includes/pageutils.php
changeset 209 661beb9b0fa3
parent 205 62ee6685ad18
child 217 5bcdee999015
equal deleted inserted replaced
208:7fab1804a49e 209:661beb9b0fa3
   341       if ( $create != 'good' )
   341       if ( $create != 'good' )
   342         return 'The page did not exist, and I was not able to create it. The reported error was: ' . $create;
   342         return 'The page did not exist, and I was not able to create it. The reported error was: ' . $create;
   343       $paths->page_exists = true;
   343       $paths->page_exists = true;
   344     }
   344     }
   345     
   345     
   346     $prot = ( ( $paths->pages[$pname]['protected'] == 2 && $session->user_logged_in && $session->reg_time + 60*60*24*4 < time() ) || $paths->pages[$pname]['protected'] == 1) ? true : false;
   346     // Check page protection
   347     $wiki = ( ( $paths->pages[$pname]['wiki_mode'] == 2 && getConfig('wiki_mode') == '1') || $paths->pages[$pname]['wiki_mode'] == 1) ? true : false;
   347     
   348     if(($prot || !$wiki) && $session->user_level < USER_LEVEL_ADMIN ) return('You are not authorized to edit this page.');
   348     $is_protected = false;
       
   349     $page_data =& $paths->pages[$pname];
       
   350     // Is the protection semi?
       
   351     if ( $page_data['protected'] == 2 )
       
   352     {
       
   353       $is_protected = true;
       
   354       // Page is semi-protected. Has the user been here for at least 4 days?
       
   355       // 345600 seconds = 4 days
       
   356       if ( $session->user_logged_in && ( $session->reg_time + 345600 ) <= time() )
       
   357         $is_protected = false;
       
   358     }
       
   359     // Is the protection full?
       
   360     else if ( $page_data['protected'] == 1 )
       
   361     {
       
   362       $is_protected = true;
       
   363     }
       
   364     
       
   365     // If it's protected and we DON'T have even_when_protected rights, bail out
       
   366     if ( $is_protected && !$session->get_permissions('even_when_protected') )
       
   367     {
       
   368       return 'You don\'t have the necessary permissions to edit this page.';
       
   369     }
       
   370     
       
   371     // We're skipping the wiki mode check here because by default edit_page pemissions are AUTH_WIKIMODE.
       
   372     // The exception here is the user's own userpage, which is overridden at the time of account creation.
       
   373     // At that point it's set to AUTH_ALLOW, but obviously only for the user's own userpage.
   349     
   374     
   350     // Strip potentially harmful tags and PHP from the message, dependent upon permissions settings
   375     // Strip potentially harmful tags and PHP from the message, dependent upon permissions settings
   351     $message = RenderMan::preprocess_text($message, false, false);
   376     $message = RenderMan::preprocess_text($message, false, false);
   352     
   377     
   353     $msg = $db->escape($message);
   378     $msg = $db->escape($message);