/** * Generic authorize handler for controller delete actions * * @return boolean Can return both true or false. */ public function canDelete() { $result = false; if (parent::canDelete()) { return get_viwer()->admin(); } return $result; }
/** * Command handler * * @param string The command name * @param object The command context * @return boolean Can return both true or false. * @throws KControllerException */ public function execute($name, KCommandContext $context) { $parts = explode('.', $name); if ($parts[0] == 'before') { if (!$this->_checkToken($context)) { $context->setError(new KControllerException('Invalid token or session time-out', KHttpResponse::FORBIDDEN)); return false; } } return parent::execute($name, $context); }
/** * Generic authorize handler for controller delete actions * * @return boolean Can return both true or false. */ public function canDelete() { $result = false; if (parent::canDelete()) { if (version_compare(JVERSION, '1.6.0', 'ge')) { $result = JFactory::getUser()->authorise('core.delete'); } else { $result = JFactory::getUser()->get('gid') > 22; } } return $result; }