| 53 |
53 |
var $website_title,$website_description,$website_keywords,$website_header,$website_footer;
|
| 54 |
54 |
|
| 55 |
55 |
// ugly database stuff
|
| 56 |
|
var $extra_sql,$extra_where_sql;
|
|
56 |
var $extra_where_sql;
|
| 57 |
57 |
|
| 58 |
58 |
function frontend() {
|
| 59 |
59 |
$this->wb();
|
| ... | ... | |
| 216 |
216 |
define('TEMPLATE_DIR', WB_URL.'/templates/'.TEMPLATE);
|
| 217 |
217 |
|
| 218 |
218 |
// Check if user is allow to view this page
|
| 219 |
|
if(FRONTEND_LOGIN AND VISIBILITY == 'private' OR FRONTEND_LOGIN AND VISIBILITY == 'registered') {
|
| 220 |
|
// Double-check front-end login is enabled
|
| 221 |
|
if(FRONTEND_LOGIN != true) {
|
| 222 |
|
// Users shouldnt be allowed to view private pages
|
| 223 |
|
header("Location: ".WB_URL.PAGES_DIRECTORY."/index".PAGE_EXTENSION);
|
| 224 |
|
}
|
|
219 |
if(VISIBILITY == 'private' OR VISIBILITY == 'registered') {
|
| 225 |
220 |
// Check if the user is authenticated
|
| 226 |
221 |
if($this->is_authenticated() == false) {
|
| 227 |
222 |
// User needs to login first
|
| ... | ... | |
| 231 |
226 |
if($this->show_page($this->page) == false) {
|
| 232 |
227 |
$this->page_access_denied=true;
|
| 233 |
228 |
}
|
| 234 |
|
// Set extra private sql code
|
| 235 |
|
$this->extra_sql = ",viewing_groups,viewing_users";
|
| 236 |
|
$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted'";
|
| 237 |
|
} elseif(!FRONTEND_LOGIN AND VISIBILITY == 'private' OR !FRONTEND_LOGIN AND VISIBILITY == 'registered') {
|
|
229 |
} elseif(VISIBILITY == 'deleted' OR VISIBILITY == 'none') {
|
| 238 |
230 |
// User isnt allowed on this page so tell them
|
| 239 |
231 |
$this->page_access_denied=true;
|
| 240 |
|
} elseif(VISIBILITY == 'deleted') {
|
| 241 |
|
// User isnt allowed on this page so tell them
|
| 242 |
|
$this->page_access_denied=true;
|
| 243 |
232 |
}
|
| 244 |
|
if(!isset($this->extra_sql)) {
|
| 245 |
|
// Set extra private sql code
|
| 246 |
|
if(FRONTEND_LOGIN == 'enabled') {
|
| 247 |
|
if($this->is_authenticated()) {
|
| 248 |
|
$this->extra_sql = '';
|
| 249 |
|
$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted'";
|
| 250 |
|
} else {
|
| 251 |
|
$this->extra_sql = '';
|
| 252 |
|
$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted' AND visibility != 'private'";
|
| 253 |
|
}
|
| 254 |
|
} else {
|
| 255 |
|
$this->extra_sql = '';
|
| 256 |
|
$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted' AND visibility != 'private' AND visibility != 'registered'";
|
|
233 |
// never show no-vis, hidden or deleted pages
|
|
234 |
$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted'";
|
|
235 |
// Set extra private sql code
|
|
236 |
if($this->is_authenticated()==false) {
|
|
237 |
// if user is not authenticated, don't show private pages either
|
|
238 |
$this->extra_where_sql .= " AND visibility != 'private'";
|
|
239 |
// and 'registered' without frontend login doesn't make much sense!
|
|
240 |
if (FRONTEND_LOGIN==false) {
|
|
241 |
$this->extra_where_sql .= " AND visibility != 'registered'";
|
| 257 |
242 |
}
|
| 258 |
243 |
}
|
| 259 |
244 |
$this->extra_where_sql .= $this->sql_where_language;
|
| ... | ... | |
| 381 |
366 |
$menu_number = '1';
|
| 382 |
367 |
}
|
| 383 |
368 |
// Query pages
|
| 384 |
|
$query_menu = $database->query("SELECT page_id,menu_title,page_title,link,target,level,visibility$this->extra_sql FROM ".
|
|
369 |
$query_menu = $database->query("SELECT page_id,menu_title,page_title,link,target,level,visibility FROM ".
|
| 385 |
370 |
TABLE_PREFIX."pages WHERE parent = '$this->menu_parent' AND $menu_number AND $this->extra_where_sql ORDER BY position ASC");
|
| 386 |
371 |
// Check if there are any pages to show
|
| 387 |
372 |
if($query_menu->numRows() > 0) {
|
Reworked visibility and menu code (frontend login problem)