,7 +85,7 @@ DELETE // | add a group | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit_add']) and !is_adviser()) +if (isset($_POST['submit_add'])) { if (empty($_POST['groupname'])) { @@ -127,7 +127,7 @@ INSERT INTO '.GROUPS_TABLE.' // | toggle is default group property | // +-----------------------------------------------------------------------+ -if (isset($_GET['toggle_is_default']) and is_numeric($_GET['toggle_is_default']) and !is_adviser()) +if (isset($_GET['toggle_is_default']) and is_numeric($_GET['toggle_is_default'])) { $query = ' SELECT name, is_default diff --git a/admin/include/check_integrity.class.php b/admin/include/check_integrity.class.php index 70c8d73ac..da86761c7 100644 --- a/admin/include/check_integrity.class.php +++ b/admin/include/check_integrity.class.php @@ -77,80 +77,77 @@ class check_integrity } // Treatments - if (!is_adviser()) + if (isset($_POST['c13y_submit_correction']) and isset($_POST['c13y_selection'])) { - if (isset($_POST['c13y_submit_correction']) and isset($_POST['c13y_selection'])) - { - $corrected_count = 0; - $not_corrected_count = 0; + $corrected_count = 0; + $not_corrected_count = 0; - foreach ($this->retrieve_list as $i => $c13y) + foreach ($this->retrieve_list as $i => $c13y) + { + if (!empty($c13y['correction_fct']) and + $c13y['is_callable'] and + in_array($c13y['id'], $_POST['c13y_selection'])) { - if (!empty($c13y['correction_fct']) and - $c13y['is_callable'] and - in_array($c13y['id'], $_POST['c13y_selection'])) + if (is_array($c13y['correction_fct_args'])) { - if (is_array($c13y['correction_fct_args'])) - { - $args = $c13y['correction_fct_args']; - } - else - if (!is_null($c13y['correction_fct_args'])) - { - $args = array($c13y['correction_fct_args']); - } - else - { - $args = array(); - } - $this->retrieve_list[$i]['corrected'] = call_user_func_array($c13y['correction_fct'], $args); + $args = $c13y['correction_fct_args']; + } + else + if (!is_null($c13y['correction_fct_args'])) + { + $args = array($c13y['correction_fct_args']); + } + else + { + $args = array(); + } + $this->retrieve_list[$i]['corrected'] = call_user_func_array($c13y['correction_fct'], $args); - if ($this->retrieve_list[$i]['corrected']) - { - $corrected_count += 1; - } - else - { - $not_corrected_count += 1; - } + if ($this->retrieve_list[$i]['corrected']) + { + $corrected_count += 1; + } + else + { + $not_corrected_count += 1; } } + } - if ($corrected_count > 0) - { - $page['infos'][] = - l10n_dec('%d anomaly has been corrected.', '%d anomalies have been detected corrected.', - $corrected_count); - } - if ($not_corrected_count > 0) - { - $page['errors'][] = - l10n_dec('%d anomaly has not been corrected.', '%d anomalies have not been corrected.', - $not_corrected_count); - } + if ($corrected_count > 0) + { + $page['infos'][] = + l10n_dec('%d anomaly has been corrected.', '%d anomalies have been detected corrected.', + $corrected_count); } - else + if ($not_corrected_count > 0) { - if (isset($_POST['c13y_submit_ignore']) and isset($_POST['c13y_selection'])) - { - $ignored_count = 0; + $page['errors'][] = + l10n_dec('%d anomaly has not been corrected.', '%d anomalies have not been corrected.', + $not_corrected_count); + } + } + else + { + if (isset($_POST['c13y_submit_ignore']) and isset($_POST['c13y_selection'])) + { + $ignored_count = 0; - foreach ($this->retrieve_list as $i => $c13y) + foreach ($this->retrieve_list as $i => $c13y) + { + if (in_array($c13y['id'], $_POST['c13y_selection'])) { - if (in_array($c13y['id'], $_POST['c13y_selection'])) - { - $this->build_ignore_list[] = $c13y['id']; - $this->retrieve_list[$i]['ignored'] = true; - $ignored_count += 1; - } + $this->build_ignore_list[] = $c13y['id']; + $this->retrieve_list[$i]['ignored'] = true; + $ignored_count += 1; } + } - if ($ignored_count > 0) - { - $page['infos'][] = - l10n_dec('%d anomaly has been ignored.', '%d anomalies have been ignored.', - $ignored_count); - } + if ($ignored_count > 0) + { + $page['infos'][] = + l10n_dec('%d anomaly has been ignored.', '%d anomalies have been ignored.', + $ignored_count); } } } diff --git a/admin/languages_installed.php b/admin/languages_installed.php index 98c085ed3..bfd16fd67 100644 --- a/admin/languages_installed.php +++ b/admin/languages_installed.php @@ -37,7 +37,7 @@ $languages->get_db_languages(); $languages->set_tabsheet($page['page']); //--------------------------------------------------perform requested actions -if (isset($_GET['action']) and isset($_GET['language']) and !is_adviser()) +if (isset($_GET['action']) and isset($_GET['language'])) { $page['errors'] = $languages->perform_action($_GET['action'], $_GET['language']); diff --git a/admin/languages_new.php b/admin/languages_new.php index f80ee33ee..6e673028f 100644 --- a/admin/languages_new.php +++ b/admin/languages_new.php @@ -56,7 +56,7 @@ if (!is_writable($languages_dir)) // | perform installation | // +-----------------------------------------------------------------------+ -if (isset($_GET['revision']) and !is_adviser()) +if (isset($_GET['revision'])) { if (!is_webmaster()) { diff --git a/admin/maintenance.php b/admin/maintenance.php index 06b80862f..09f90ce68 100644 --- a/admin/maintenance.php +++ b/admin/maintenance.php @@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR); // | actions | // +-----------------------------------------------------------------------+ -$action = (isset($_GET['action']) and !is_adviser()) ? $_GET['action'] : ''; +$action = isset($_GET['action']) ? $_GET['action'] : ''; switch ($action) { diff --git a/admin/menubar.php b/admin/menubar.php index 1449b4510..65f2bfea3 100644 --- a/admin/menubar.php +++ b/admin/menubar.php @@ -64,7 +64,7 @@ foreach ($mb_conf as $id => $pos) unset($mb_conf[$id]); } -if ( isset($_POST['reset']) and !is_adviser()) +if ( isset($_POST['reset'])) { $mb_conf = array(); $query = ' @@ -85,7 +85,7 @@ foreach ($reg_blocks as $id => $block) } -if ( isset($_POST['submit']) and !is_adviser() ) +if ( isset($_POST['submit']) ) { foreach ( $mb_conf as $id => $pos ) { diff --git a/admin/notification_by_mail.php b/admin/notification_by_mail.php index 602c67394..4c7007d91 100644 --- a/admin/notification_by_mail.php +++ b/admin/notification_by_mail.php @@ -506,7 +506,7 @@ switch ($page['mode']) { case 'param' : { - if (isset($_POST['param_submit']) and !is_adviser()) + if (isset($_POST['param_submit'])) { $updated_param_count = 0; // Update param @@ -539,26 +539,23 @@ where } case 'subscribe' : { - if (!is_adviser()) + if (isset($_POST['falsify']) and isset($_POST['cat_true'])) { - if (isset($_POST['falsify']) and isset($_POST['cat_true'])) - { - $check_key_treated = unsubscribe_notification_by_mail(true, $_POST['cat_true']); - do_timeout_treatment('cat_true', $check_key_treated); - } - else - if (isset($_POST['trueify']) and isset($_POST['cat_false'])) - { - $check_key_treated = subscribe_notification_by_mail(true, $_POST['cat_false']); - do_timeout_treatment('cat_false', $check_key_treated); - } + $check_key_treated = unsubscribe_notification_by_mail(true, $_POST['cat_true']); + do_timeout_treatment('cat_true', $check_key_treated); + } + else + if (isset($_POST['trueify']) and isset($_POST['cat_false'])) + { + $check_key_treated = subscribe_notification_by_mail(true, $_POST['cat_false']); + do_timeout_treatment('cat_false', $check_key_treated); } break; } case 'send' : { - if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']) and !is_adviser()) + if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content'])) { $check_key_treated = do_action_send_mail_notification('send', $_POST['send_selection'], stripslashes($_POST['send_customize_mail_content'])); do_timeout_treatment('send_selection', $check_key_treated); diff --git a/admin/permalinks.php b/admin/permalinks.php index 7ec83efc2..a3732e9fe 100644 --- a/admin/permalinks.php +++ b/admin/permalinks.php @@ -83,7 +83,7 @@ if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); include_once(PHPWG_ROOT_PATH.'admin/include/functions_permalinks.php'); $selected_cat = array(); -if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 and !is_adviser() ) +if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 ) { $permalink = $_POST['permalink']; if ( empty($permalink) ) @@ -92,7 +92,7 @@ if ( isset($_POST['set_permalink']) and $_POST['cat_id']>0 and !is_adviser() ) set_cat_permalink($_POST['cat_id'], $permalink, isset($_POST['save']) ); $selected_cat = array( $_POST['cat_id'] ); } -elseif ( isset($_GET['delete_permanent']) and !is_adviser() ) +elseif ( isset($_GET['delete_permanent']) ) { $query = ' DELETE FROM '.OLD_PERMALINKS_TABLE.' diff --git a/admin/picture_modify.php b/admin/picture_modify.php index 4d15a9206..db776c6d3 100644 --- a/admin/picture_modify.php +++ b/admin/picture_modify.php @@ -40,7 +40,7 @@ check_input_parameter('cat_id', $_GET, false, PATTERN_ID); // | synchronize metadata | // +-----------------------------------------------------------------------+ -if (isset($_GET['sync_metadata']) and !is_adviser()) +if (isset($_GET['sync_metadata'])) { $query = ' SELECT path @@ -70,7 +70,7 @@ if (isset($_POST['date_creation_action']) } } -if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser()) +if (isset($_POST['submit']) and count($page['errors']) == 0) { $data = array(); $data{'id'} = $_GET['image_id']; @@ -124,7 +124,6 @@ if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser()) if (isset($_POST['associate']) and isset($_POST['cat_dissociated']) and count($_POST['cat_dissociated']) > 0 - and !is_adviser() ) { associate_images_to_categories( @@ -136,7 +135,6 @@ if (isset($_POST['associate']) if (isset($_POST['dissociate']) and isset($_POST['cat_associated']) and count($_POST['cat_associated']) > 0 - and !is_adviser() ) { $query = ' @@ -152,7 +150,6 @@ DELETE FROM '.IMAGE_CATEGORY_TABLE.' if (isset($_POST['elect']) and isset($_POST['cat_dismissed']) and count($_POST['cat_dismissed']) > 0 - and !is_adviser() ) { $datas = array(); @@ -170,7 +167,6 @@ if (isset($_POST['elect']) if (isset($_POST['dismiss']) and isset($_POST['cat_elected']) and count($_POST['cat_elected']) > 0 - and !is_adviser() ) { set_random_representant($_POST['cat_elected']); diff --git a/admin/plugins_list.php b/admin/plugins_list.php index 0e0076a56..66a3a9cd6 100644 --- a/admin/plugins_list.php +++ b/admin/plugins_list.php @@ -36,7 +36,7 @@ $action_url = $base_url.'&plugin='.'%s'.'&pwg_token='.get_pwg_token(); $plugins = new plugins(); //--------------------------------------------------perform requested actions -if (isset($_GET['action']) and isset($_GET['plugin']) and !is_adviser()) +if (isset($_GET['action']) and isset($_GET['plugin'])) { check_pwg_token(); diff --git a/admin/plugins_update.php b/admin/plugins_update.php index 332c97cb4..f3e0386ff 100644 --- a/admin/plugins_update.php +++ b/admin/plugins_update.php @@ -35,7 +35,7 @@ $base_url = get_root_url().'admin.php?page='.$page['page']; $plugins = new plugins(); //-----------------------------------------------------------automatic upgrade -if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser()) +if (isset($_GET['plugin']) and isset($_GET['revision'])) { if (!is_webmaster()) { diff --git a/admin/profile.php b/admin/profile.php index ebb372518..7b0ad707c 100644 --- a/admin/profile.php +++ b/admin/profile.php @@ -33,10 +33,7 @@ if (!empty($_POST)) include_once(PHPWG_ROOT_PATH.'profile.php'); $errors = array(); -if ( !is_adviser() ) -{ - save_profile_from_post($edit_user, $errors); -} +save_profile_from_post($edit_user, $errors); load_profile_in_template( get_root_url().'admin.php?page=profile&user_id='.$edit_user['id'], diff --git a/admin/rating.php b/admin/rating.php index 6fa1c585c..aa19a8953 100644 --- a/admin/rating.php +++ b/admin/rating.php @@ -70,7 +70,7 @@ if (isset($_GET['users'])) } } -if (isset($_GET['del']) and !is_adviser()) +if (isset($_GET['del'])) { $del_params = urldecode( $_GET['del'] ); parse_str($del_params, $vars); diff --git a/admin/site_manager.php b/admin/site_manager.php index b125f6181..1b625ec46 100644 --- a/admin/site_manager.php +++ b/admin/site_manager.php @@ -83,8 +83,7 @@ $template->set_filenames(array('site_manager'=>'site_manager.tpl')); // +-----------------------------------------------------------------------+ // | new site creation form | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit']) and !empty($_POST['galleries_url']) - and !is_adviser() ) +if (isset($_POST['submit']) and !empty($_POST['galleries_url'])) { $is_remote = url_is_remote( $_POST['galleries_url'] ); $url = preg_replace('/[\/]*$/', '', $_POST['galleries_url']); @@ -167,7 +166,7 @@ if (isset($_GET['site']) and is_numeric($_GET['site'])) { $page['site'] = $_GET['site']; } -if (isset($_GET['action']) and isset($page['site']) and !is_adviser()) +if (isset($_GET['action']) and isset($page['site'])) { $query = ' SELECT galleries_url diff --git a/admin/site_update.php b/admin/site_update.php index 17e5dd205..6c2e74c60 100644 --- a/admin/site_update.php +++ b/admin/site_update.php @@ -108,7 +108,7 @@ if (isset($_POST['submit'])) } // shall we simulate only - if ((isset($_POST['simulate']) and $_POST['simulate'] == 1) or is_adviser()) + if (isset($_POST['simulate']) and $_POST['simulate'] == 1) { $simulate = true; } diff --git a/admin/tags.php b/admin/tags.php index 7273921f6..4930b3fd1 100644 --- a/admin/tags.php +++ b/admin/tags.php @@ -38,7 +38,7 @@ if (!empty($_POST)) // | edit tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit']) and !is_adviser()) +if (isset($_POST['submit'])) { $query = ' SELECT name @@ -104,7 +104,7 @@ SELECT id, name // | delete tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser()) +if (isset($_POST['delete']) and isset($_POST['tags'])) { $query = ' SELECT name @@ -141,7 +141,7 @@ DELETE // | add a tag | // +-----------------------------------------------------------------------+ -if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser()) +if (isset($_POST['add']) and !empty($_POST['add_tag'])) { $tag_name = $_POST['add_tag']; diff --git a/admin/themes_installed.php b/admin/themes_installed.php index 33ebf03e5..3793e4897 100644 --- a/admin/themes_installed.php +++ b/admin/themes_installed.php @@ -36,7 +36,7 @@ $themes = new themes(); // | perform actions | // +-----------------------------------------------------------------------+ -if (isset($_GET['action']) and isset($_GET['theme']) and !is_adviser()) +if (isset($_GET['action']) and isset($_GET['theme'])) { $page['errors'] = $themes->perform_action($_GET['action'], $_GET['theme']); diff --git a/include/common.inc.php b/include/common.inc.php index 71aa78c44..061c7246a 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -207,11 +207,6 @@ if ($conf['check_upgrade_feed']) } } -if (is_adviser()) -{ - $header_msgs[] = l10n('Adviser mode enabled'); -} - if (count($header_msgs) > 0) { $template->assign('header_msgs', $header_msgs); diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 090c2e701..1bd3fe03a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -1319,14 +1319,12 @@ function check_status($access_type, $user_status = '') } /* - * Return if current user is an adviser - * @return bool + * Adviser status is depreciated from piwigo 2.2 + * @return false */ function is_adviser() { - global $user; - - return ($user['adviser'] == 'true'); + return false; } /* @@ -1384,14 +1382,7 @@ function get_email_address_as_display_text($email_address) } else { - if (defined('IN_ADMIN') and is_adviser()) - { - return 'adviser.mode@'.$_SERVER['SERVER_NAME']; - } - else - { - return $email_address; - } + return $email_address; } } diff --git a/include/template.class.php b/include/template.class.php index 4ec79a9d2..4f33a3569 100644 --- a/include/template.class.php +++ b/include/template.class.php @@ -353,8 +353,7 @@ class Template { } $this->smarty->assign( 'ROOT_URL', get_root_url() ); - $this->smarty->assign( 'TAG_INPUT_ENABLED', - ((is_adviser()) ? 'disabled="disabled" onclick="return false;"' : '')); + $this->smarty->assign( 'TAG_INPUT_ENABLED', ''); $save_compile_id = $this->smarty->compile_id; $this->load_external_filters($handle); diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 24d8e25ae..c46ae6e26 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -892,7 +892,7 @@ SELECT * FROM '.IMAGES_TABLE.' function ws_images_setPrivacyLevel($params, &$service) { - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -935,7 +935,7 @@ function ws_images_add_chunk($params, &$service) // type {thumb, file, high} // position - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1139,7 +1139,7 @@ function ws_images_addFile($params, &$service) // sum global $conf; - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1208,7 +1208,7 @@ SELECT function ws_images_add($params, &$service) { global $conf; - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1584,7 +1584,7 @@ LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['p function ws_categories_add($params, &$service) { - if (!is_admin() or is_adviser()) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1608,7 +1608,7 @@ function ws_categories_add($params, &$service) function ws_tags_add($params, &$service) { - if (!is_admin() or is_adviser()) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1629,7 +1629,7 @@ function ws_images_exist($params, &$service) { global $conf; - if (!is_admin() or is_adviser()) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1705,7 +1705,7 @@ SELECT function ws_images_checkFiles($params, &$service) { - if (!is_admin() or is_adviser()) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -1790,7 +1790,7 @@ function file_path_for_type($file_path, $type='thumb') function ws_images_setInfo($params, &$service) { global $conf; - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -2073,7 +2073,7 @@ SELECT function ws_categories_setInfo($params, &$service) { global $conf; - if (!is_admin() || is_adviser() ) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } @@ -2147,7 +2147,7 @@ function ws_images_checkUpload($params, &$service) { global $conf; - if (!is_admin() or is_adviser()) + if (!is_admin()) { return new PwgError(401, 'Access denied'); } diff --git a/picture.php b/picture.php index 052ae4923..ace364f31 100644 --- a/picture.php +++ b/picture.php @@ -276,7 +276,7 @@ DELETE FROM '.FAVORITES_TABLE.' } case 'set_as_representative' : { - if (is_admin() and !is_adviser() and isset($page['category'])) + if (is_admin() and isset($page['category'])) { $query = ' UPDATE '.CATEGORIES_TABLE.' diff --git a/plugins/LocalFilesEditor/admin.php b/plugins/LocalFilesEditor/admin.php index b0837345f..7d32ad061 100644 --- a/plugins/LocalFilesEditor/admin.php +++ b/plugins/LocalFilesEditor/admin.php @@ -164,7 +164,7 @@ switch ($page['tab']) case 'tpl': // New file form creation - if ($newfile_page and !is_adviser()) + if ($newfile_page) { $filename = isset($_POST['tpl_name']) ? $_POST['tpl_name'] : ''; $selected['model'] = isset($_POST['tpl_model']) ? $_POST['tpl_model'] : '0'; @@ -280,7 +280,7 @@ switch ($page['tab']) // +-----------------------------------------------------------------------+ // | Load backup file // +-----------------------------------------------------------------------+ -if (isset($_POST['restore']) and !is_adviser()) +if (isset($_POST['restore'])) { $edited_file = $_POST['edited_file']; $content_file = file_get_contents(get_bak_file($edited_file)); @@ -292,7 +292,7 @@ if (isset($_POST['restore']) and !is_adviser()) // +-----------------------------------------------------------------------+ // | Save file // +-----------------------------------------------------------------------+ -if (isset($_POST['submit']) and !is_adviser()) +if (isset($_POST['submit'])) { if (!is_webmaster()) { diff --git a/plugins/admin_multi_view/controller.php b/plugins/admin_multi_view/controller.php index d2cd612c2..2c61a9bc6 100644 --- a/plugins/admin_multi_view/controller.php +++ b/plugins/admin_multi_view/controller.php @@ -30,8 +30,6 @@ $refresh_main = false; if ( isset($_GET['view_as']) ) { - if ( is_adviser() and $user['id']!=$_GET['view_as'] and $conf['guest_id']!=$_GET['view_as']) - die('security error'); if ($user['id']===$_GET['view_as']) pwg_unset_session_var( 'multiview_as' ); else @@ -111,14 +109,7 @@ $my_url = get_root_url().'plugins/'.basename(dirname(__FILE__)).'/'.basename(__F // | users | $query = ' SELECT '.$conf['user_fields']['id'].' AS id,'.$conf['user_fields']['username'].' AS username -FROM '.USERS_TABLE; -if (is_adviser()) -{ - $query .=' - WHERE '.$conf['user_fields']['id']. ' IN ('.$user['id'].','.$conf['guest_id'].') -'; -} -$query .=' +FROM '.USERS_TABLE.' ORDER BY CONVERT('.$conf['user_fields']['username'].',CHAR) ;'; $user_map = simple_hash_from_query($query, 'id', 'username'); |