function check_component($option)
{
$user =& JFactory::getUser();
if ($user->get('gid') == 25) {
return true;
}
$db =& JFactory::getDBO();
$config = new CACL_config($db);
$config->load();
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$functions = $user_access['functions'];
$query = "SELECT COUNT(*) FROM `#__components` WHERE `parent` = 0 AND `option` = '{$option}' ";
$db->setQuery($query);
/*
// Kobby updated to check for specific managers - Catgory, Section and Frontpage Managers
if(( $option == 'com_categories' || $option == 'com_sections' || $option == 'com_frontpage' )){
//Continue...
}else{
if ((int)$db->loadResult() < 1 )
return true;
}
*/
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` = '{$option}' AND `name` = '###' AND `isbackend` = 1 AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
$db->setQuery($query);
$access = $db->loadObjectList();
/*if($option == 'com_categories'){
//echo $db->getQuery().'<br>';die();
}*/
$query = "SELECT `value` FROM `#__community_acl_config` WHERE `name` = 'default_action' ";
$db->setQuery($query);
$default_action = $db->loadResult();
if ($default_action == null) {
$default_action = 'deny';
}
if (is_array($access) && count($access) > 0) {
return $default_action == 'deny' ? true : false;
}
return $default_action == 'deny' ? false : true;
}
function onAfterRoute()
{
//adding cACL Activate
$app =& JFactory::getApplication();
if (FALSE === strpos($this->_caclConfig->activate, $app->getName())) {
return;
}
global $mainframe;
if (!file_exists(JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php')) {
return;
}
$back_end = false;
if ($app->getName() != 'site') {
$back_end = true;
}
/**
* This will return ajax calls from jomsocial popups.
*/
if ('community' == strtolower(JRequest::getVar('option')) && 'azrul_ajax' == strtolower(JRequest::getVar('task'))) {
return;
}
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$user =& JFactory::getUser();
if ($back_end && $option == 'com_cbcontact' && $task == '') {
$this->_syncCBContact();
}
if ($user->get('gid') == 25) {
return;
}
$db =& JFactory::getDBO();
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php';
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.functions.php';
$config = new CACL_config($db);
$config->load();
if ($back_end) {
$redirect_url = $config->admin_redirect_url;
} else {
$redirect_url = $config->redirect_url;
}
//check to not go in redirect loop
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
if (!$back_end && $_SERVER['REQUEST_URI'] == '/' || $_SERVER['REQUEST_URI'] == '/index.php' || $_SERVER['REQUEST_URI'] == '/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
if ($back_end && $_SERVER['REQUEST_URI'] == '/administrator/' || $_SERVER['REQUEST_URI'] == '/administrator/index.php' || $_SERVER['REQUEST_URI'] == $redirect_url || $_SERVER['REQUEST_URI'] == '/administrator/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
}
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$functions = $user_access['functions'];
$id = intval(JRequest::getInt('id'));
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
$id = -1;
}
$cid = JRequest::getVar('cid', array(-1), '', 'array');
JArrayHelper::toInteger($cid, array(-1));
if ($id == -1 && isset($_REQUEST['cid'][0]) && $_REQUEST['cid'][0] != '') {
$id = $cid[0];
}
$view = strtolower(JRequest::getCmd('view'));
$layout = strtolower(JRequest::getCmd('layout'));
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$catid = -1;
$sectionid = -1;
if ($back_end && $option == 'com_content' || !$back_end && $option == 'com_content' && $view == 'article' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `catid`, `sectionid` FROM `#__content` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$tmp = $db->loadAssoc();
$catid = $tmp['catid'];
$sectionid = $tmp['sectionid'];
}
} elseif ($back_end && $option == 'com_categories' || !$back_end && $option == 'com_content' && $view == 'category' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `section` FROM `#__categories` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$sectionid = $db->loadResult();
$catid = $id;
}
} elseif (!$back_end && $option == 'com_content' && $view == 'section' && $id > 0) {
$sectionid = $id;
}
$catid_r = intval(JRequest::getInt('catid'));
if (!isset($_REQUEST['catid'])) {
$catid_r = -1;
}
$sectionid_r = intval(JRequest::getInt('sectionid'));
if (!isset($_REQUEST['sectionid'])) {
$sectionid_r = -1;
}
$lang =& JFactory::getLanguage();
$lang->load('plg_system_community_acl');
if (!$back_end && ($task == 'save' || $task == 'apply') && $option == 'com_content' && $id == '0') {
$this->_emailPublisher($sectionid_r, $catid_r, $config->default_action);
}
//no groups/roles/functions for user
if (!(count($groups) > 1 && count($roles) > 1)) {
return;
}
if ($back_end && $option == 'com_login' && ($task == 'login' || $task == 'logout')) {
return;
}
if ($option == 'com_sections' || $option == 'com_categories' || $option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ('menu', 'com_sections', 'com_categories', 'com_content' ) AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
} else {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ( 'menu', '{$option}') AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
}
$db->setQuery($query);
$access = $db->loadObjectList();
//What is a frole and fgroup???
$froles = array();
$fgroups = array();
if (is_array($access) && count($access) > 0) {
foreach ($access as $item) {
//forbidden components
//echo $item->name .', $option = '.$option. ' $item->role_id=' .$item->role_id; die();
/**
* Functions are not singling out articles
* Attempting to trigger the logic to run checking functions for articles.
* —BUR 8/2/2011
*/
if ('###' === $item->name && 'com_content' === $item->option && 'com_content' === $option && !empty($cid) && in_array($task, array('unarchive', 'archive', 'publish', 'unpublish', 'movesect', 'copy', 'remove', 'edit', 'add', 'apply', 'save', 'cancel'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
/**
* end
*/
if ($item->name == '###' && $option == $item->option && ($option != 'com_content' && !($option == 'com_login' && $task == 'logout'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($item->name == '###' && $item->option == 'menu') {
if (check_menu($item->value, $_REQUEST['Itemid'])) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
} elseif ($item->name != '###') {
//forbidden content, sections, categiries
if ($back_end) {
if ('com_content' === $item->option && $option == 'com_content' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_content' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_sections' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_categories' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
/*
* This doesn't seem to do what it intended. -BUR 10/5/2010
if ($option == 'com_content' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_categories' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_sections' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_menus' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}*/
} else {
if ($option == 'com_content' && $view == 'section' && $item->option == 'com_sections' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_categories' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $item->option == 'com_content' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_sections' && $sectionid == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'edit' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'new' && ($item->option == 'com_sections' && $sectionid_r == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'save' && ($item->option == 'com_sections' && $sectionid_r == $item->value) || $item->option == 'com_categories' && $catid_r == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $layout == 'form' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'frontpage' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
}
}
}
}
$rows = $groups;
$rls = $roles;
if ($config->default_action == 'allow') {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (in_array($group, $fgroups) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
$ind = array_search($rls[$i], $roles);
if (in_array($rls[$i], $froles) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
}
}
if (!(count($groups) > 1 && count($roles) > 1)) {
//Kobby corrected the redirect issue right here.
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
/* * /
if(!isset($_REQUEST['load']))
$mainframe->redirect( $redirect_url.'?load=once', JText::_( 'ALERTNOTAUTH' ));
/* */
}
} else {
// What is going on here? Seriously. —BUR 8/2/2011
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (!in_array($group, $fgroups) && $ind !== false) {
$groups[$ind] = -1;
if (!in_array($roles[$ind], $froles)) {
$roles[$ind] = -1;
$functions[$ind] = -1;
}
}
$ind = array_search($rls[$i], $roles);
if (!in_array($rls[$i], $froles) && $ind !== false) {
$roles[$ind] = -1;
if (!in_array($groups[$ind], $fgroups)) {
$groups[$ind] = -1;
$functions[$ind] = -1;
}
}
}
}
$groups = array_unique($groups);
$roles = array_unique($roles);
$functions = array_unique($functions);
$restricted = true;
if (count($groups) == 1 && count($roles) == 1) {
//triggered bug BUT fixed now
if (JRequest::getVar('option') != 'com_content' && !$back_end) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$f_access = $db->loadObjectList();
$Itemid = JRequest::getInt('Itemid');
$task = JRequest::getVar('task', '');
$view = JRequest::getVar('view', '');
foreach ($f_access as $access) {
if ($access->value == $Itemid) {
$restricted = false;
} elseif ($access->value == $task) {
$restricted = false;
} elseif ($access->value == $view) {
$restricted = false;
}
}
if ($task == '' && $view == '') {
$restricted = true;
}
//Do not restrict JomComment Component
if ($option == 'jomcomment') {
$restricted = false;
}
if ($restricted) {
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
}
}
$query = "SELECT COUNT(*) FROM `#__community_acl_content_actions` WHERE `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$count = (int) $db->loadResult();
$content_all = 0;
if ($option == 'com_content') {
$query = "SELECT COUNT(*) FROM `#__community_acl_function_access` WHERE `option` = 'com_content' AND `name` = '#any_key#' AND `value` = '#any_value#' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "')";
$db->setQuery($query);
$content_all = (int) $db->loadResult();
$count = $count && !$content_all;
}
if ($count && ($task == '' || $task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive')) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($publish_array),
var_dump($publish_index),
var_dump($edit_array),
var_dump($edit_index),
var_dump($option),
var_dump(JRequest::getCMD('option')),
'</pre></div>';
exit;
/* */
if ($option == 'com_sections' && ($sectionid > -1 || $sectionid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` = 'section' AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
if ($option == 'com_categories' && ($catid > -1 || $catid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
//echo "$sectionid, $sectionid_r, $catid, $catid_r";die;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
}
if ($item->item_type == 'category') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $catid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
if ($option == 'com_content') {
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($option),
'</pre></div>';
exit;
/* */
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category', 'content') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($function_access),
var_dump($task),
'</pre></div>';
exit;
/* */
$bingo = false;
$bingo_edit = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $sectionid_r == $item->item_id) {
# - Kobby enhancement - Exception Catch : User is denied access to edit or publish but can add
/*if($item_type != 'add'){
$bingo = false;
}else{
$bingo = true;
}*/
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'category') {
if (($task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $catid_r == $item->item_id) {
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'content') {
if (($task == 'edit' || $task == 'archive' || $task == 'unarchive') && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($bingo),
var_dump($bingo_edit),
var_dump($bingo_publish),
var_dump($publish_index),
var_dump($edit_index),
var_dump($config->default_action),
var_dump($acl->acl),
'</pre></div>';
//exit;
/* */
# - Kobby needs to fix this bug for the Edit/Pub
if ($bingo_edit && $publish_index === 0) {
if ($config->default_action == 'allow') {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index === 0) {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
//die('bingo_edit');
}
if ($bingo_publish) {
if ($config->default_action == 'allow' && $publish_index === 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index === 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
//die('bingo_publish');
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny' && ($task != '' || $view == 'article' && $layout == 'form')) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
if ($task != 'save') {
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
}
} elseif ($config->default_action == 'deny') {
//This section modifies wether or not the edit article button is displayed on the front end. -BUR
//This is running on the back-end too —BUR 8/3/2011
if (!$content_all) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
unset($acl->acl[$publish_index]);
$acl->acl_count--;
unset($acl->acl[$edit_index]);
$acl->acl_count--;
if ($task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive' || $view == 'article' && $layout == 'form') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url,JText::_( 'ALERTNOTAUTH' ));
}
}
}
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$function_access = $db->loadObjectList();
// (isset($_REQUEST['searchword']) || isset($_REQUEST['action']) || isset($_REQUEST['view']) || isset($_REQUEST['task']) || isset($_REQUEST['id']) || isset($_REQUEST['cid']) || isset($_REQUEST['mode'])) &&
if (is_array($function_access) && count($function_access) > 0) {
$query = "SELECT `grouping` FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' GROUP BY `grouping` ORDER BY `grouping`";
$db->setQuery($query);
$groupings = $db->loadObjectList();
$allow_pass = false;
if (is_array($groupings) && count($groupings) > 0) {
foreach ($groupings as $g) {
$allow_pass = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->grouping != $g->grouping) {
continue;
}
//Kobby modification to fix the function issue
if ($_REQUEST['option'] == $item->option && !isset($_REQUEST[$item->name]) && $config->default_action == 'deny') {
$allow_pass = true;
}
//End
if ($item->name == '#any_key#') {
$allow_pass = false;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'allow') {
$allow_pass = true;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'deny') {
continue;
}
if ($item->name == 'id') {
if (((int) $_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || (int) $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 1;die;
$allow_pass = true;
continue;
}
} elseif (is_array($_REQUEST[$item->name])) {
if ((!in_array($item->value, $_REQUEST[$item->name]) && $item->value && $item->extra != '1' || in_array($item->value, $_REQUEST[$item->name]) && $item->extra == '1') && $item->value != '#any_value#') {
//echo 2;die;
$allow_pass = true;
continue;
}
} else {
if (($_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 3;die;
$allow_pass = true;
continue;
}
}
}
}
if ($config->default_action == 'allow') {
if (!$allow_pass) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} else {
if (!$allow_pass) {
return;
}
}
}
}
} else {
// Backend user has nothing defined in group/role/function and site set to deny all... why is it still allowed? —BUR 8/3/2011
return;
}
if ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
function onAfterRoute()
{
$app = JFactory::getApplication();
$db = JFactory::getDBO();
$config = new CACL_config($db);
$config->load();
$user_access = cacl_get_user_access($config);
$component = JRequest::getCmd('option');
if (!$app->isSite() || 'com_docman' != $component) {
return;
}
$catId = JSite::getMenu()->getParams(JRequest::getInt('Itemid'))->get('cat_id');
$catId = JRequest::getInt('gid', $catId);
$documentId = JRequest::getInt('bid', null);
//get the right parent category id from db
if ('doc_download' == JRequest::getCmd('task')) {
//maybe it's the docman document id
$sql = "\n \tSELECT cat.id FROM #__docman AS doc\n \tLEFT JOIN #__categories AS cat\n \t ON doc.catid=cat.id\n \tWHERE doc.id={$catId}\n ";
$db->setQuery($sql);
$catId = $db->loadResult();
}
$nodes = $this->_getNodes($db, $catId);
if (!empty($nodes)) {
while (!empty($nodes[0]->subnodes)) {
$nodes = $nodes[0]->subnodes;
}
$catId = $nodes[0]->id;
}
// cat_id is the category ID in #__docman.catid === #__categories.id
// gid is either #__docman.catid or #__docman.id. version 1.5
// bid is #__docman.id. tells docman which file to send for download. version 1.4
unset($user_access['groups'][0]);
unset($user_access['roles'][0]);
if (empty($user_access['groups']) && empty($user_access['roles'])) {
return;
}
$groups = implode(',', $user_access['groups']);
$roles = implode(',', $user_access['roles']);
$not = 'allow' == $config->default_action ? '' : 'NOT';
$sql = "\n \tSELECT *\n \tFROM `#__community_acl_access`\n \tWHERE `option`='com_docman' && (group_id IN ({$groups}) || role_id IN ({$roles}))\n ";
$db->setQuery($sql);
$res = $db->loadAssocList('value');
// Is access allowed to this category?
if ('allow' == $config->default_action) {
if (array_key_exists($catId, $res)) {
$app->redirect($config->redirect_url, JText::_('ALERTNOTAUTH'));
exit;
}
} else {
if (!array_key_exists($catId, $res)) {
$app->redirect($config->redirect_url, JText::_('ALERTNOTAUTH'));
exit;
}
}
// DOCman 1.4
// Somebody is trying to download. Is access allowed to this document?
if ($documentId !== null && $documentId > 0) {
$sql = "SELECT catid FROM #__docman WHERE id={$documentId}";
$db->setQuery($sql);
$catId = $db->loadResult();
if ('allow' == $config->default_action) {
if (array_key_exists($catId, $res)) {
$app->redirect($config->redirect_url, JText::_('ALERTNOTAUTH'));
exit;
}
} else {
if (!array_key_exists($catId, $res)) {
$app->redirect($config->redirect_url, JText::_('ALERTNOTAUTH'));
exit;
}
}
}
}
function check_module($id = 0)
{
$user =& JFactory::getUser();
if ($user->get('gid') == 25) {
return true;
}
$db =& JFactory::getDBO();
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php';
$config = new CACL_config($db);
$config->load();
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$functions = $user_access['functions'];
$default_action = $config->default_action;
$query = "SELECT `client_id` FROM `#__modules` WHERE `id` = '{$id}'";
$db->setQuery($query);
if ((int) $db->loadResult() > 0) {
return true;
}
$query = "SELECT COUNT(*) FROM `#__community_acl_access` WHERE ( group_id IN ( '" . implode("','", $groups) . "') OR role_id IN ( '" . implode("','", $roles) . "') ) AND `option` = 'module' AND `name` = '@@@' AND `value` = '{$id}'";
$db->setQuery($query);
if ((int) $db->loadResult() > 0) {
return $default_action == 'deny' ? true : false;
}
return $default_action == 'deny' ? false : true;
}
function getAccessList()
{
$db =& JFactory::getDBO();
$config = new CACL_config($db);
$config->load();
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$menuList = $this->getMenuList();
$query = "SELECT value FROM `#__community_acl_access` AS a\n\n\t\t\t\t\t\t\tWHERE a.option = 'jsmenu'\n\n\t\t\t\t\t\t\t\tAND ( a.group_id IN ( '" . implode("','", $groups) . "')\n\t\t\t\t\t\t\t\t\tOR a.role_id IN ( '" . implode("','", $roles) . "') )";
$db->setQuery($query);
$items = $db->loadAssocList();
$itemsPrepped = array();
foreach ($items as $item) {
$itemsPrepped[$item['value']] = true;
}
return $itemsPrepped;
}
function onAfterRoute()
{
global $mainframe;
if (!file_exists(JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php')) {
return;
}
$app =& JFactory::getApplication();
$back_end = false;
if ($app->getName() != 'site') {
$back_end = true;
}
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$user =& JFactory::getUser();
if ($back_end && $option == 'com_cbcontact' && $task == '') {
$this->_syncCBContact();
}
if ($user->get('gid') == 25) {
return;
}
$db =& JFactory::getDBO();
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php';
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.functions.php';
$config = new CACL_config($db);
$config->load();
if ($back_end) {
$redirect_url = $config->admin_redirect_url;
} else {
$redirect_url = $config->redirect_url;
}
//check to not go in redirect loop
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
if (!$back_end && $_SERVER['REQUEST_URI'] == '/' || $_SERVER['REQUEST_URI'] == '/index.php' || $_SERVER['REQUEST_URI'] == '/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
if ($back_end && $_SERVER['REQUEST_URI'] == '/administrator/' || $_SERVER['REQUEST_URI'] == '/administrator/index.php' || $_SERVER['REQUEST_URI'] == $redirect_url || $_SERVER['REQUEST_URI'] == '/administrator/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
}
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$functions = $user_access['functions'];
$id = intval(JRequest::getInt('id'));
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
$id = -1;
}
$cid = JRequest::getVar('cid', array(-1), '', 'array');
JArrayHelper::toInteger($cid, array(-1));
if ($id == -1 && isset($_REQUEST['cid'][0]) && $_REQUEST['cid'][0] != '') {
$id = $cid[0];
}
$view = strtolower(JRequest::getCmd('view'));
$layout = strtolower(JRequest::getCmd('layout'));
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$catid = -1;
$sectionid = -1;
if ($back_end && $option == 'com_content' || !$back_end && $option == 'com_content' && $view == 'article' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `catid`, `sectionid` FROM `#__content` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$tmp = $db->loadAssoc();
$catid = $tmp['catid'];
$sectionid = $tmp['sectionid'];
}
} elseif ($back_end && $option == 'com_categories' || !$back_end && $option == 'com_content' && $view == 'category' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `section` FROM `#__categories` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$sectionid = $db->loadResult();
$catid = $id;
}
} elseif (!$back_end && $option == 'com_content' && $view == 'section' && $id > 0) {
$sectionid = $id;
}
$catid_r = intval(JRequest::getInt('catid'));
if (!isset($_REQUEST['catid'])) {
$catid_r = -1;
}
$sectionid_r = intval(JRequest::getInt('sectionid'));
if (!isset($_REQUEST['sectionid'])) {
$sectionid_r = -1;
}
$lang =& JFactory::getLanguage();
$lang->load('plg_system_community_acl');
if (!$back_end && ($task == 'save' || $task == 'apply') && $option == 'com_content' && $id == '0') {
$this->_emailPublisher($sectionid_r, $catid_r, $config->default_action);
}
//no groups/roles/functions for user
if (!(count($groups) > 1 && count($roles) > 1)) {
return;
}
if ($back_end && $option == 'com_login' && ($task == 'login' || $task == 'logout')) {
return;
}
if ($option == 'com_sections' || $option == 'com_categories' || $option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ('menu', 'com_sections', 'com_categories', 'com_content' ) AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
} else {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ( 'menu', '{$option}') AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
}
$db->setQuery($query);
$access = $db->loadObjectList();
$froles = array();
$fgroups = array();
if (is_array($access) && count($access) > 0) {
foreach ($access as $item) {
//forbidden components
//echo $item->name .', $option = '.$option. ' $item->role_id=' .$item->role_id; die();
if ($item->name == '###' && $option == $item->option && ($option != 'com_content' && !($option == 'com_login' && $task == 'logout'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($item->name == '###' && $item->option == 'menu') {
if (check_menu($item->value, $_REQUEST)) {
if ($config->default_action == 'allow') {
//$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url, JText::_( 'ALERTNOTAUTH' ));
}
}
} elseif ($item->name != '###') {
//forbidden content, sections, categiries
if ($back_end) {
if ($option == 'com_content' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_content' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_sections' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_categories' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_categories' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_sections' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_menus' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
} else {
if ($option == 'com_content' && $view == 'section' && $item->option == 'com_sections' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_categories' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $item->option == 'com_content' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_sections' && $sectionid == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'edit' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'new' && ($item->option == 'com_sections' && $sectionid_r == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'save' && ($item->option == 'com_sections' && $sectionid_r == $item->value) || $item->option == 'com_categories' && $catid_r == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $layout == 'form' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'frontpage' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
}
}
}
}
$rows = $groups;
$rls = $roles;
if ($config->default_action == 'allow') {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (in_array($group, $fgroups) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
$ind = array_search($rls[$i], $roles);
if (in_array($rls[$i], $froles) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
}
}
if (!(count($groups) > 1 && count($roles) > 1)) {
//Kobby corrected the redirect issue right here.
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url, JText::_( 'ALERTNOTAUTH' ));
/* * /
if(!isset($_REQUEST['load']))
$mainframe->redirect( $redirect_url.'?load=once', JText::_( 'ALERTNOTAUTH' ));
/* */
}
} else {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (!in_array($group, $fgroups) && $ind !== false) {
$groups[$ind] = -1;
if (!in_array($roles[$ind], $froles)) {
$roles[$ind] = -1;
$functions[$ind] = -1;
}
}
$ind = array_search($rls[$i], $roles);
if (!in_array($rls[$i], $froles) && $ind !== false) {
$roles[$ind] = -1;
if (!in_array($groups[$ind], $fgroups)) {
$groups[$ind] = -1;
$functions[$ind] = -1;
}
}
}
}
$groups = array_unique($groups);
$roles = array_unique($roles);
$functions = array_unique($functions);
if (count($groups) == 1 && count($roles) == 1) {
//$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url, JText::_( 'ALERTNOTAUTH' ));
}
}
$query = "SELECT COUNT(*) FROM `#__community_acl_content_actions` WHERE `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$count = (int) $db->loadResult();
$content_all = 0;
if ($option == 'com_content') {
$query = "SELECT COUNT(*) FROM `#__community_acl_function_access` WHERE `option` = 'com_content' AND `name` = '#any_key#' AND `value` = '#any_value#' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "')";
$db->setQuery($query);
$content_all = (int) $db->loadResult();
$count = $count && !$content_all;
}
if ($count && ($task == '' || $task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive')) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
if ($option == 'com_sections' && ($sectionid > -1 || $sectionid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` = 'section' AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
//$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url,JText::_( 'ALERTNOTAUTH' ));
}
} elseif ($config->default_action == 'deny') {
//$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url,JText::_( 'ALERTNOTAUTH' ));
}
}
if ($option == 'com_categories' && ($catid > -1 || $catid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
//echo "$sectionid, $sectionid_r, $catid, $catid_r";die;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
}
if ($item->item_type == 'category') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $catid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
if ($option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category', 'content') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_edit = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $sectionid_r == $item->item_id) {
# - Kobby enhancement - Exception Catch : User is denied access to edit or publish but can add
if ($item_type != 'add') {
$bingo = false;
} else {
$bingo = true;
}
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'category') {
if (($task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $catid_r == $item->item_id) {
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'content') {
if (($task == 'edit' || $task == 'archive' || $task == 'unarchive') && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
# - Kobby needs to fix this bug for the Edit/Pub
if ($bingo_edit && $publish_index == 0) {
if ($config->default_action == 'allow') {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index == 0) {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
//die('bingo_edit');
}
if ($bingo_publish) {
if ($config->default_action == 'allow' && $publish_index == 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index == 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
//die('bingo_publish');
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny' && ($task != '' || $view == 'article' && $layout == 'form')) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
} elseif ($config->default_action == 'deny') {
if (!$content_all) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
unset($acl->acl[$publish_index]);
$acl->acl_count--;
unset($acl->acl[$edit_index]);
$acl->acl_count--;
if ($task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive' || $view == 'article' && $layout == 'form') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
}
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$function_access = $db->loadObjectList();
// (isset($_REQUEST['searchword']) || isset($_REQUEST['action']) || isset($_REQUEST['view']) || isset($_REQUEST['task']) || isset($_REQUEST['id']) || isset($_REQUEST['cid']) || isset($_REQUEST['mode'])) &&
if (is_array($function_access) && count($function_access) > 0) {
$query = "SELECT `grouping` FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' GROUP BY `grouping` ORDER BY `grouping`";
$db->setQuery($query);
$groupings = $db->loadObjectList();
$allow_pass = false;
if (is_array($groupings) && count($groupings) > 0) {
foreach ($groupings as $g) {
$allow_pass = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->grouping != $g->grouping) {
continue;
}
if ($item->name == '#any_key#') {
$allow_pass = false;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'allow') {
$allow_pass = true;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'deny') {
continue;
}
if ($item->name == 'id') {
if (((int) $_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || (int) $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 1;die;
$allow_pass = true;
continue;
}
} elseif (is_array($_REQUEST[$item->name])) {
if ((!in_array($item->value, $_REQUEST[$item->name]) && $item->value && $item->extra != '1' || in_array($item->value, $_REQUEST[$item->name]) && $item->extra == '1') && $item->value != '#any_value#') {
//echo 2;die;
$allow_pass = true;
continue;
}
} else {
if (($_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 3;die;
$allow_pass = true;
continue;
}
}
}
}
if ($config->default_action == 'allow') {
if (!$allow_pass) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} else {
if (!$allow_pass) {
return;
}
}
}
}
} else {
return;
}
if ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}