/** * Changes the active style. * * @param integer $styleID * @param boolean $ignorePermissions */ public function changeStyle($styleID = 0, $ignorePermissions = false) { // check permission if (!$ignorePermissions) { if (isset($this->cache['styles'][$styleID])) { if (($this->cache['styles'][$styleID]->disabled || !empty($this->cache['packages'][PACKAGE_ID]['disabled'][$styleID])) && !WCF::getSession()->getPermission('admin.style.canUseDisabledStyle')) { $styleID = 0; } } } // fallback to default style if (!isset($this->cache['styles'][$styleID])) { // get package default style if (!empty($this->cache['packages'][PACKAGE_ID]['default'])) { $styleID = $this->cache['packages'][PACKAGE_ID]['default']; } else { $styleID = $this->cache['default']; } if (!isset($this->cache['styles'][$styleID])) { throw new SystemException('no default style defined'); } } // init style $this->style = new ActiveStyle($this->cache['styles'][$styleID]); // set template group id if (WCF::getTPL()) { WCF::getTPL()->setTemplateGroupID($this->style->templateGroupID); } }
/** * Creates a new NewsCategoryList object. * * @param array<integer> $categoryIDs */ public function __construct(array $categoryIDs) { ViewableEntryList::__construct(); // accessible news categories if (!empty($categoryIDs)) { $this->getConditionBuilder()->add('news_entry_to_category.categoryID IN (?)', array($categoryIDs)); $this->getConditionBuilder()->add('news_entry.entryID = news_entry_to_category.entryID'); } else { $this->getConditionBuilder()->add('1=0'); } // default conditions if (!WCF::getSession()->getPermission('mod.news.canModerateEntry')) { $this->getConditionBuilder()->add('news_entry.isDisabled = 0'); } if (!WCF::getSession()->getPermission('mod.news.canViewDeletedEntry')) { $this->getConditionBuilder()->add('news_entry.isDeleted = 0'); } if (WCF::getUser()->userID) { $this->getConditionBuilder()->add('(news_entry.isPublished = 1 OR news_entry.userID = ?)', array(WCF::getUser()->userID)); } else { $this->getConditionBuilder()->add('news_entry.isPublished = 1'); } // apply language filter if (LanguageFactory::getInstance()->multilingualismEnabled() && count(WCF::getUser()->getLanguageIDs())) { $this->getConditionBuilder()->add('(news_entry.languageID IN (?) OR news_entry.languageID IS NULL)', array(WCF::getUser()->getLanguageIDs())); } }
public function __construct() { parent::__construct(); // accessible news categories $accessibleCategoryIDs = NewsCategory::getAccessibleCategoryIDs(); if (!empty($accessibleCategoryIDs)) { $this->getConditionBuilder()->add('news.newsID IN (SELECT newsID FROM cms' . WCF_N . '_news_to_category WHERE categoryID IN (?))', array($accessibleCategoryIDs)); } else { $this->getConditionBuilder()->add('1=0'); } //get default settings if (!WCF::getSession()->getPermission('mod.cms.news.canModerateNews')) { $this->getConditionBuilder()->add('news.isDisabled = 0'); } if (!WCF::getSession()->getPermission('mod.cms.news.canModerateNews')) { $this->getConditionBuilder()->add('news.isDeleted = 0'); } //can view delayed news if (!WCF::getSession()->getPermission('user.cms.news.canViewDelayedNews')) { $this->getConditionBuilder()->add('news.isDisabled = ?', array(0)); } // language Filter if (LanguageFactory::getInstance()->multilingualismEnabled() && count(WCF::getUser()->getLanguageIDs())) { $this->getConditionBuilder()->add('(news.languageID IN (?) OR news.languageID IS NULL)', array(WCF::getUser()->getLanguageIDs())); } }
/** * calculate the final config of $this->cfg through $this->cfg default value and MbqMain::$customConfig and MbqMain::$oMbqAppEnv and the plugin support degree */ public function calCfg() { $url = WCF::getPath(); MbqMain::$oMbqAppEnv->siteRootUrl = substr($url, 0, strlen($url) - 4); //init user $oUser = DefaultUserAuthentication::getInstance()->loginAutomatically(true); if ($oUser && $oUser->userID) { MbqMain::$oMbqAppEnv->oCurrentUser = $oUser; $oMbqRdEtUser = MbqMain::$oClk->newObj('MbqRdEtUser'); $oMbqRdEtUser->initOCurMbqEtUser(); } if (MbqMain::hasLogin()) { //!!! header('Mobiquo_is_login: true'); } else { header('Mobiquo_is_login: false'); } $oMbqRdEtForum = MbqMain::$oClk->newObj('MbqRdEtForum'); MbqMain::$oMbqAppEnv->exttForumTree = $oMbqRdEtForum->getForumTree(); //!!! parent::calCfg(); /* calculate the final config */ $this->cfg['base']['sys_version']->setOriValue(PACKAGE_VERSION); if (OFFLINE) { $this->cfg['base']['is_open']->setOriValue(MbqBaseFdt::getFdt('MbqFdtConfig.base.is_open.range.no')); } else { $this->cfg['base']['is_open']->setOriValue(MbqBaseFdt::getFdt('MbqFdtConfig.base.is_open.range.yes')); } if (!MODULE_CONVERSATION || !WCF::getSession()->getPermission('user.conversation.canUseConversation')) { $this->cfg['pc']['module_enable']->setOriValue(MbqBaseFdt::getFdt('MbqFdtConfig.pc.module_enable.range.disable')); $this->cfg['pc']['conversation']->setOriValue(MbqBaseFdt::getFdt('MbqFdtConfig.pc.conversation.range.notSupport')); } }
/** * Returns the ids of the files which can be deleted. * * @return array<integer> */ protected function validateDelete() { if (WCF::getSession()->getPermission('admin.cms.file.canAddFile')) { return array_keys($this->objects); } return array(); }
/** * Validates the getData action. */ public function validateGetData() { WCF::getSession()->checkPermissions(array('admin.system.canViewLog')); // validate start date if (empty($this->parameters['startDate']) || !preg_match('/^\\d{4}\\-\\d{2}\\-\\d{2}$/', $this->parameters['startDate'])) { throw new UserInputException('startDate'); } // validate end date if (empty($this->parameters['endDate']) || !preg_match('/^\\d{4}\\-\\d{2}\\-\\d{2}$/', $this->parameters['endDate'])) { throw new UserInputException('endDate'); } // validate object types if (empty($this->parameters['objectTypeIDs']) || !is_array($this->parameters['objectTypeIDs'])) { throw new UserInputException('objectTypeIDs'); } foreach ($this->parameters['objectTypeIDs'] as $objectTypeID) { $objectType = ObjectTypeCache::getInstance()->getObjectType($objectTypeID); if ($objectType === null) { throw new UserInputException('objectTypeIDs'); } } // validate date grouping parameter if (empty($this->parameters['dateGrouping'])) { throw new UserInputException('objectTypeIDs'); } }
/** * @see \wcf\form\IForm::save() */ public function save() { AbstractForm::save(); // set cookies if ($this->useCookies == 1) { UserAuthenticationFactory::getInstance()->getUserAuthentication()->storeAccessData($this->user, $this->username, $this->password); } $oldSessionID = WCF::getSession()->sessionID; // change user WCF::getSession()->changeUser($this->user); // get redirect url $this->checkURL(); $this->saved(); if (isset($_REQUEST['s']) && $_REQUEST['s'] == $oldSessionID && $oldSessionID != WCF::getSession()->sessionID) { // force instant redirect to avoid issues with non-cookie login and the already defined SID_ARG_* constants if (preg_match('~[?&]s=[a-f0-9]{40}~i', $this->url)) { $this->url = preg_replace('~([?&])s=[a-f0-9]{40}~i', '$1s=' . WCF::getSession()->sessionID, $this->url); } else { $this->url .= mb_strpos($this->url, '?') === false ? '?' : '&'; $this->url .= 's=' . WCF::getSession()->sessionID; } HeaderUtil::redirect($this->url); exit; } // redirect to url WCF::getTPL()->assign('__hideUserMenu', true); HeaderUtil::delayedRedirect($this->url, WCF::getLanguage()->get('wcf.user.login.redirect')); exit; }
/** * Validates object options and permissions. * * @param \wcf\data\DatabaseObject $object * @param string $optionsColumnName * @param string $permissionsColumnName * @return boolean */ protected function validate(DatabaseObject $object, $optionsColumnName = 'options', $permissionsColumnName = 'permissions') { // check the options of this item $hasEnabledOption = true; if ($object->{$optionsColumnName}) { $hasEnabledOption = false; $options = explode(',', strtoupper($object->{$optionsColumnName})); foreach ($options as $option) { if (defined($option) && constant($option)) { $hasEnabledOption = true; break; } } } if (!$hasEnabledOption) { return false; } // check the permission of this item for the active user $hasPermission = true; if ($object->{$permissionsColumnName}) { $hasPermission = false; $permissions = explode(',', $object->{$permissionsColumnName}); foreach ($permissions as $permission) { if (WCF::getSession()->getPermission($permission)) { $hasPermission = true; break; } } } if (!$hasPermission) { return false; } return true; }
/** * Handles a http request. * * @param string $application * @param boolean $isACPRequest */ public function handle($application = 'wcf', $isACPRequest = false) { $this->isACPRequest = $isACPRequest; if (!RouteHandler::getInstance()->matches()) { throw new SystemException("Cannot handle request, no valid route provided."); } // build request $this->buildRequest($application); // handle offline mode if (!$isACPRequest && defined('OFFLINE') && OFFLINE) { if (!WCF::getSession()->getPermission('admin.general.canViewPageDuringOfflineMode') && !$this->activeRequest->isAvailableDuringOfflineMode()) { if (isset($_SERVER['X-Requested-With']) && ($_SERVER['X-Requested-With'] == 'XMLHttpRequest')) { throw new AJAXException(WCF::getLanguage()->get('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } else { WCF::getTPL()->assign(array( 'templateName' => 'offline' )); WCF::getTPL()->display('offline'); } exit; } } // start request $this->activeRequest->execute(); }
/** * @see \wcf\system\event\listener\IParameterizedEventListener::execute() */ public function execute($eventObj, $className, $eventName, array &$parameters) { if (WCF::getUser()->userID && WCF::getSession()->getPermission('admin.general.canUseAcp') && !defined(get_class($eventObj) . '::DO_NOT_LOG')) { // try to find existing session log $sql = "SELECT\tsessionLogID\n\t\t\t\tFROM\twcf" . WCF_N . "_acp_session_log\n\t\t\t\tWHERE\tsessionID = ?\n\t\t\t\t\tAND lastActivityTime >= ?"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array(WCF::getSession()->sessionID, TIME_NOW - SESSION_TIMEOUT)); $row = $statement->fetchArray(); if (!empty($row['sessionLogID'])) { $sessionLogID = $row['sessionLogID']; $sessionLogEditor = new ACPSessionLogEditor(new ACPSessionLog(null, array('sessionLogID' => $sessionLogID))); $sessionLogEditor->update(array('lastActivityTime' => TIME_NOW)); } else { // create new session log $sessionLog = ACPSessionLogEditor::create(array('sessionID' => WCF::getSession()->sessionID, 'userID' => WCF::getUser()->userID, 'ipAddress' => UserUtil::getIpAddress(), 'hostname' => @gethostbyaddr(WCF::getSession()->ipAddress), 'userAgent' => WCF::getSession()->userAgent, 'time' => TIME_NOW, 'lastActivityTime' => TIME_NOW)); $sessionLogID = $sessionLog->sessionLogID; } // format request uri $requestURI = WCF::getSession()->requestURI; // remove directories $URIComponents = explode('/', $requestURI); $requestURI = array_pop($URIComponents); // remove session url $requestURI = preg_replace('/(?:\\?|&)s=[a-f0-9]{40}/', '', $requestURI); // save access ACPSessionAccessLogEditor::create(array('sessionLogID' => $sessionLogID, 'ipAddress' => UserUtil::getIpAddress(), 'time' => TIME_NOW, 'requestURI' => $requestURI, 'requestMethod' => WCF::getSession()->requestMethod, 'className' => get_class($eventObj))); } }
/** * @see \wcf\system\event\listener\IParameterizedEventListener::execute() */ public function execute($eventObj, $className, $eventName, array &$parameters) { if (!MODULE_JCOINS || !WCF::getSession()->getPermission('user.jcoins.canSee')) { return; } $eventObj->validSortFields[] = 'jCoinsBalance'; }
/** * Creates the AccessibleNewsList object. */ public function __construct() { parent::__construct(); // accessible news categories $accessibleCategoryIDs = NewsCategory::getAccessibleCategoryIDs(); if (!empty($accessibleCategoryIDs)) { $this->getConditionBuilder()->add('news.newsID IN (SELECT newsID FROM news' . WCF_N . '_news_to_category WHERE categoryID IN (?))', array($accessibleCategoryIDs)); } else { $this->getConditionBuilder()->add('1=0'); } // default conditions if (!WCF::getSession()->getPermission('mod.news.canReadDeactivatedNews')) { $this->getConditionBuilder()->add('news.isActive = 1'); } if (!WCF::getSession()->getPermission('mod.news.canReadDeletedNews')) { $this->getConditionBuilder()->add('news.isDeleted = 0'); } if (!WCF::getSession()->getPermission('mod.news.canReadFutureNews')) { if (WCF::getUser()->userID) { $this->getConditionBuilder()->add('(news.isPublished = 1 OR news.userID = ?)', array(WCF::getUser()->userID)); } else { $this->getConditionBuilder()->add('news.isPublished = 1'); } } // apply language filter if (LanguageFactory::getInstance()->multilingualismEnabled() && count(WCF::getUser()->getLanguageIDs())) { $this->getConditionBuilder()->add('(news.languageID IN (?) OR news.languageID IS NULL)', array(WCF::getUser()->getLanguageIDs())); } }
/** * Returns true, if the active user has access to this sitemap. * * @return boolean */ public function isAccessible() { // check the options of this item $hasEnabledOption = true; if ($this->options) { $hasEnabledOption = false; $options = explode(',', strtoupper($this->options)); foreach ($options as $option) { if (defined($option) && constant($option)) { $hasEnabledOption = true; break; } } } if (!$hasEnabledOption) { return false; } // check the permission of this item for the active user $hasPermission = true; if ($this->permissions) { $hasPermission = false; $permissions = explode(',', $this->permissions); foreach ($permissions as $permission) { if (WCF::getSession()->getPermission($permission)) { $hasPermission = true; break; } } } if (!$hasPermission) { return false; } return true; }
/** * Returns true if this session is the active user session. * * @return boolean */ public function isActiveUserSession() { if ($this->isActive() && $this->sessionID == WCF::getSession()->sessionID) { return 1; } return 0; }
/** * @see \wcf\system\search\acp\IACPSearchResultProvider::search() */ public function search($query) { if (!WCF::getSession()->getPermission('admin.system.package.canUpdatePackage') && !WCF::getSession()->getPermission('admin.system.package.canUninstallPackage')) { return array(); } $results = array(); // search by language item $conditions = new PreparedStatementConditionBuilder(); $conditions->add("languageID = ?", array(WCF::getLanguage()->languageID)); $conditions->add("languageItem LIKE ?", array('wcf.acp.package.packageName.package%')); $conditions->add("languageItemValue LIKE ?", array('%' . $query . '%')); $sql = "SELECT\t\tlanguageItem\n\t\t\tFROM\t\twcf" . WCF_N . "_language_item\n\t\t\t" . $conditions; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute($conditions->getParameters()); $packageIDs = array(); while ($row = $statement->fetchArray()) { $packageIDs[] = str_replace('wcf.acp.package.packageName.package', '', $row['languageItem']); } $conditions = new PreparedStatementConditionBuilder(false); if (!empty($packageIDs)) { $conditions->add("packageID IN (?)", array($packageIDs)); } $sql = "SELECT\t*\n\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\tWHERE\tpackageName LIKE ?\n\t\t\t\tOR package LIKE ?\n\t\t\t\t" . (count($conditions->getParameters()) ? "OR " . $conditions : ""); $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(array_merge(array($query . '%', $query . '%'), $conditions->getParameters())); while ($package = $statement->fetchObject('wcf\\data\\package\\Package')) { $results[] = new ACPSearchResult($package->getName(), LinkHandler::getInstance()->getLink('Package', array('id' => $package->packageID, 'title' => $package->getName()))); } return $results; }
/** * Loads the news entries. */ protected function loadNews() { $this->news = array(); if (empty($this->newsIDs)) { return; } $this->newsIDs = array_unique($this->newsIDs); $categoryIDs = NewsCategory::getAccessibleCategoryIDs(); if (empty($categoryIDs)) { return; } $newsList = new NewsList(); $newsList->getConditionBuilder()->add('news.newsID IN (?)', array($this->newsIDs)); $newsList->getConditionBuilder()->add('news.newsID IN (SELECT newsID FROM news' . WCF_N . '_news_to_category WHERE categoryID IN (?))', array($categoryIDs)); // default conditions if (!WCF::getSession()->getPermission('mod.news.canReadDeactivatedNews')) { $newsList->getConditionBuilder()->add('news.isActive = 1'); } if (!WCF::getSession()->getPermission('mod.news.canReadDeletedNews')) { $newsList->getConditionBuilder()->add('news.isDeleted = 0'); } if (!WCF::getSession()->getPermission('mod.news.canReadFutureNews')) { if (WCF::getUser()->userID) { $newsList->getConditionBuilder()->add('(news.isPublished = 1 OR news.userID = ?)', array(WCF::getUser()->userID)); } else { $newsList->getConditionBuilder()->add('news.isPublished = 1'); } } $newsList->readObjects(); $this->news = $newsList->getObjects(); }
/** * @see wcf\page\IPage::show() */ public function show() { parent::show(); // check master password WCFACP::checkMasterPassword(); switch ($this->action) { case 'install': case 'update': if ($this->action == 'install') { WCF::getSession()->checkPermissions(array('admin.system.package.canInstallPackage')); } else { WCF::getSession()->checkPermissions(array('admin.system.package.canUpdatePackage')); } $queue = new PackageInstallationQueue($this->queueID); $dispatcher = new PackageInstallationDispatcher($queue); $dispatcher->beginInstallation(); break; case 'rollback': // TODO die('ROLLBACK'); //WCF::getSession()->checkPermissions(array('admin.system.package.canInstallPackage')); break; case 'openQueue': PackageInstallationDispatcher::openQueue($this->parentQueueID, $this->processNo); break; case 'startUninstall': WCF::getSession()->checkPermissions(array('admin.system.package.canUninstallPackage')); PackageUninstallationDispatcher::checkDependencies(); break; } }
/** * @see \wcf\data\ISortableAction::validateUpdatePosition() */ public function validateUpdatePosition() { if (!WCF::getSession()->getPermission('admin.project.canEditProject')) { throw new PermissionDeniedException(); } if (!isset($this->parameters['data']['structure'])) { throw new UserInputException('structure'); } $projectIDs = array(); foreach ($this->parameters['data']['structure'][0] as $projectID) { if (!$projectID) { throw new UserInputException('structure'); } $projectIDs[] = $projectID; } $projectIDs = array_unique($projectIDs); $conditions = new PreparedStatementConditionBuilder(); $conditions->add("projectID IN (?)", array($projectIDs)); $sql = "SELECT\tprojectID\n\t\t\t\tFROM\tict" . WCF_N . "_project\n\t\t\t\t" . $conditions; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute($conditions->getParameters()); while ($row = $statement->fetchArray()) { $key = array_search($row['projectID'], $projectIDs); if ($key !== false) { unset($projectIDs[$key]); } } if (!empty($projectIDs)) { throw new UserInputException('structure'); } }
/** * Updates session's last activity time to prevent it from expiring. */ public function keepAlive() { // ignore sessions created by this request if (WCF::getSession()->lastActivityTime == TIME_NOW) { return; } SessionHandler::getInstance()->keepAlive(); }
/** * Returns true, if the current user can use this news category. * * @return boolean */ public function canUseCategory() { // check category permissions if ($this->getPermission('canUseCategory') && WCF::getSession()->getPermission('user.filebase.canAddFile')) { return true; } return false; }
/** * @see \wcf\system\dashboard\box\AbstractContentDashboardBox::render() */ protected function render() { if (!count($this->vooliaNewsList) || !MODULE_LIKE || !WCF::getSession()->getPermission('user.like.canViewLike')) { return ''; } WCF::getTPL()->assign(array('vooliaNewsList' => $this->vooliaNewsList)); return WCF::getTPL()->fetch('dashboardSidebarBoxMostLikedNews', 'news'); }
/** * Validates parameters to return the confirm message for package uninstallation. */ public function validateGetConfirmMessage() { WCF::getSession()->checkPermissions($this->permissionsUpdate); $this->packageEditor = $this->getSingleObject(); if (!$this->packageEditor->canUninstall()) { throw new PermissionDeniedException(); } }
/** * @see \wcf\form\IForm::validate() */ public function validate() { // call validate event EventHandler::getInstance()->fireAction($this, 'validate'); if (!isset($_POST['t']) || !WCF::getSession()->checkSecurityToken($_POST['t'])) { throw new UserInputException('__securityToken'); } }
/** * Returns true, if the current user can use this news category. * * @return boolean */ public function canUseCategory() { // check news permissions if ($this->getPermission('canUseCategory') && WCF::getSession()->getPermission('user.news.canAddNews')) { return true; } return false; }
/** * @see \wcf\system\poll\IPollHandler::canVote() */ public function canVote() { if (WCF::getSession()->getPermission('user.news.canVote')) { return true; } else { return false; } }
/** * @see \wcf\form\IForm::save() */ public function save() { parent::save(); WCF::getSession()->register('disclaimerAccepted', true); $this->saved(); WCF::getSession()->update(); HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register')); exit; }
/** * @see \wcf\system\user\activity\event\IUserActivityEvent::prepare() */ public function prepare(array $events) { if (!WCF::getSession()->getPermission('user.profile.canViewUserProfile')) { return; } $responses = $responseIDs = array(); foreach ($events as $event) { $responseIDs[] = $event->objectID; } // fetch responses $responseList = new CommentResponseList(); $responseList->getConditionBuilder()->add("comment_response.responseID IN (?)", array($responseIDs)); $responseList->readObjects(); $responses = $responseList->getObjects(); // fetch comments $commentIDs = $comments = array(); foreach ($responses as $response) { $commentIDs[] = $response->commentID; } if (!empty($commentIDs)) { $commentList = new CommentList(); $commentList->getConditionBuilder()->add("comment.commentID IN (?)", array($commentIDs)); $commentList->readObjects(); $comments = $commentList->getObjects(); } // fetch users $userIDs = $users = array(); foreach ($comments as $comment) { $userIDs[] = $comment->objectID; $userIDs[] = $comment->userID; } if (!empty($userIDs)) { $userList = new UserProfileList(); $userList->getConditionBuilder()->add("user_table.userID IN (?)", array($userIDs)); $userList->readObjects(); $users = $userList->getObjects(); } // set message foreach ($events as $event) { if (isset($responses[$event->objectID])) { $response = $responses[$event->objectID]; $comment = $comments[$response->commentID]; if (isset($users[$comment->objectID]) && isset($users[$comment->userID])) { if (!$users[$comment->objectID]->isProtected()) { $event->setIsAccessible(); // title $text = WCF::getLanguage()->getDynamicVariable('wcf.user.profile.recentActivity.profileCommentResponse', array('commentAuthor' => $users[$comment->userID], 'user' => $users[$comment->objectID])); $event->setTitle($text); // description $event->setDescription($response->getExcerpt()); } continue; } } $event->setIsOrphaned(); } }
/** * @see \wcf\action\IAction::checkPermissions() */ public function checkPermissions() { // call checkPermissions event EventHandler::getInstance()->fireAction($this, 'checkPermissions'); // check permission if (!empty($this->neededPermissions)) { WCF::getSession()->checkPermissions($this->neededPermissions); } }
/** * Creates a new AccessibleFileVersionList object. */ public function __construct() { parent::__construct(); if (!WCF::getSession()->getPermission('mod.filebase.canModerateEntry')) { $this->getConditionBuilder()->add('file.isDisabled = 0'); } if (!WCF::getSession()->getPermission('mod.filebase.canViewDeletedEntry')) { $this->getConditionBuilder()->add('file.isDeleted = 0'); } }
/** * @see wcf\page\IPage::readFormParameters() */ public function readFormParameters() { parent::readFormParameters(); if (!WCF::getSession()->getPermission('admin.user.canEditPassword')) { $this->password = $this->confirmPassword = ''; } if (!WCF::getSession()->getPermission('admin.user.canEditMailAddress')) { $this->email = $this->confirmEmail = $this->user->email; } }