Project

General

Profile

Download (2.59 KB)

Bug #3044 » 3044-pt1.patch

krileon, 29 November 2011 15:50

View differences:

components/com_comprofiler/comprofiler.php
|| ( $_CB_framework->myId() != $fromid )
|| ( ! $toid )
|| ( ( $ueConfig['allow_email_display'] != 1 ) && ( $ueConfig['allow_email_display'] != 3 ) )
|| ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', userGID( $_CB_framework->myId() ) ) ) )
|| ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_groups_below_me( null, true ) ) ) )
{
cbNotAuth();
return;
......
return;
}
if ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', userGID( $_CB_framework->myId() ) ) ) {
if ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_groups_below_me( null, true ) ) ) {
cbNotAuth();
return;
}
......
function userProfile( $option, $uid, $submitvalue) {
global $_REQUEST, $ueConfig, $_CB_framework, $_PLUGINS;
if ( isset( $_REQUEST['user'] ) ) {
if ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', userGID( $_CB_framework->myId() ) ) ) {
if ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_groups_below_me( null, true ) ) ) {
if ( ( $_CB_framework->myId() < 1 )
&& ( ! ( ( ( $_CB_framework->getCfg( 'allowUserRegistration' ) == '0' )
&& ( ( ! isset($ueConfig['reg_admin_allowcbregistration']) ) || $ueConfig['reg_admin_allowcbregistration'] != '1' ) )
......
$msg = checkCBpermissions( array( (int) $user->id ), 'edit', true );
}
} elseif ( ( $reason === 'profile' ) || ( $reason === 'list' ) ) {
if ( allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', userGID( $_CB_framework->myId() ) ) ) {
if ( allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_groups_below_me( null, true ) ) ) {
$msg = null;
} else {
$msg = _UE_NOT_AUTHORIZED;
......
echo _UE_FUNCTIONALITY_DISABLED;
exit();
}
if (!allowAccess( $ueConfig['allow_profileviewbyGID'],'RECURSE', userGID( $_CB_framework->myId() ))) {
if (!allowAccess( $ueConfig['allow_profileviewbyGID'],'RECURSE', $_CB_framework->acl->get_groups_below_me( null, true ))) {
echo _UE_NOT_AUTHORIZED;
return;
}
(1-1/4)