Index: trunk/CHANGELOG =================================================================== --- trunk/CHANGELOG (revision 1086) +++ trunk/CHANGELOG (revision 1087) @@ -11,6 +11,9 @@ ! = Update/Change ------------------------------------- 2.8.0 ------------------------------------- +22-July 2009 Matthias Gallas +# Fixed bug with home folders are viewable and writable from other users + (ticket #605 and #748) (Thanks to Aldus) 20-July 2009 Matthias Gallas ! Moved backend.js back from to + Added possibility to add a backend_body.js to modules wich is then called in Index: trunk/wb/admin/media/browse.php =================================================================== --- trunk/wb/admin/media/browse.php (revision 1086) +++ trunk/wb/admin/media/browse.php (revision 1087) @@ -77,7 +77,12 @@ $template->set_block('page', 'main_block', 'main'); // Get the current dir -$directory = $admin->strip_slashes($admin->get_get('dir')); +$currentHome = $admin->get_home_folder(); +$directory = (($currentHome) AND (!array_key_exists('dir',$_GET))) + ? + $currentHome + : + $admin->strip_slashes($admin->get_get('dir')) ; if($directory == '/' OR $directory == '\\') { $directory = ''; } @@ -107,7 +112,7 @@ // Workout the parent dir link $parent_dir_link = ADMIN_URL.'/media/browse.php?dir='.$directory.'&up=1'; // Workout if the up arrow should be shown -if($directory == '') { +if(($directory == '') or ($directory==$currentHome)) { $display_up_arrow = 'hide'; } else { $display_up_arrow = ''; Index: trunk/wb/admin/media/index.php =================================================================== --- trunk/wb/admin/media/index.php (revision 1086) +++ trunk/wb/admin/media/index.php (revision 1087) @@ -43,6 +43,15 @@ // Insert values $template->set_block('main_block', 'dir_list_block', 'dir_list'); $dirs = directory_list(WB_PATH.MEDIA_DIRECTORY); +$currentHome = $admin->get_home_folder(); + +if ($currentHome){ + $dirs = directory_list(WB_PATH.MEDIA_DIRECTORY.$currentHome); +} +else +{ + $dirs = directory_list(WB_PATH.MEDIA_DIRECTORY); +} $array_lowercase = array_map('strtolower', $dirs); array_multisort($array_lowercase, SORT_ASC, SORT_STRING, $dirs); foreach($dirs AS $name) { @@ -62,10 +71,18 @@ if ($_SESSION['GROUP_ID'] != 1 && $pathsettings['global']['admin_only']) { // Only show admin the settings link $template->set_var('DISPLAY_SETTINGS', 'hide'); } +// Workout if the up arrow should be shown +if(($dirs == '') or ($dirs==$currentHome) or (!array_key_exists('dir', $_GET))) { + $display_up_arrow = 'hide'; +} else { + $display_up_arrow = ''; +} // Insert language headings $template->set_var(array( 'HEADING_BROWSE_MEDIA' => $HEADING['BROWSE_MEDIA'], + 'HOME_DIRECTORY' => $currentHome, + 'DISPLAY_UP_ARROW' => $display_up_arrow, // **! 'HEADING_CREATE_FOLDER' => $HEADING['CREATE_FOLDER'], 'HEADING_UPLOAD_FILES' => $HEADING['UPLOAD_FILES'] ) Index: trunk/wb/templates/classic_theme/templates/media.htt =================================================================== --- trunk/wb/templates/classic_theme/templates/media.htt (revision 1086) +++ trunk/wb/templates/classic_theme/templates/media.htt (revision 1087) @@ -19,7 +19,7 @@ {TEXT_TARGET_FOLDER}: - + Index: trunk/wb/templates/wb_theme/templates/media.htt =================================================================== --- trunk/wb/templates/wb_theme/templates/media.htt (revision 1086) +++ trunk/wb/templates/wb_theme/templates/media.htt (revision 1087) @@ -30,7 +30,7 @@ {TEXT_TARGET_FOLDER}: - + Index: trunk/wb/templates/argos_theme/templates/media.htt =================================================================== --- trunk/wb/templates/argos_theme/templates/media.htt (revision 1086) +++ trunk/wb/templates/argos_theme/templates/media.htt (revision 1087) @@ -27,7 +27,7 @@ onChange="browse.location.href='browse.php?dir=' + document.upload.target.value.substr(6,100); document.create.target.value = document.upload.target.value;"> - + @@ -104,7 +104,7 @@ {TEXT_TARGET_FOLDER}: