1
|
<?php
|
2
|
/**
|
3
|
*
|
4
|
* @category admin
|
5
|
* @package groups
|
6
|
* @author WebsiteBaker Project
|
7
|
* @copyright Ryan Djurovich
|
8
|
* @copyright WebsiteBaker Org. e.V.
|
9
|
* @link http://websitebaker.org/
|
10
|
* @license http://www.gnu.org/licenses/gpl.html
|
11
|
* @platform WebsiteBaker 2.8.3
|
12
|
* @requirements PHP 5.3.6 and higher
|
13
|
* @version $Id: get_permissions.php 2 2017-07-02 15:14:29Z Manuela $
|
14
|
* @filesource $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/branches/main/admin/groups/get_permissions.php $
|
15
|
* @lastmodified $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
|
16
|
*
|
17
|
*/
|
18
|
/*---------------------------------------------------------------------------------------------------------------*/
|
19
|
if(defined('WB_PATH') == false)
|
20
|
{
|
21
|
die('Cannot access '.basename(__DIR__).'/'.basename(__FILE__).' directly');
|
22
|
} else {
|
23
|
/*---------------------------------------------------------------------------------------------------------------*/
|
24
|
// merge extended system_permission
|
25
|
$system_permissions = array_flip($system_permissions);
|
26
|
// Get system permissions
|
27
|
$system_permissions = (@$bResetSystem?array():$system_permissions);
|
28
|
function getSystemDefaultPermission(){
|
29
|
global $database;
|
30
|
$sqlAdmin = 'SELECT `system_permissions` FROM `'.TABLE_PREFIX.'groups` '
|
31
|
. 'WHERE `group_id`=\'1\' ';
|
32
|
$sPermissions = $database->get_one($sqlAdmin);
|
33
|
return (@$database->get_error()?:$sPermissions);
|
34
|
}
|
35
|
/*---------------------------------------------------------------------------------------------------------------*/
|
36
|
function getSystemFromRequest($aRequestVars=null)
|
37
|
{
|
38
|
global $bResetSystem;
|
39
|
if ($bResetSystem){return null;}
|
40
|
$aPermissions = array_flip(explode(',', getSystemDefaultPermission()));
|
41
|
// define Lambda-Callback for sanitize POST arguments secunia 2010-92-2
|
42
|
$cbSanitize = (function($sValue) { $sValue = preg_replace('/[^a-z0-9_-]/i', '', $sValue); return $sValue;});
|
43
|
$aPermissions = (is_array($aPermissions) ? $aPermissions : array());
|
44
|
$aPermissions = array_map($cbSanitize, $aPermissions);
|
45
|
$aPermissions = array_intersect_key($aRequestVars, $aPermissions);
|
46
|
return $aPermissions;
|
47
|
}
|
48
|
/*---------------------------------------------------------------------------------------------------------------*/
|
49
|
function getSystemPermissions($aRequestVars=null)
|
50
|
{
|
51
|
$aPermissions = array();
|
52
|
if (!$aRequestVars){return $aPermissions;}
|
53
|
$aValidType = $aValidView = $aValidAddons = $aValidAccess = $aValidSettings = array();
|
54
|
$aTmpPermissions = getSystemFromRequest($aRequestVars);
|
55
|
if (($aTmpPermissions)){
|
56
|
$aValidType = preg_replace('/^(.*?)_.*$/', '\1', array_keys($aTmpPermissions));
|
57
|
$aValidView = preg_replace('/^(.*)/', '\1_view', $aValidType);
|
58
|
$aValidAddons = preg_replace('/^(modules.*|templates.*|languages.*)$/', 'addons', $aValidView);
|
59
|
$aValidAccess = preg_replace('/^(groups.*|users.*)$/', 'access', $aValidView);
|
60
|
$aValidSettings = preg_replace('/^(settings.*)$/', 'settings_basic', $aValidView);
|
61
|
$aPermissions = array_merge(
|
62
|
$aTmpPermissions,
|
63
|
array_flip($aValidType),
|
64
|
array_flip($aValidView),
|
65
|
array_flip($aValidAccess),
|
66
|
array_flip($aValidAddons),
|
67
|
array_flip($aValidSettings)
|
68
|
);
|
69
|
$iSortFlags = ((version_compare(PHP_VERSION, '5.4.0', '<'))?SORT_REGULAR:SORT_NATURAL|SORT_FLAG_CASE);
|
70
|
ksort ($aPermissions, $iSortFlags);
|
71
|
}
|
72
|
return $aPermissions;
|
73
|
}
|
74
|
$aRequestSystemPermissions = getSystemPermissions($aRequestVars);
|
75
|
/* WB283 SP4 Fixes ***************************************************/
|
76
|
// clean up system_permission
|
77
|
$system_permissions = ($bAdvancedSave ? array_intersect_key($aRequestSystemPermissions, $system_permissions):$system_permissions);
|
78
|
$aSystemPermissions = array_merge($aRequestSystemPermissions, $system_permissions);
|
79
|
$aSystemPermissions = (@$bResetSystem?array():$aSystemPermissions);
|
80
|
$iSortFlags = ((version_compare(PHP_VERSION, '5.4.0', '<'))?SORT_REGULAR:SORT_NATURAL|SORT_FLAG_CASE);
|
81
|
ksort ($aSystemPermissions, $iSortFlags);
|
82
|
// Implode system permissions
|
83
|
$aAllowedSystemPermissions = array();
|
84
|
/*------------------------------------------------------------------------------------------------------------*/
|
85
|
foreach ($aSystemPermissions as $sName => $sValue) {
|
86
|
$aAllowedSystemPermissions[] = $sName;
|
87
|
}
|
88
|
$system_permissions = implode(',', $aAllowedSystemPermissions);
|
89
|
/*------------------------------------------------------------------------------------------------------------*/
|
90
|
function getPermissionsFromPost($sType, $bReset=false)
|
91
|
{
|
92
|
// define Lambda-Callback for sanitize POST arguments secunia 2010-92-2
|
93
|
$cbSanitize = function($sValue) { $sValue = preg_replace('/[^a-z0-9_-]/i', '', $sValue); return $sValue; };
|
94
|
$aPermissions = $GLOBALS['admin']->get_post($sType.'_permissions');
|
95
|
$aPermissions = is_array($aPermissions) ? $aPermissions : array();
|
96
|
$aPermissions = array_map($cbSanitize, $aPermissions);
|
97
|
$sOldWorkingDir = getcwd();
|
98
|
chdir(WB_PATH.'/'.$sType.'s/');
|
99
|
$aAvailableItemsList = glob('*', GLOB_ONLYDIR|GLOB_NOSORT);
|
100
|
chdir($sOldWorkingDir);
|
101
|
$aPermissions = (@$bReset?array():$aPermissions);
|
102
|
$aUncheckedItems = array_diff($aAvailableItemsList, $aPermissions);
|
103
|
return implode(',', $aUncheckedItems);
|
104
|
}
|
105
|
// Get module permissions
|
106
|
$module_permissions = getPermissionsFromPost('module', $bResetModules);
|
107
|
// Get template permissions
|
108
|
$template_permissions = getPermissionsFromPost('template', $bResetTemplates);
|
109
|
|
110
|
}
|