před 12 roky · 2253c227d4
--- a/Sources/MessageIndex.php
+++ b/Sources/MessageIndex.php
@@ -406,7 +406,7 @@ function MessageIndex()
 
 				$row['first_body'] = strip_tags(strtr(parse_bbc($row['first_body'], $row['first_smileys'], $row['id_first_msg']), array('<br />' => '&#10;')));
 
 				if ($smcFunc['strlen']($row['first_body']) > $modSettings['preview_characters'])
 
 					$row['first_body'] = $smcFunc['substr']($row['first_body'], 0, $modSettings['preview_characters']) . '...';
 
-				
 
+
 
 				$row['last_body'] = strip_tags(strtr(parse_bbc($row['last_body'], $row['last_smileys'], $row['id_last_msg']), array('<br />' => '&#10;')));
 
 				if ($smcFunc['strlen']($row['last_body']) > $modSettings['preview_characters'])
 
 					$row['last_body'] = $smcFunc['substr']($row['last_body'], 0, $modSettings['preview_characters']) . '...';
@@ -684,17 +684,7 @@ function QuickModeration()
 
 		 * @todo Ugly. There's no getting around this, is there?
 
 		 * @todo Maybe just do this on the actions people want to use?
 
 		 */
 
-		$boards_can = array(
 
-			'make_sticky' => boardsAllowedTo('make_sticky'),
 
-			'move_any' => boardsAllowedTo('move_any'),
 
-			'move_own' => boardsAllowedTo('move_own'),
 
-			'remove_any' => boardsAllowedTo('remove_any'),
 
-			'remove_own' => boardsAllowedTo('remove_own'),
 
-			'lock_any' => boardsAllowedTo('lock_any'),
 
-			'lock_own' => boardsAllowedTo('lock_own'),
 
-			'merge_any' => boardsAllowedTo('merge_any'),
 
-			'approve_posts' => boardsAllowedTo('approve_posts'),
 
-		);
 
+		$boards_can = boardsAllowedTo(array('make_sticky', 'move_any', 'move_own', 'remove_any', 'remove_own', 'lock_any', 'lock_own', 'merge_any', 'approve_posts'));
 
 
 
 		$redirect_url = isset($_POST['redirect_url']) ? $_POST['redirect_url'] : (isset($_SESSION['old_url']) ? $_SESSION['old_url'] : '');
 
 	}
--- a/Sources/Search.php
+++ b/Sources/Search.php
@@ -248,7 +248,7 @@ function PlushSearch2()
 
 	global $scripturl, $modSettings, $sourcedir, $txt, $db_connection;
 
 	global $user_info, $context, $options, $messages_request, $boards_can;
 
 	global $excludedWords, $participants, $smcFunc;
 
-	
 
+
 
 	// if comming from the quick search box, and we want to search on members, well we need to do that ;)
 
 	if (isset($_REQUEST['search_selection']) && $_REQUEST['search_selection'] === 'members')
 
 		redirectexit($scripturl . '?action=mlist;sa=search;fields=name,email;search=' . urlencode($_REQUEST['search']));
@@ -296,7 +296,7 @@ function PlushSearch2()
 
 
 
 	// Number of pages hard maximum - normally not set at all.
 
 	$modSettings['search_max_results'] = empty($modSettings['search_max_results']) ? 200 * $modSettings['search_results_per_page'] : (int) $modSettings['search_max_results'];
 
-	
 
+
 
 	// Maximum length of the string.
 
 	$context['search_string_limit'] = 100;
 
 
@@ -327,7 +327,7 @@ function PlushSearch2()
 
 	{
 
 		// Due to IE's 2083 character limit, we have to compress long search strings
 
 		$temp_params = base64_decode(str_replace(array('-', '_', '.'), array('+', '/', '='), $_REQUEST['params']));
 
-		
 
+
 
 		// Test for gzuncompress failing
 
 		$temp_params2 = @gzuncompress($temp_params);
 
 		$temp_params = explode('|"|', (!empty($temp_params2) ? $temp_params2 : $temp_params));
@@ -337,7 +337,7 @@ function PlushSearch2()
 
 			@list($k, $v) = explode('|\'|', $data);
 
 			$search_params[$k] = $v;
 
 		}
 
-		
 
+
 
 		if (isset($search_params['brd']))
 
 			$search_params['brd'] = empty($search_params['brd']) ? array() : explode(',', $search_params['brd']);
 
 	}
@@ -360,7 +360,7 @@ function PlushSearch2()
 
 
 
 	// Searching a specific topic?
 
 	if (!empty($_REQUEST['topic']) || (!empty($_REQUEST['search_selection']) && $_REQUEST['search_selection'] == 'topic'))
 
-	{	
 
+	{
 
 		$search_params['topic'] = empty($_REQUEST['search_selection']) ? (int) $_REQUEST['topic'] : (isset($_REQUEST['sd_topic']) ? (int) $_REQUEST['sd_topic'] : '');
 
 		$search_params['show_complete'] = true;
 
 	}
@@ -1252,7 +1252,7 @@ function PlushSearch2()
 
 							if (in_array($subjectWord, $excludedSubjectWords))
 
 							{
 
 								if (($subject_query['from'] != '{db_prefix}messages AS m') && !$excluded)
 
-								{ 
 
+								{
 
 									$subject_query['inner_join'][] = '{db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)';
 
 									$excluded = true;
 
 								}
@@ -1319,7 +1319,7 @@ function PlushSearch2()
 
 						// Nothing to search for?
 
 						if (empty($subject_query['where']))
 
 							continue;
 
-						
 
+
 
 						$ignoreRequest = $smcFunc['db_search_query']('insert_log_search_topics', ($smcFunc['db_support_ignore'] ? ( '
 
 							INSERT IGNORE INTO {db_prefix}' . ($createTemporary ? 'tmp_' : '') . 'log_search_topics
 
 								(' . ($createTemporary ? '' : 'id_search, ') . 'id_topic)') : '') . '
@@ -1701,23 +1701,12 @@ function PlushSearch2()
 
 	if (!empty($context['topics']))
 
 	{
 
 		// Create an array for the permissions.
 
-		$boards_can = array(
 
-			'post_reply_own' => boardsAllowedTo('post_reply_own'),
 
-			'post_reply_any' => boardsAllowedTo('post_reply_any'),
 
-			'mark_any_notify' => boardsAllowedTo('mark_any_notify')
 
-		);
 
+		$boards_can = boardsAllowedTo(array('post_reply_own', 'post_reply_any', 'mark_any_notify', true, false));
 
 
 
 		// How's about some quick moderation?
 
 		if (!empty($options['display_quick_mod']))
 
 		{
 
-			$boards_can['lock_any'] = boardsAllowedTo('lock_any');
 
-			$boards_can['lock_own'] = boardsAllowedTo('lock_own');
 
-			$boards_can['make_sticky'] = boardsAllowedTo('make_sticky');
 
-			$boards_can['move_any'] = boardsAllowedTo('move_any');
 
-			$boards_can['move_own'] = boardsAllowedTo('move_own');
 
-			$boards_can['remove_any'] = boardsAllowedTo('remove_any');
 
-			$boards_can['remove_own'] = boardsAllowedTo('remove_own');
 
-			$boards_can['merge_any'] = boardsAllowedTo('merge_any');
 
+			$boards_can = boardsAllowedTo(array('lock_any', 'lock_own', 'make_sticky', 'move_any', 'move_own', 'remove_any', 'remove_own', 'merge_any', true, false));
 
 
 
 			$context['can_lock'] = in_array(0, $boards_can['lock_any']);
 
 			$context['can_sticky'] = in_array(0, $boards_can['make_sticky']) && !empty($modSettings['enableStickyTopics']);
--- a/Sources/Security.php
+++ b/Sources/Security.php
@@ -42,7 +42,7 @@ function validateSession($type = 'admin')
 
 	// Is the security option off?
 
 	if (!empty($modSettings['securityDisable' . ($type != 'admin' ? '_' . $type : '')]))
 
 		return;
 
-		
 
+
 
 	// Or are they already logged in?, Moderator or admin sesssion is need for this area
 
 	if ((!empty($_SESSION[$type . '_time']) && $_SESSION[$type . '_time'] + $refreshTime >= time()) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time()))
 
 		return;
@@ -1000,18 +1000,36 @@ function isAllowedTo($permission, $boards = null)
 
  * If check_access is true will also make sure the group has proper access to that board.
 
  * @param array $permissions
 
  * @param bool $check_access = true
 
+ * @param bool $simple = true
 
  */
 
-function boardsAllowedTo($permissions, $check_access = true)
 
+function boardsAllowedTo($permissions, $check_access = true, $simple = true)
 
 {
 
 	global $user_info, $modSettings, $smcFunc;
 
 
 
+	// Arrays are nice, most of the time.
 
+	$permissions = (array) $permissions;
 
+
 
+	/*
 
+	 * Set $simple to true to use this function as it were in SMF 2.0.x.
 
+	 * Otherwise, the resultant array becomes split into the multiple
 
+	 * permissions that were passed. Other than that, it's just the normal
 
+	 * state of play that you're used to.
 
+	 */
 
+
 
 	// Administrators are all powerful, sorry.
 
 	if ($user_info['is_admin'])
 
-		return array(0);
 
+	{
 
+		if ($simple)
 
+			return array(0);
 
+		else
 
+		{
 
+			$result = array();
 
+			foreach ($permissions as $permission)
 
+				$result[$permission] = array(0);
 
 
 
-	// Arrays are nice, most of the time.
 
-	if (!is_array($permissions))
 
-		$permissions = array($permissions);
 
+			return $result;
 
+		}
 
+	}
 
 
 
 	// All groups the user is in except 'moderator'.
 
 	$groups = array_diff($user_info['groups'], array(3));
@@ -1032,20 +1050,33 @@ function boardsAllowedTo($permissions, $check_access = true)
 
 			'permissions' => $permissions,
 
 		)
 
 	);
 
-	$boards = array();
 
-	$deny_boards = array();
 
+	$boards = $deny_boards = $result = array();
 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 
 	{
 
-		if (empty($row['add_deny']))
 
-			$deny_boards[] = $row['id_board'];
 
+		if ($simple)
 
+		{
 
+			if (empty($row['add_deny']))
 
+				$deny_boards[$row['permission']][] = $row['id_board'];
 
+			else
 
+				$boards[$row['permission']][] = $row['id_board'];
 
+		}
 
 		else
 
-			$boards[] = $row['id_board'];
 
+		{
 
+			if (empty($row['add_deny']))
 
+				$deny_boards[$row['permission']][] = $row['id_board'];
 
+			else
 
+				$boards[$row['permission']][] = $row['id_board'];
 
+		}
 
 	}
 
 	$smcFunc['db_free_result']($request);
 
 
 
-	$boards = array_unique(array_values(array_diff($boards, $deny_boards)));
 
+	if ($simple)
 
+		$result = array_unique(array_values(array_diff($boards, $deny_boards)));
 
+	else
 
+		foreach ($permissions as $permission)
 
+			$result[$permission] = array_unique(array_values(array_diff($boards[$permission], $deny_boards[$permission])));
 
 
 
-	return $boards;
 
+	return $result;
 
 }
 
 
 
 /**
@@ -1217,7 +1248,7 @@ else
 
 }
 
 
 
 /**
 
- * Another helper function that put together the 
 
+ * Another helper function that put together the
 
  * @param string $fullip An IP address either IPv6 or not
 
  * @return string A SQL condition
 
  */