Added config option to grant userpage rights to new users (defaults to on, as it was hardcoded on before)
authorDan
Sun, 09 Nov 2008 09:03:10 -0500
changeset 731 8e6dbf6882c2
parent 730 b09cb1dab505
child 732 c3752aa881c2
Added config option to grant userpage rights to new users (defaults to on, as it was hardcoded on before)
includes/sessions.php
language/english/admin.json
plugins/SpecialAdmin.php
--- a/includes/sessions.php	Sun Nov 09 09:02:35 2008 -0500
+++ b/includes/sessions.php	Sun Nov 09 09:03:10 2008 -0500
@@ -1766,29 +1766,33 @@
       $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');');
     }
     
-    // Grant edit and very limited mod access to the userpage
-    $acl_data = array(
-        'read' => AUTH_ALLOW,
-        'view_source' => AUTH_ALLOW,
-        'edit_page' => AUTH_ALLOW,
-        'post_comments' => AUTH_ALLOW,
-        'edit_comments' => AUTH_ALLOW, // only allows editing own comments
-        'history_view' => AUTH_ALLOW,
-        'history_rollback' => AUTH_ALLOW,
-        'rename' => AUTH_ALLOW,
-        'delete_page' => AUTH_ALLOW,
-        'tag_create' => AUTH_ALLOW,
-        'tag_delete_own' => AUTH_ALLOW,
-        'tag_delete_other' => AUTH_ALLOW,
-        'edit_cat' => AUTH_ALLOW,
-        'create_page' => AUTH_ALLOW
-      );
-    $acl_data = $db->escape($this->perm_to_string($acl_data));
-    $userpage = $db->escape(sanitize_page_id($user_orig));
-    $cols = "target_type, target_id, page_id, namespace, rules";
-    $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'";
-    $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);";
-    $this->sql($q);
+    // Config option added, 1.1.5
+    if ( getConfig('userpage_grant_acl', '1') == '1' )             
+    {
+      // Grant edit and very limited mod access to the userpage
+      $acl_data = array(
+          'read' => AUTH_ALLOW,
+          'view_source' => AUTH_ALLOW,
+          'edit_page' => AUTH_ALLOW,
+          'post_comments' => AUTH_ALLOW,
+          'edit_comments' => AUTH_ALLOW, // only allows editing own comments
+          'history_view' => AUTH_ALLOW,
+          'history_rollback' => AUTH_ALLOW,
+          'rename' => AUTH_ALLOW,
+          'delete_page' => AUTH_ALLOW,
+          'tag_create' => AUTH_ALLOW,
+          'tag_delete_own' => AUTH_ALLOW,
+          'tag_delete_other' => AUTH_ALLOW,
+          'edit_cat' => AUTH_ALLOW,
+          'create_page' => AUTH_ALLOW
+        );
+      $acl_data = $db->escape($this->perm_to_string($acl_data));
+      $userpage = $db->escape(sanitize_page_id($user_orig));
+      $cols = "target_type, target_id, page_id, namespace, rules";
+      $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'";
+      $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);";
+      $this->sql($q);
+    }
     
     // Require the account to be activated?
     if ( $coppa )
--- a/language/english/admin.json	Sun Nov 09 09:02:35 2008 -0500
+++ b/language/english/admin.json	Sun Nov 09 09:03:10 2008 -0500
@@ -233,6 +233,7 @@
     },
     acpgc: {
       err_avatar_dir_invalid: 'You have entered an invalid avatar directory.',
+      err_avatar_dir_not_exist: 'The avatar directory you entered does not exist in the filesystem.',
       msg_save_success: 'Your changes to the site configuration have been saved.',
       
       // Section: global site options
@@ -382,6 +383,12 @@
       field_avatar_directory: 'Avatar storage directory:',
       field_avatar_directory_hint: 'This should be relative to your Enano root and should contain only alphanumeric characters and forward slashes, even if your server runs Windows.',
       
+      // Section: misc options
+      heading_usermisc: 'Other user options',
+      field_userpage_acl_title: 'New users can edit their user pages:',
+      field_userpage_acl_hint: 'This setting will cause Enano to grant certain rights to newly registered users, effective only on their user page. These rights include creating their page, editing their page, and posting comments. Since it generates a new ACL rule, you are able to override new permissions. This setting will only take effect on new users - it does not affect the permissions of those already registered.',
+      field_userpage_acl: 'Grant editing rights to new users on their user pages',
+      
       // Main section: sidebar links
       heading_sidebar: 'Sidebar links',
       
--- a/plugins/SpecialAdmin.php	Sun Nov 09 09:02:35 2008 -0500
+++ b/plugins/SpecialAdmin.php	Sun Nov 09 09:03:10 2008 -0500
@@ -393,9 +393,11 @@
     }
     else
     {
-      echo '<div class="error-box">' . $lang->get('acpgc_err_avatar_dir_invalid') . '</div>';
+      echo '<div class="error-box">' . $lang->get('acpgc_err_avatar_dir_not_exist') . '</div>';
     }
     
+    setConfig('userpage_grant_acl', ( isset($_POST['userpage_grant_acl']) ? '1' : '0' ));
+    
     echo '<div class="info-box">' . $lang->get('acpgc_msg_save_success') . '</div><br />';
     
   }
@@ -926,6 +928,27 @@
           <input type="text" name="avatar_directory" size="30" <?php if ( $x = getConfig('avatar_directory') ) echo "value=\"$x\" "; else echo "value=\"files/avatars\" "; ?>/>
         </td>
       </tr>
+      
+    <!-- Misc. options -->
+    
+      <tr>
+        <th class="subhead" colspan="2"><?php echo $lang->get('acpgc_heading_usermisc'); ?></th>
+      </tr>
+      
+      <tr>
+        <td class="row1">
+          <b><?php echo $lang->get('acpgc_field_userpage_acl_title'); ?></b><br />
+          <small>
+            <?php echo $lang->get('acpgc_field_userpage_acl_hint'); ?>
+          </small>
+        </td>
+        <td class="row1">
+          <label>
+            <input type="checkbox" name="userpage_grant_acl" <?php if ( getConfig('userpage_grant_acl', '1') == '1' ) echo 'checked="checked" '; ?>/>
+            <?php echo $lang->get('acpgc_field_userpage_acl'); ?>
+          </label>
+        </td>
+      </tr>
         
     </table>
     </div>