Revision 670
Added by thorn almost 18 years ago
| trunk/CHANGELOG | ||
|---|---|---|
| 11 | 11 |
! = Update/Change |
| 12 | 12 |
|
| 13 | 13 |
------------------------------------- 2.7.0 ------------------------------------- |
| 14 |
08-Feb-2008 Thomas Hornik |
|
| 15 |
- Removed unused function is_access_denied() from search |
|
| 14 | 16 |
04-Feb-2008 Thomas Hornik |
| 15 | 17 |
! email-addresses are excluded from search-results page. |
| 16 | 18 |
# Fixed possible XSS in account/login.php and forgot-form.php |
| trunk/wb/search/search.php | ||
|---|---|---|
| 351 | 351 |
'default_max_excerpt' => $search_max_excerpt |
| 352 | 352 |
); |
| 353 | 353 |
// Only show this page if we are allowed to see it |
| 354 |
//if(is_access_denied($res['visibility'], $res['viewing_groups'], $res['viewing_users'])) {
|
|
| 355 | 354 |
if($admin->page_is_visible($res) == false) {
|
| 356 | 355 |
if($res['visibility'] == 'registered') { // don't show excerpt
|
| 357 | 356 |
$search_func_vars['default_max_excerpt'] = 0; |
| ... | ... | |
| 404 | 403 |
'default_max_excerpt' => $max_excerpt_num |
| 405 | 404 |
); |
| 406 | 405 |
// Only show this page if we are allowed to see it |
| 407 |
//if(is_access_denied($page['visibility'], $page['viewing_groups'], $page['viewing_users'])) {
|
|
| 408 | 406 |
if($admin->page_is_visible($page) == false) {
|
| 409 | 407 |
if($page['visibility'] != 'registered') {
|
| 410 | 408 |
continue; |
| ... | ... | |
| 562 | 560 |
continue; |
| 563 | 561 |
} |
| 564 | 562 |
if($visibility == 'private') {
|
| 565 |
//if(is_access_denied($visibility, $viewing_groups, $viewing_users)) {
|
|
| 566 | 563 |
if($admin->page_is_visible(array( |
| 567 | 564 |
'page_id'=>$page[$fields['page_id']], |
| 568 | 565 |
'visibility' =>$visibility, |
| trunk/wb/search/search_modext.php | ||
|---|---|---|
| 84 | 84 |
return $any_matched; |
| 85 | 85 |
} |
| 86 | 86 |
|
| 87 |
// work-out if user is in $viewing_groups or $viewing_users |
|
| 88 |
function is_access_denied($visibility, $viewing_groups_str, $viewing_users_str) {
|
|
| 89 |
global $wb; |
|
| 90 |
$access_denied = false; |
|
| 91 |
if($visibility == 'private' || $visibility == 'registered') {
|
|
| 92 |
$access_denied = true; |
|
| 93 |
if($wb->is_authenticated() == true) {
|
|
| 94 |
$viewing_groups = explode(',', $viewing_groups_str);
|
|
| 95 |
$viewing_users = explode(',', $viewing_users_str);
|
|
| 96 |
if(in_array($wb->get_group_id(), $viewing_groups) || (in_array($wb->get_user_id(), $viewing_users))) {
|
|
| 97 |
$access_denied = false; |
|
| 98 |
} |
|
| 99 |
} |
|
| 100 |
} |
|
| 101 |
return $access_denied; |
|
| 102 |
} |
|
| 103 |
|
|
| 104 | 87 |
// collects the matches from text in excerpt_array |
| 105 | 88 |
function get_excerpts($text, $search_words, $max_excerpt_num) {
|
| 106 | 89 |
$match_array = array(); |
Also available in: Unified diff
Removed unused function is_access_denied() from search