* $content = content of content and rss type pages ******************************************************************************/ if ($thisSection->pages) { $thisSection->handlePageOrder(); foreach ($thisSection->data[pages] as $p) { $o =& $thisSection->pages[$p]; $extra = ''; $content = ''; $nextorder = 1; if ($o->canview() || $o->hasPermissionDown("add or edit or delete")) { if (($action == 'viewsite' || ereg('preview_edit_as', $action)) && ($p == $page || $o->getField("type") != 'page')) { if ($cfg['disable_edit_content'] != TRUE || $_SESSION['ltype'] == 'admin') { /****************************************************************************** * Pages get same extras (ie edit options) regardless of navigation arrangement ******************************************************************************/ if (!indaterange($o->getField("activatedate"), $o->getField("deactivatedate"))) { $extra .= "<div class='small' align='left'><a href='{$PHP_SELF}?{$sid}&{$envvars}&action=edit_page&step=2&edit_page={$p}&comingFrom=viewsite'>[inactive]</a></div>"; } if (!$o->getField("active")) { $extra .= "<div class='small' align='left'><a href='{$PHP_SELF}?{$sid}&{$envvars}&action=edit_page&step=2&edit_page={$p}&comingFrom=viewsite'>[hidden]</a></div>"; } if ($thisSection->hasPermission("edit")) { if ($thisSection->getField("pageorder") == "custom") { if ($_REQUEST['showorder'] == "page") { $extra .= "<a href='{$PHP_SELF}?{$sid}&{$envvars}&action=viewsite&showorder=0' class='small' title='HIde reorder fields in this section'>hide order</a>"; } else { $extra .= "<a href='{$PHP_SELF}?{$sid}&{$envvars}&action=viewsite&showorder=page' class='small' title='Reorder pages in this section'>reorder</a>"; } } // $extra .= "<a style='cursor: pointer;' onclick=\"var orderFields = getElementsByAttribute(document.body, 'select', 'class', 'pageOrder'); for (var i = 0; i < orderFields.length; i++) {orderFields[i].style.display='inline';} this.style.display='none'; this.nextSibling.style.display='inline';\" class='small' title='Reorder pages in this section'>order</a>"; // $extra .= "<a style='cursor: pointer; display: none' onclick=\"var orderFields = getElementsByAttribute(document.body, 'select', 'class', 'pageOrder'); for (var i = 0; i < orderFields.length; i++) {orderFields[i].style.display='none';} this.style.display='none'; this.previousSibling.style.display='inline';\" class='small' title='Hide the reorder fields'>hide order</a>";
/** * Checks Several things to determine if the user can view the part: * - is this part Active? * - is this part within the enabled date ranges? * - does the user have permission to view this part if the above are true? * * @param optional string $user * @return boolean TRUE if the user can view the part * @access public * @date 8/31/04 */ function canview($user = "") { // Get our current user: if ($user == "") { $user = $_SESSION[auser]; } // Make sure we have everything fetched that we need. $this->fetchUp(); // The owner can always view, so return TRUE if ($this->owningSiteObj->owner == $user) { return TRUE; } // print "\n<br />Checking canview for '$user' ".get_class($this)." ".$this->name." / ".$this->id." - ".$this->getField("title"); // ------ Activation ------ // First lets check if this part is active so that we don't have to bother // checking permissions if it isn't active. // What level of the hierarchy are we looking at? $scope = get_class($this); // Check to see if this part is active. // Sections and pages of type "heading" can't be disabled if (!$this->getField("active") && ($scope != 'story' && $this->getField("type") != 'heading')) { return FALSE; } // Check to see if this part is outside of its active date range. if (!indaterange($this->getField("activatedate"), $this->getField("deactivatedate"))) { return FALSE; } // If we are passed the 'anyuser' user, then we are being asked if this // part is active, akin to asking, "Can anybody see this thing?". If we have // gotten this far, this is the case, so return TRUE if we are passed // $user == 'anyuser'. if ($user == 'anyuser') { return TRUE; } // ------ Permission ------ // If we have gotten this far, then the part is active. // We now need to check if the current user has permission to view the // part. // If we are looking at a site and already fetched the permissions, // we don't need to fetch them again. if ($this->fetched_forever_and_ever && get_class($this) == "site") { $fetch = FALSE; } else { $fetch = TRUE; } // view: The permission to check // $user: The user to check // FALSE: Don't check only the user, include the user in any groups they // may be a part of. // $fetch: Should we fetch permissions? return $this->hasPermissionDown("view", $user, FALSE, $fetch); }
function canview($a, $type = SITE) { // if (!$a[type]=='page'&&!$a[type]=='section'&&!$a[theme]) return 0; if ($a[type] == 'heading' || $a[type] == 'divider') { return 1; } if ($type == SITE || $type == SECTION || $type == PAGE) { if (!$a[active]) { return 0; } } if (!indaterange($a[activatedate], $a[deactivatedate])) { return 0; } return 1; }
} printc("\n\t\t\t\t</div>"); } /****************************************************************************** * Print out stories in pagination range ******************************************************************************/ for ($j = $start; $j < $end && $j < count($stories); $j++) { $s = $stories[$j]; if ($_REQUEST["tag"]) { $tagged_page = $tagged_stories[page_id][$j]; $tagged_section = $tagged_stories[section_id][$j]; $o =& new story($_REQUEST[site], $tagged_section, $tagged_page, $s, $thisPage); } else { $o =& $thisPage->stories[$s]; } if ($o && $o->canview() && indaterange($o->getField("activatedate"), $o->getField("deactivatedate"))) { if (($thisPage->getField("showhr") || $_REQUEST["tag"]) && $i != 0) { printc("\n\t\t\t\t<div class='hr' ><hr /></div>"); } /****************************************************************************** * print out story title ******************************************************************************/ if ($tagged_section) { $source_section = $section; $section = $tagged_section; } if ($tagged_page) { $source_page = $page; $page = $tagged_page; } if ($o->getField("title") && $o->getField("type") != "link" && $o->getField("type") != "file" && $o->getField("type") != "image") {