Account Standing - {% if profile.checkPermission('SITE', 'DEACTIVATED') %} + {% if profile.permission(constant('Sakura\\Perms\\Site::DEACTIVATED')) %}
diff --git a/cron.php b/cron.php index ffa9a1c..f1a7309 100644 --- a/cron.php +++ b/cron.php @@ -18,7 +18,7 @@ if (function_exists('posix_getuid')) { define('SAKURA_NO_TPL', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; +require_once 'sakura.php'; // Override expiration variables ignore_user_abort(true); @@ -41,7 +41,7 @@ $expiredPremium = Database::fetch('premium', true, [ 'premium_expire' => [time(), '<'], ]); -// Process expired premium accounts +// Process expired premium accounts, make this not stupid in the future foreach ($expiredPremium as $expired) { Users::updatePremiumMeta($expired['user_id']); } diff --git a/integrations/SockChat.php b/integrations/SockChat.php index 51fec4e..836ade5 100644 --- a/integrations/SockChat.php +++ b/integrations/SockChat.php @@ -19,8 +19,11 @@ if (!isset($sockSakuraPath)) { // Include Sakura require_once $sockSakuraPath . '/sakura.php'; -use Sakura\Permissions; +use Sakura\Perms; +use Sakura\Perms\Site; +use Sakura\Perms\Manage; use Sakura\User; +use Sakura\Rank; use Sakura\Users; use sockchat\Auth; @@ -40,16 +43,16 @@ if (Auth::getPageType() == AUTH_FETCH) { // Check if session is active else deny if ($data = Users::checkLogin($uid, $sid)) { + // Create a user object + $user = User::construct($uid); + // Check if they can access the chat - if (Perms::check('SITE', 'DEACTIVATED', $uid, 1) || Perms::check('SITE', 'RESTRICTED', $uid, 1)) { + if ($user->permission(Site::DEACTIVATED) || $user->permission(Site::RESTRICTED)) { Auth::Deny(); Auth::Serve(); exit; } - // Create a user object - $user = User::construct($uid); - // Set the user's data Auth::SetUserData( $user->id(), @@ -59,12 +62,12 @@ if (Auth::getPageType() == AUTH_FETCH) { // Set the common permissions Auth::SetCommonPermissions( - $user->mainRank()['hierarchy'], - Perms::check('MANAGE', 'USE_MANAGE', $uid, 1) ? 1 : 0, - Perms::check('SITE', 'CREATE_BACKGROUND', $uid, 1) ? 1 : 0, - Perms::check('SITE', 'CHANGE_USERNAME', $uid, 1) ? 1 : 0, - Perms::check('SITE', 'MULTIPLE_GROUPS', $uid, 1) ? 2 : ( - Perms::check('SITE', 'CREATE_GROUP', $uid, 1) ? 1 : 0 + Rank::construct($user->mainRank())->hierarchy(), + $user->permission(Manage::USE_MANAGE, Perms::MANAGE) ? 1 : 0, + $user->permission(Site::CREATE_BACKGROUND) ? 1 : 0, + $user->permission(Site::CHANGE_USERNAME) ? 1 : 0, + $user->permission(Site::MULTIPLE_GROUPS) ? 2 : ( + $user->permission(Site::CREATE_GROUP) ? 1 : 0 ) ); diff --git a/libraries/Forum/Forum.php b/libraries/Forum/Forum.php index 089410f..2363d19 100644 --- a/libraries/Forum/Forum.php +++ b/libraries/Forum/Forum.php @@ -8,6 +8,7 @@ namespace Sakura\Forum; use Sakura\Database; use Sakura\Users; use Sakura\User; +use Sakura\Perms; /** * Class Forum @@ -35,6 +36,9 @@ class Forum // Get the row from the database $forumRow = Database::fetch('forums', false, ['forum_id' => [$forumId, '=']]); + // Create permissions object + $this->_permissions = new Perms(Perms::FORUM); + // Populate the variables if ($forumRow) { $this->id = $forumRow['forum_id']; @@ -49,6 +53,22 @@ class Forum } } + // Checking a permission + public function permission($flag, $user) { + // Set default permission value + $perm = 0; + + // Get the permissions of the parent forum if there is one + if ($this->category) { + $perm = $perm | $this->_permissions->user($user, ['forum_id' => [$this->category, '=']]); + } + + // Bitwise OR it with the permissions for this forum + $perm = $perm | $this->_permissions->user($user, ['forum_id' => [$this->id, '=']]); + + return $this->_permissions->check($flag, $perm); + } + // Subforums public function forums() { diff --git a/libraries/Forum/Perms.php b/libraries/Forum/Perms.php deleted file mode 100644 index 414c70b..0000000 --- a/libraries/Forum/Perms.php +++ /dev/null @@ -1,73 +0,0 @@ -perms = $this->getPerms($forumId, $rankId, $userId); - } - - // Get permissions - private function getPerms($forumId, $rankId = 0, $userId = 0, $perms = 0) { - // Attempt to get the forum's row from the db - $forumRows = Database::fetch('forums', true, ['forum_id' => [$forumId, '=']]); - - // Check if anything was returned, otherwise just stop - if (!$forumRows) { - return $perms; - } - - // Get the data from the permissions table - $forumPerms = Database::fetch('forum_permissions', false, [ - 'forum_id' => [$forumId, '='], - 'rank_id' => [$rankId, '='], - 'user_id' => [$userId, '='], - ]); - - // Perform a bitwise OR if perms is already set to something - if ($perms) { - $perms = $perms | $forumPerms['forum_perms']; - } else { - $perms = $forumPerms['forum_perms']; - } - - // Perform this again if this forum has a parent - if ($forumRows['forum_category']) { - $perms = $this->getPerms($forumId, $rankId, $userId, $perms); - } - - // Return new value - return $perms; - } - - // Check permission - public function check($perm) { - return bindec($this->perms) & $perm === true; - } -} diff --git a/libraries/Forum/Post.php b/libraries/Forum/Post.php index d6efb67..eb243f2 100644 --- a/libraries/Forum/Post.php +++ b/libraries/Forum/Post.php @@ -33,6 +33,7 @@ class Post public $editTime = 0; public $editReason = ""; public $editUser = []; + private $_permissions; // Constructor public function __construct($postId) diff --git a/libraries/Permissions.php b/libraries/Permissions.php deleted file mode 100644 index d40301e..0000000 --- a/libraries/Permissions.php +++ /dev/null @@ -1,164 +0,0 @@ - 0, - 'user_id' => 0, - 'permissions_site' => 1, - 'permissions_manage' => 0, - 'permissions_inherit' => 11, - ]; - - // Global permissions table - protected static $permissions = [ - // Site permissions - 'SITE' => [ - 'DEACTIVATED' => Site::DEACTIVATED, // Is a user deactivated - 'RESTRICTED' => Site::RESTRICTED, // Is a user restricted - 'ALTER_PROFILE' => Site::ALTER_PROFILE, // Can alter their profile data - 'CHANGE_AVATAR' => Site::CHANGE_AVATAR, // Can change their avatar - 'CREATE_BACKGROUND' => Site::CREATE_BACKGROUND, // Can create a background (different from changing) - 'CHANGE_BACKGROUND' => Site::CHANGE_BACKGROUND, // Can change their background - 'VIEW_MEMBERLIST' => Site::VIEW_MEMBERLIST, // Can view the memberlist - 'CREATE_USERPAGE' => Site::CREATE_USERPAGE, // Can create a userpage (different from changing) - 'CHANGE_USERPAGE' => Site::CHANGE_USERPAGE, // Can change their userpage - 'USE_MESSAGES' => Site::USE_MESSAGES, // Can use the Private Messaging system - 'SEND_MESSAGES' => Site::SEND_MESSAGES, // Can send Private Messages to other users - 'CHANGE_EMAIL' => Site::CHANGE_EMAIL, // Can change their account e-mail address - 'CHANGE_USERNAME' => Site::CHANGE_USERNAME, // Can change their username - 'CHANGE_USERTITLE' => Site::CHANGE_USERTITLE, // Can change their usertitle - 'CHANGE_PASSWORD' => Site::CHANGE_PASSWORD, // Can change their password - 'ALTER_RANKS' => Site::ALTER_RANKS, // Can change their ranks - 'MANAGE_SESSIONS' => Site::MANAGE_SESSIONS, // Can manage their sessions - 'CHANGE_SIGNATURE' => Site::CHANGE_SIGNATURE, // User can change their signature - 'DEACTIVATE_ACCOUNT' => Site::DEACTIVATE_ACCOUNT, // Can deactivate their account - 'VIEW_PROFILE_DATA' => Site::VIEW_PROFILE_DATA, // Can view other's profile data - 'MANAGE_FRIENDS' => Site::MANAGE_FRIENDS, // Can manage friends (add/remove) - 'REPORT_USERS' => Site::REPORT_USERS, // Can report users to staff - 'OBTAIN_PREMIUM' => Site::OBTAIN_PREMIUM, // Can obtain the premium rank - 'JOIN_GROUPS' => Site::JOIN_GROUPS, // Can join groups - 'CREATE_GROUP' => Site::CREATE_GROUP, // Can create a group - 'MULTIPLE_GROUPS' => Site::MULTIPLE_GROUPS, // Can create multiple groups (requires single group perm) - 'CHANGE_NAMECOLOUR' => Site::CHANGE_NAMECOLOUR, // Can change their username colour - 'STATIC_PREMIUM' => Site::STATIC_PREMIUM, // User has static premium status - 'CREATE_COMMENTS' => Site::CREATE_COMMENTS, // User can make comments - 'DELETE_COMMENTS' => Site::DELETE_COMMENTS, // User can delete own comments - 'VOTE_COMMENTS' => Site::VOTE_COMMENTS, // User can vote on comments - ], - - // Site management permissions - 'MANAGE' => [ - 'USE_MANAGE' => 1, - ], - ]; - - // Checking if a user has the permissions to do a thing - public static function check($layer, $action, $operator, $mode = 0) - { - // Check if the permission layer and the permission itself exists - if (!array_key_exists($layer, self::$permissions) || !array_key_exists($action, self::$permissions[$layer])) { - return false; - } - - // Convert to the appropiate mode - if ($mode === 2) { - $operator = self::getRankPermissions($operator)[$layer]; - } elseif ($mode === 1) { - $operator = self::getUserPermissions($operator)[$layer]; - } - - // Perform the bitwise AND - if (bindec($operator) & self::$permissions[$layer][$action]) { - return true; - } - - // Else just return false - return false; - } - - // Get permission data of a rank from the database - public static function getRankPermissions($ranks) - { - // Container array - $getRanks = []; - $perms = []; - - // Get permission row for all ranks - foreach ($ranks as $rank) { - $getRanks[] = Database::fetch('permissions', false, ['rank_id' => [$rank, '='], 'user_id' => [0, '=']]); - } - - // Check if getRanks is empty or if the rank id is 0 return the fallback - if (empty($getRanks) || in_array(0, $ranks)) { - $getRanks = [self::$fallback]; - } - - // Go over the permission data - foreach ($getRanks as $rank) { - // Check if perms is empty - if (empty($perms)) { - // Store the data of the current rank in $perms - $perms = [ - 'SITE' => $rank['permissions_site'], - 'MANAGE' => $rank['permissions_manage'], - ]; - } else { - // Perform a bitwise OR on the ranks - $perms = [ - 'SITE' => $perms['SITE'] | $rank['permissions_site'], - 'MANAGE' => $perms['MANAGE'] | $rank['permissions_manage'], - ]; - } - } - - // Return the compiled permission strings - return $perms; - } - - // Get permission data for a user - public static function getUserPermissions($uid) - { - // Get user data - $user = User::construct($uid); - - // Attempt to get the permission row of a user - $userPerms = Database::fetch('permissions', false, ['rank_id' => [0, '='], 'user_id' => [$user->id(), '=']]); - - // Get their rank permissions - $rankPerms = self::getRankPermissions($user->ranks()); - - // Just return the rank permissions if no special ones are set - if (empty($userPerms)) { - return $rankPerms; - } - - // Split the inherit option things up - $inheritance = str_split($userPerms['permissions_inherit']); - - // Override site permissions - if (!$inheritance[0]) { - $rankPerms['SITE'] = $userPerms['permissions_site']; - } - - // Override management permissions - if (!$inheritance[1]) { - $rankPerms['MANAGE'] = $userPerms['permissions_manage']; - } - - // Return permissions - return $rankPerms; - } -} diff --git a/libraries/Perms.php b/libraries/Perms.php index b30dd04..2fc0cc7 100644 --- a/libraries/Perms.php +++ b/libraries/Perms.php @@ -12,35 +12,79 @@ namespace Sakura; class Perms { // Modes - const SITE = 'permissions\permissions_site\user_id,rank_id'; - const MANAGE = 'permissions\permissions_manage\user_id,rank_id'; - const FORUM = 'forum_permissions\forum_perms\forum_id,user_id,rank_id'; + const SITE = 'permissions\permissions_site'; + const MANAGE = 'permissions\permissions_manage'; + const FORUM = 'forums_permissions\forum_perms'; // Variables protected $table = ''; protected $column = ''; - protected $selectors = []; - + // Constructor - public function __construct($mode) { + public function __construct($mode) + { + $this->mode($mode); + } + + // Change the mode + public function mode($mode) { // Split the mode variable $mode = explode('\\', $mode); // Assign $table, $column and $selectors $this->table = $mode[0]; $this->column = $mode[1]; - $this->selectors = explode(',', $mode[2]); } // Checking permissions - public function check($flag, $perm) { - return ($flag & bindec($perm)) > 0; + public function check($flag, $perm) + { + return ($flag & $perm) > 0; } - // Getting rank permissions - public function get($select) { - // Combine $select into $selectors - $select = array_slice($select, 0, count($this->selectors)); - $select = array_combine($this->selectors, $select); + // Getting a rank's permissions + public function rank($rid, $conditions = [], $perm = 0) + { + // Merge rank id and additional conditions + $conditions = array_merge(['rank_id' => [$rid, '='], 'user_id' => [0, '=']], $conditions); + + // Fetch from the db + $get = Database::fetch($this->table, false, $conditions); + + // Check if anything was returned + if ($get && array_key_exists($this->column, $get) && $get['rank_id']) { + // Perform a bitwise OR + $perm = $perm | bindec((string) $get[$this->column]); + } + + // Return the value + return $perm; + } + + // Getting a user's permissions + public function user($uid, $conditions = [], $perm = 0) + { + // Create a user object + $user = User::construct($uid); + + // Get data from ranks + foreach ($user->ranks() as $rank) { + $perm = $perm | $this->rank($rank, $conditions, $perm); + } + + // Merge user id and additional conditions + $conditions = array_merge(['user_id' => [$uid, '='], 'rank_id' => [0, '=']], $conditions); + + // Fetch from the db + $get = Database::fetch($this->table, false, $conditions); + + // Check if anything was returned + if ($get && array_key_exists($this->column, $get) && $get['user_id']) { + // Perform a bitwise OR + $perm = $perm | bindec((string) $get[$this->column]); + } + + // Return the value + return $perm; } } diff --git a/libraries/Perms/Manage.php b/libraries/Perms/Manage.php new file mode 100644 index 0000000..111844c --- /dev/null +++ b/libraries/Perms/Manage.php @@ -0,0 +1,15 @@ + '', 'rank_title' => '', ]; + private $permissions; + protected static $_rankCache = []; + + // Static initialiser + public static function construct($rid, $forceRefresh = false) { + // Check if a rank object isn't present in cache + if ($forceRefresh || !array_key_exists($rid, self::$_rankCache)) { + // If not create a new object and cache it + self::$_rankCache[$rid] = new Rank($rid); + } + + // Return the cached object + return self::$_rankCache[$rid]; + } // Initialise the rank object - public function __construct($rid) + private function __construct($rid) { // Get the rank database row @@ -41,6 +58,9 @@ class Rank // If not assign as the fallback rank $this->data = $getRank; } + + // Init the permissions + $this->permissions = new Perms(Perms::SITE); } // Get the rank id @@ -82,12 +102,18 @@ class Rank // Check if the rank is hidden public function hidden() { - return $this->data['rank_hidden'] || $this->checkPermission('SITE', 'DEACTIVATED') || $this->checkPermission('SITE', 'RESTRICTED'); + return $this->data['rank_hidden'] || $this->permission(Site::DEACTIVATED) || $this->permission(Site::RESTRICTED); } // Check if the rank has the proper permissions - public function checkPermission($layer, $action) + public function permission($flag) { - return Permissions::check($layer, $action, [$this->id()], 2); + // Set default permission value + $perm = 0; + + // Bitwise OR it with the permissions for this forum + $perm = $perm | $this->permissions->rank($this->id()); + + return $this->permissions->check($flag, $perm); } } diff --git a/libraries/Urls.php b/libraries/Urls.php index c7efe90..5e62f8f 100644 --- a/libraries/Urls.php +++ b/libraries/Urls.php @@ -27,10 +27,6 @@ class Urls '/news.php?id=%u', '/news/%u', ], - 'SITE_NEWS_RSS' => [ - '/news.php?xml=true', - '/news.xml', - ], 'SITE_SEARCH' => [ '/search.php', '/search', diff --git a/libraries/User.php b/libraries/User.php index 8eb8736..9542da3 100644 --- a/libraries/User.php +++ b/libraries/User.php @@ -5,6 +5,9 @@ namespace Sakura; +use Sakura\Perms; +use Sakura\Perms\Site; + /** * Class User * @package Sakura @@ -22,8 +25,8 @@ class User 'password_iter' => 0, 'password_chan' => 0, 'email' => 'sakura@localhost', - 'rank_main' => 0, - 'user_ranks' => '[0]', + 'rank_main' => 1, + 'user_ranks' => '[1]', 'user_colour' => '', 'register_ip' => '127.0.0.1', 'last_ip' => '127.0.0.1', @@ -36,6 +39,7 @@ class User ]; private $ranks = []; private $mainRank = []; + private $permissions; protected static $_userCache = []; // Static initialiser @@ -76,13 +80,13 @@ class User // Get the rows for all the ranks foreach ($this->data['user_ranks'] as $rank) { // Store the database row in the array - $this->ranks[$rank] = new Rank($rank); + $this->ranks[$rank] = Rank::construct($rank); } // Check if ranks were set if (empty($this->ranks)) { // If not assign the fallback rank - $this->ranks[0] = new Rank(0); + $this->ranks[0] = Rank::construct(0); } // Assign the user's main rank to a special variable since we'll use it a lot @@ -91,6 +95,9 @@ class User $this->data['rank_main'] : array_keys($this->ranks)[0] ]; + + // Init the permissions + $this->permissions = new Perms(Perms::SITE); } // Get user id @@ -326,7 +333,7 @@ class User $user = User::construct($uid); // Validate that the user exists - if ($user->checkPermission('SITE', 'DEACTIVATED')) { + if ($user->permission(Site::DEACTIVATED)) { return [0, 'USER_NOT_EXIST']; } @@ -353,7 +360,7 @@ class User $user = User::construct($uid); // Validate that the user exists - if ($user->checkPermission('SITE', 'DEACTIVATED')) { + if ($user->permission(Site::DEACTIVATED)) { return [0, 'USER_NOT_EXIST']; } @@ -472,9 +479,18 @@ class User } // Check if the user has the proper permissions - public function checkPermission($layer, $action) + public function permission($flag, $mode = null) { - return Permissions::check($layer, $action, $this->data['user_id'], 1); + // Set mode + $this->permissions->mode($mode ? $mode : Perms::SITE); + + // Set default permission value + $perm = 0; + + // Bitwise OR it with the permissions for this forum + $perm = $this->permissions->user($this->id()); + + return $this->permissions->check($flag, $perm); } // Get a user's profile comments @@ -576,7 +592,7 @@ class User } // Make sure the user has the proper permissions to use this option - if (!$this->checkPermission('SITE', $field['option_permission'])) { + if (!$this->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { continue; } @@ -593,7 +609,7 @@ class User { // Check if the user has static premium - if ($this->checkPermission('SITE', 'STATIC_PREMIUM')) { + if ($this->permission(Site::STATIC_PREMIUM)) { return [2, 0, time() + 1]; } diff --git a/libraries/Users.php b/libraries/Users.php index 4d6f839..7686fe1 100644 --- a/libraries/Users.php +++ b/libraries/Users.php @@ -5,6 +5,8 @@ namespace Sakura; +use Sakura\Perms\Site; + /** * Class Users * @package Sakura @@ -28,8 +30,11 @@ class Users // Validate the session $sessionValid = $session->validate(); + // Get user object + $user = User::construct($uid); + // Check if the session exists and check if the user is activated - if ($sessionValid == 0 || Permissions::check('SITE', 'DEACTIVATED', $uid, 1)) { + if ($sessionValid == 0 || $user->permission(Site::DEACTIVATED)) { // Unset User ID setcookie( Config::get('cookie_prefix') . 'id', @@ -136,7 +141,7 @@ class Users } // Check if the user has the required privs to log in - if (Permissions::check('SITE', 'DEACTIVATED', $user->id(), 1)) { + if ($user->permission(Site::DEACTIVATED)) { return [0, 'NOT_ALLOWED', $user->id()]; } @@ -341,8 +346,11 @@ class Users return [0, 'USER_NOT_EXIST']; } + // Create user object + $userObj = User::construct($user['user_id']); + // Check if the user has the required privs to log in - if (Permissions::check('SITE', 'DEACTIVATED', $user['user_id'], 1)) { + if ($userObj->permission(Site::DEACTIVATED)) { return [0, 'NOT_ALLOWED']; } @@ -445,8 +453,10 @@ class Users return [0, 'USER_NOT_EXIST']; } + $userObj = User::construct($user['user_id']); + // Check if a user is activated - if (!Permissions::check('SITE', 'DEACTIVATED', $user['user_id'], 1)) { + if (!$userObj->permission(Site::DEACTIVATED)) { return [0, 'USER_ALREADY_ACTIVE']; } @@ -462,15 +472,15 @@ class Users { // Get the user data - $user = Database::fetch('users', false, ['user_id' => [$uid, '=']]); + $user = User::construct($uid); // User is already activated or doesn't even exist - if (count($user) < 2 || !Permissions::check('SITE', 'DEACTIVATED', $user['user_id'], 1)) { + if (!$user->id() || !$user->permission(Site::DEACTIVATED)) { return false; } // Generate activation key - $activate = ($customKey ? $customKey : Main::newActionCode('ACTIVATE', $uid, [ + $activate = ($customKey ? $customKey : Main::newActionCode('ACTIVATE', $user->id(), [ 'user' => [ 'rank_main' => 2, 'user_ranks' => json_encode([2]), @@ -511,15 +521,15 @@ class Users public static function activateUser($uid, $requireKey = false, $key = null) { // Get the user data - $user = Database::fetch('users', false, ['user_id' => [$uid, '=']]); + $user = User::construct($uid); // Check if user exists - if (!count($user) > 1) { + if (!$user->id()) { return [0, 'USER_NOT_EXIST']; } // Check if user is already activated - if (!Permissions::check('SITE', 'DEACTIVATED', $user['user_id'], 1)) { + if (!$user->permission(Site::DEACTIVATED)) { return [0, 'USER_ALREADY_ACTIVE']; } @@ -531,7 +541,7 @@ class Users management reasons but you can't really get around this anyway) */ if ($requireKey) { // Check the action code - $action = Main::useActionCode('ACTIVATE', $key, $uid); + $action = Main::useActionCode('ACTIVATE', $key, $user->id()); // Check if we got a negative return if (!$action[0]) { @@ -551,7 +561,7 @@ class Users 'user_ranks' => $ranks, ], [ - 'user_id' => [$uid, '='], + 'user_id' => [$user->id(), '='], ], ]); @@ -676,9 +686,11 @@ class Users // Create output array $fields = []; + $user = User::construct(self::checkLogin()[0]); + // Iterate over the fields and clean them up foreach ($optionFields as $field) { - if (!Permissions::check('SITE', $field['option_permission'], self::checkLogin()[0], 1)) { + if (!$user->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { continue; } @@ -830,12 +842,14 @@ class Users continue; } + $user = User::construct($user['user_id']); + // Skip if inactive and not include deactivated users - if (!$includeInactive && Permissions::check('SITE', 'DEACTIVATED', $user['user_id'], 1)) { + if (!$includeInactive && $user->permission(Site::DEACTIVATED)) { continue; } - $users[$user['user_id']] = User::construct($user['user_id']); + $users[$user->id()] = $user; } // and return an array with the users @@ -853,7 +867,7 @@ class Users // Reorder shit foreach ($getRanks as $rank) { - $ranks[$rank['rank_id']] = new Rank($rank['rank_id']); + $ranks[$rank['rank_id']] = Rank::construct($rank['rank_id']); } // and return an array with the ranks diff --git a/public/manage.php b/public/manage.php index 496eebd..6b5ebe7 100644 --- a/public/manage.php +++ b/public/manage.php @@ -6,6 +6,9 @@ // Declare Namespace namespace Sakura; +use Sakura\Perms\Site; +use Sakura\Perms\Manage; + // Define that we are in Management mode define('SAKURA_MANAGE', true); @@ -19,7 +22,7 @@ $template = new Template(); $template->setTemplate($templateName); // Make sure user has the permissions to view this -if (!$currentUser->checkPermission('MANAGE', 'USE_MANAGE')) { +if (!$currentUser->permission(Manage::USE_MANAGE, Perms::MANAGE)) { // Set parse variables $template->setVariables($renderData); @@ -38,7 +41,7 @@ $pages = [ 'description' => [ 'Welcome to the Broomcloset! Here\'s a quick overview of the site.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'info' => [ @@ -46,7 +49,7 @@ $pages = [ 'description' => [ 'Manage and edit the info pages.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -59,7 +62,7 @@ $pages = [ 'description' => [ 'Manages the appearance of the site and most other options that don\'t need their own category.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'uploads' => [ @@ -67,7 +70,7 @@ $pages = [ 'description' => [ 'Settings regarding uploads like avatars and backgrounds.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'premium' => [ @@ -75,7 +78,7 @@ $pages = [ 'description' => [ 'Alters the way the premium system works.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'user' => [ @@ -83,7 +86,7 @@ $pages = [ 'description' => [ 'Settings regarding users such as registration.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'mail' => [ @@ -91,7 +94,7 @@ $pages = [ 'description' => [ 'How will Sakura send e-mails.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -104,7 +107,7 @@ $pages = [ 'description' => [ 'Change the forums.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'settings' => [ @@ -112,7 +115,7 @@ $pages = [ 'description' => [ 'Alter settings specific to the forum.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -125,7 +128,7 @@ $pages = [ 'description' => [ 'View all the comment categories.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -138,7 +141,7 @@ $pages = [ 'description' => [ 'View and change users.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'manage-ranks' => [ @@ -146,7 +149,7 @@ $pages = [ 'description' => [ 'View and change ranks.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'profile-fields' => [ @@ -154,7 +157,7 @@ $pages = [ 'description' => [ 'Manage the custom profile fields.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'option-fields' => [ @@ -162,7 +165,7 @@ $pages = [ 'description' => [ 'Manage the custom option fields.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'bans' => [ @@ -170,7 +173,7 @@ $pages = [ 'description' => [ 'Banning users.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'warnings' => [ @@ -178,7 +181,7 @@ $pages = [ 'description' => [ 'Warn users.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -191,7 +194,7 @@ $pages = [ 'description' => [ 'Alter the global site perms.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'management' => [ @@ -199,7 +202,7 @@ $pages = [ 'description' => [ 'Alter the management/moderation perms.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'forum' => [ @@ -207,7 +210,7 @@ $pages = [ 'description' => [ 'Alter the perms of the forums.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -220,7 +223,7 @@ $pages = [ 'description' => [ 'Viewing the global action logs.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'management' => [ @@ -228,7 +231,7 @@ $pages = [ 'description' => [ 'Viewing the management actions taken by staff.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'errors' => [ @@ -236,7 +239,7 @@ $pages = [ 'description' => [ 'Viewing the PHP error logs Sakura was able to log.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], diff --git a/public/news.php b/public/news.php index 60cc748..bb917d8 100644 --- a/public/news.php +++ b/public/news.php @@ -6,118 +6,12 @@ // Declare Namespace namespace Sakura; -// Use DOMDocument -use DOMDocument; - // Include components require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . 'sakura.php'; // Create a new News object $news = new News(isset($_GET['cat']) ? $_GET['cat'] : Config::get('site_news_category')); -// News XML feed -if (isset($_GET['xml'])) { - // Get the news posts - $posts = $news->posts; - - // Meta data attributes - $metaData = [ - 'title' => ($_FEED_TITLE = Config::get('sitename')) . ' News', - 'link' => ($_FEED_URL = 'http://' . Config::get('url_main')), - 'description' => 'News about ' . $_FEED_TITLE, - 'language' => 'en-gb', - 'webMaster' => Config::get('admin_email') . ' (' . $_FEED_TITLE . ' Webmaster)', - 'pubDate' => ($_FEED_DATE = date('r', $posts[array_keys($posts)[0]]['news_timestamp'])), - 'lastBuildDate' => $_FEED_DATE, - ]; - - // Item attributes - $itemData = [ - 'title' => ['text' => '0', 'eval' => '$post["news_title"]'], - 'link' => ['text' => $_FEED_URL . (new Urls())->format('SITE_NEWS_POST', ['0']), 'eval' => '$post["news_id"]'], - 'guid' => ['text' => $_FEED_URL . (new Urls())->format('SITE_NEWS_POST', ['0']), 'eval' => '$post["news_id"]'], - 'pubDate' => ['text' => '{EVAL}', 'eval' => 'date("D, d M Y G:i:s O", $post["news_timestamp"])'], - 'dc:publisher' => ['text' => '0', 'eval' => '$post["news_poster"]->username()'], - 'description' => ['cdata' => '0', 'eval' => '$post["news_content_parsed"]'], - ]; - - // Create a new DOM document - $feed = new DOMDocument('1.0', 'utf-8'); - - // Create the RSS element - $fRss = $feed->createElement('rss'); - - // Set attributes - $fRss->setAttribute('version', '2.0'); - $fRss->setAttribute('xmlns:atom', 'http://www.w3.org/2005/Atom'); - $fRss->setAttribute('xmlns:dc', 'http://purl.org/dc/elements/1.1'); - - // Create the channel element - $fChannel = $feed->createElement('channel'); - - // Build meta elements - foreach ($metaData as $name => $value) { - // Create the elements - $mElem = $feed->createElement($name); - $mElemText = $feed->createTextNode($value); - - // Append them - $mElem->appendChild($mElemText); - $fChannel->appendChild($mElem); - - // Unset the working vars - unset($mElem); - unset($mElemText); - } - - // Add all the posts - foreach ($posts as $post) { - // Create item element - $fPost = $feed->createElement('item'); - - // Create post attributes - foreach ($itemData as $tag => $valueData) { - // Create the element - $pElem = $feed->createElement($tag); - - // Create value - eval('$value = ' . $valueData['eval'] . ';'); - $value = str_replace( - '0', - $value, - $valueData[(array_key_exists('cdata', $valueData) ? 'cdata' : 'text')] - ); - - // Create text node or cdata container - $pElemText = (array_key_exists('cdata', $valueData)) ? - $feed->createCDATASection($value) : - $feed->createTextNode($value); - - // Append them - $pElem->appendChild($pElemText); - $fPost->appendChild($pElem); - - // Unset the working vars - unset($pElem); - unset($pElemText); - unset($value); - } - - // Append the item to the channel - $fChannel->appendChild($fPost); - } - - // Append the channel element to RSS - $fRss->appendChild($fChannel); - - // Append the RSS element to the DOM - $feed->appendChild($fRss); - - // Return the feed - print $feed->saveXML(); - exit; -} - $renderData = array_merge($renderData, [ 'news' => $news, 'postsPerPage' => Config::get('news_posts_per_page'), diff --git a/public/posting.php b/public/posting.php index ea4bbee..3c84197 100644 --- a/public/posting.php +++ b/public/posting.php @@ -1,11 +1,14 @@ forum; +// Creare forum class +$forum = new Forum\Forum($forumId); + +// Check if the user has access to the forum +if (!$forum->permission(ForumPerms::VIEW, $currentUser->id()) || !$forum->permission(ForumPerms::REPLY, $currentUser->id())) { + // Set render data + $renderData['page'] = [ + 'title' => 'Information', + 'message' => 'You do not have access to this forum.', + ]; + + // Set parse variables + $template->setVariables($renderData); + + // Print page contents + echo $template->render('global/information'); + exit; +} + $mode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) ? 't' : (isset($_GET['p']) ? 'p' : null)); // Include emotes and bbcodes diff --git a/public/profile.php b/public/profile.php index 3f23651..5d1223c 100644 --- a/public/profile.php +++ b/public/profile.php @@ -31,6 +31,28 @@ $views = [ $renderData['profile'] = $profile; $renderData['profileView'] = isset($_GET['view']) && in_array($_GET['view'], $views) ? $_GET['view'] : $views[0]; +// If the user id is zero check if there was a namechange +if ($profile->id() == 0) { + // Fetch from username_history + $check = Database::fetch('username_history', false, ['username_old_clean' => [Main::cleanString(isset($_GET['u']) ? $_GET['u'] : 0, true ,true), '=']]); + + // Redirect if so + if ($check) { + $renderData['page'] = [ + 'title' => 'Information', + 'message' => 'The user this profile belongs to changed their username, you are being redirected.', + 'redirect' => $urls->format('USER_PROFILE', [$check['user_id']]), + ]; + } + + // Set parse variables + $template->setVariables($renderData); + + // Print page contents + echo $template->render('global/information'); + exit; +} + // Set parse variables $template->setVariables($renderData); diff --git a/public/settings.php b/public/settings.php index 2947665..265a098 100644 --- a/public/settings.php +++ b/public/settings.php @@ -6,6 +6,8 @@ // Declare Namespace namespace Sakura; +use Sakura\Perms\Site; + // If this we're requesting notifications this page won't require templating if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) { define('SAKURA_NO_TPL', true); @@ -165,7 +167,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Check if the user can delete comments - if (!$currentUser->checkPermission('SITE', 'VOTE_COMMENTS')) { + if (!$currentUser->permission(Site::VOTE_COMMENTS)) { $renderData['page'] = [ 'redirect' => $redirect, 'message' => 'You aren\'t allowed to vote on comments.', @@ -201,7 +203,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification } // Check if the user can delete comments - if (!$currentUser->checkPermission('SITE', 'DELETE_COMMENTS')) { + if (!$currentUser->permission(Site::DELETE_COMMENTS)) { $renderData['page'] = [ 'redirect' => $redirect, 'message' => 'You aren\'t allowed to delete comments.', @@ -231,7 +233,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification case 'comment': // Check if the user can delete comments - if (!$currentUser->checkPermission('SITE', 'CREATE_COMMENTS')) { + if (!$currentUser->permission(Site::CREATE_COMMENTS)) { $renderData['page'] = [ 'redirect' => $redirect, 'message' => 'You aren\'t allowed to comment.', @@ -461,15 +463,15 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification $msgTitle = 'Background'; $permission = ( !empty($currentUser->userData()[$userDataKey]) - && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND') - ) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'); + && $currentUser->permission(Site::CHANGE_BACKGROUND) + ) || $currentUser->permission(Site::CREATE_BACKGROUND); break; case 'avatar': default: $userDataKey = 'userAvatar'; $msgTitle = 'Avatar'; - $permission = $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'); + $permission = $currentUser->permission(Site::CHANGE_AVATAR); } // Check if the user has the permissions to go ahead @@ -768,7 +770,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Go over each field foreach ($fields as $field) { // Make sure the user has sufficient permissions to complete this action - if (!$currentUser->checkPermission('SITE', $field['option_permission'])) { + if (!$currentUser->permission(constant('Sakura\Perms\Site::' . $field['option_permission']))) { $store[$field['option_id']] = false; continue; } @@ -795,7 +797,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Usertitle case 'usertitle': // Check permissions - if (!$currentUser->checkPermission('SITE', 'CHANGE_USERTITLE')) { + if (!$currentUser->permission(Site::CHANGE_USERTITLE)) { $renderData['page'] = [ 'redirect' => $redirect, @@ -844,7 +846,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Username changing case 'username': // Check permissions - if (!$currentUser->checkPermission('SITE', 'CHANGE_USERNAME')) { + if (!$currentUser->permission(Site::CHANGE_USERNAME)) { $renderData['page'] = [ 'redirect' => $redirect, @@ -881,7 +883,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // E-mail changing case 'email': // Check permissions - if (!$currentUser->checkPermission('SITE', 'CHANGE_EMAIL')) { + if (!$currentUser->permission(Site::CHANGE_EMAIL)) { $renderData['page'] = [ 'redirect' => $redirect, @@ -916,7 +918,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Password changing case 'password': // Check permissions - if (!$currentUser->checkPermission('SITE', 'CHANGE_PASSWORD')) { + if (!$currentUser->permission(Site::CHANGE_PASSWORD)) { $renderData['page'] = [ 'redirect' => $redirect, @@ -953,7 +955,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification // Deactivation case 'deactivate': // Check permissions - if (!$currentUser->checkPermission('SITE', 'DEACTIVATE_ACCOUNT')) { + if (!$currentUser->permission(Site::DEACTIVATE_ACCOUNT)) { $renderData['page'] = [ 'redirect' => $redirect, @@ -1055,7 +1057,7 @@ if (Users::checkLogin()) { From here you can monitor, view and update your profile and preferences.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], 'profile' => [ @@ -1064,7 +1066,7 @@ if (Users::checkLogin()) { 'These are the external account links etc. on your profile, shouldn\'t need any additional explanation for this one.', ], - 'access' => $currentUser->checkPermission('SITE', 'ALTER_PROFILE'), + 'access' => $currentUser->permission(Site::ALTER_PROFILE), 'menu' => true, ], 'options' => [ @@ -1072,7 +1074,7 @@ if (Users::checkLogin()) { 'description' => [ 'These are a few personalisation options for the site while you\'re logged in.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -1085,7 +1087,7 @@ if (Users::checkLogin()) { 'description' => [ 'Manage your friends.', ], - 'access' => $currentUser->checkPermission('SITE', 'MANAGE_FRIENDS'), + 'access' => $currentUser->permission(Site::MANAGE_FRIENDS), 'menu' => true, ], 'requests' => [ @@ -1093,7 +1095,7 @@ if (Users::checkLogin()) { 'description' => [ 'Handle friend requests.', ], - 'access' => $currentUser->checkPermission('SITE', 'MANAGE_FRIENDS'), + 'access' => $currentUser->permission(Site::MANAGE_FRIENDS), 'menu' => true, ], ], @@ -1106,7 +1108,7 @@ if (Users::checkLogin()) { 'description' => [ 'The list of messages you\'ve received.', ], - 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), + 'access' => $currentUser->permission(Site::USE_MESSAGES), 'menu' => true, ], 'sent' => [ @@ -1114,7 +1116,7 @@ if (Users::checkLogin()) { 'description' => [ 'The list of messages you\'ve sent to other users.', ], - 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), + 'access' => $currentUser->permission(Site::USE_MESSAGES), 'menu' => true, ], 'compose' => [ @@ -1122,7 +1124,7 @@ if (Users::checkLogin()) { 'description' => [ 'Write a new message.', ], - 'access' => $currentUser->checkPermission('SITE', 'SEND_MESSAGES'), + 'access' => $currentUser->permission(Site::SEND_MESSAGES), 'menu' => true, ], 'read' => [ @@ -1130,7 +1132,7 @@ if (Users::checkLogin()) { 'description' => [ 'Read a message.', ], - 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), + 'access' => $currentUser->permission(Site::USE_MESSAGES), 'menu' => false, ], ], @@ -1143,7 +1145,7 @@ if (Users::checkLogin()) { 'description' => [ 'The history of notifications that have been sent to you in the last month.', ], - 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), + 'access' => !$currentUser->permission(Site::DEACTIVATED), 'menu' => true, ], ], @@ -1159,7 +1161,7 @@ if (Users::checkLogin()) { minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }}, maximum file size is {{ avatar.max_size_view }}.', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'), + 'access' => $currentUser->permission(Site::CHANGE_AVATAR), 'menu' => true, ], 'background' => [ @@ -1172,8 +1174,8 @@ if (Users::checkLogin()) { ], 'access' => ( isset($currentUser->userData()['profileBackground']) - && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND') - ) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'), + && $currentUser->permission(Site::CHANGE_BACKGROUND) + ) || $currentUser->permission(Site::CREATE_BACKGROUND), 'menu' => true, ], 'userpage' => [ @@ -1183,8 +1185,8 @@ if (Users::checkLogin()) { ], 'access' => ( isset($currentUser->userData()['userPage']) - && $currentUser->checkPermission('SITE', 'CHANGE_USERPAGE') - ) || $currentUser->checkPermission('SITE', 'CREATE_USERPAGE'), + && $currentUser->permission(Site::CHANGE_USERPAGE) + ) || $currentUser->permission(Site::CREATE_USERPAGE), 'menu' => true, ], 'signature' => [ @@ -1192,7 +1194,7 @@ if (Users::checkLogin()) { 'description' => [ 'This signature is displayed at the end of all your posts (unless you choose not to show it).', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_SIGNATURE'), + 'access' => $currentUser->permission(Site::CHANGE_SIGNATURE), 'menu' => true, ], ], @@ -1205,7 +1207,7 @@ if (Users::checkLogin()) { 'description' => [ 'You e-mail address is used for password recovery and stuff like that, we won\'t spam you ;).', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_EMAIL'), + 'access' => $currentUser->permission(Site::CHANGE_EMAIL), 'menu' => true, ], 'username' => [ @@ -1214,7 +1216,7 @@ if (Users::checkLogin()) { 'Probably the biggest part of your identity on a site.', 'You can only change this once every 30 days so choose wisely.', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_USERNAME'), + 'access' => $currentUser->permission(Site::CHANGE_USERNAME), 'menu' => true, ], 'usertitle' => [ @@ -1222,7 +1224,7 @@ if (Users::checkLogin()) { 'description' => [ 'That little piece of text displayed under your username on your profile.', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_USERTITLE'), + 'access' => $currentUser->permission(Site::CHANGE_USERTITLE), 'menu' => true, ], 'password' => [ @@ -1230,7 +1232,7 @@ if (Users::checkLogin()) { 'description' => [ 'Used to authenticate with the site and certain related services.', ], - 'access' => $currentUser->checkPermission('SITE', 'CHANGE_PASSWORD'), + 'access' => $currentUser->permission(Site::CHANGE_PASSWORD), 'menu' => true, ], 'ranks' => [ @@ -1240,7 +1242,7 @@ if (Users::checkLogin()) { Your main rank is highlighted. You get the permissions of all of the ranks you\'re in combined.', ], - 'access' => $currentUser->checkPermission('SITE', 'ALTER_RANKS'), + 'access' => $currentUser->permission(Site::ALTER_RANKS), 'menu' => true, ], ], @@ -1259,7 +1261,7 @@ if (Users::checkLogin()) { 'If you get logged out after clicking one you\'ve most likely killed your current session, to make it easier to avoid this from happening your current session is highlighted.', ], - 'access' => $currentUser->checkPermission('SITE', 'MANAGE_SESSIONS'), + 'access' => $currentUser->permission(Site::MANAGE_SESSIONS), 'menu' => true, ], 'deactivate' => [ @@ -1267,7 +1269,7 @@ if (Users::checkLogin()) { 'description' => [ 'You can deactivate your account here if you want to leave :(.', ], - 'access' => $currentUser->checkPermission('SITE', 'DEACTIVATE_ACCOUNT'), + 'access' => $currentUser->permission(Site::DEACTIVATE_ACCOUNT), 'menu' => true, ], ], diff --git a/public/support.php b/public/support.php index ce89137..5c91fad 100644 --- a/public/support.php +++ b/public/support.php @@ -6,6 +6,8 @@ // Declare Namespace namespace Sakura; +use Sakura\Perms\Site; + // Include components require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . 'sakura.php'; @@ -18,7 +20,7 @@ $template->setTemplate($templateName); // Switch between modes (we only allow this to be used by logged in user) if (isset($_REQUEST['mode']) && Users::checkLogin() - && $currentUser->checkPermission('SITE', 'OBTAIN_PREMIUM')) { + && $currentUser->permission(Site::OBTAIN_PREMIUM)) { // Initialise Payments class if (!Payments::init()) { header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); diff --git a/public/viewforum.php b/public/viewforum.php index 39edc34..43be097 100644 --- a/public/viewforum.php +++ b/public/viewforum.php @@ -6,6 +6,8 @@ // Declare Namespace namespace Sakura; +use Sakura\Perms\Forum as ForumPerms; + // Include components require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . 'sakura.php'; @@ -34,6 +36,22 @@ if ($forum->id < 0) { exit; } +// Check if the user has access to the forum +if (!$forum->permission(ForumPerms::VIEW, $currentUser->id())) { + // Set render data + $renderData['page'] = [ + 'title' => 'Information', + 'message' => 'You do not have access to this forum.', + ]; + + // Set parse variables + $template->setVariables($renderData); + + // Print page contents + echo $template->render('global/information'); + exit; +} + // Check if the forum isn't a link if ($forum->type === 2) { // Set render data diff --git a/public/viewtopic.php b/public/viewtopic.php index 602e6ab..3a38a3a 100644 --- a/public/viewtopic.php +++ b/public/viewtopic.php @@ -6,6 +6,8 @@ // Declare Namespace namespace Sakura; +use Sakura\Perms\Forum as ForumPerms; + // Include components require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . 'sakura.php'; @@ -40,6 +42,22 @@ if (!$thread) { exit; } +// Check if the user has access to the forum +if (!$forum->permission(ForumPerms::VIEW, $currentUser->id())) { + // Set render data + $renderData['page'] = [ + 'title' => 'Information', + 'message' => 'You do not have access to this thread.', + ]; + + // Set parse variables + $template->setVariables($renderData); + + // Print page contents + echo $template->render('global/information'); + exit; +} + // Update the tracking status $thread->trackUpdate($currentUser->id()); diff --git a/sakura.php b/sakura.php index d8fd68b..07d7bae 100644 --- a/sakura.php +++ b/sakura.php @@ -8,7 +8,7 @@ namespace Sakura; // Define Sakura version -define('SAKURA_VERSION', '20151228'); +define('SAKURA_VERSION', '20151229'); define('SAKURA_VLABEL', 'Eminence'); define('SAKURA_COLOUR', '#6C3082'); @@ -45,7 +45,6 @@ require_once ROOT . 'libraries/Manage.php'; require_once ROOT . 'libraries/News.php'; require_once ROOT . 'libraries/Payments.php'; require_once ROOT . 'libraries/Perms.php'; -require_once ROOT . 'libraries/Permissions.php'; require_once ROOT . 'libraries/Rank.php'; require_once ROOT . 'libraries/Session.php'; require_once ROOT . 'libraries/Template.php'; @@ -55,10 +54,10 @@ require_once ROOT . 'libraries/User.php'; require_once ROOT . 'libraries/Users.php'; require_once ROOT . 'libraries/Whois.php'; require_once ROOT . 'libraries/Forum/Forum.php'; -require_once ROOT . 'libraries/Forum/Perms.php'; require_once ROOT . 'libraries/Forum/Post.php'; require_once ROOT . 'libraries/Forum/Thread.php'; require_once ROOT . 'libraries/Perms/Forum.php'; +require_once ROOT . 'libraries/Perms/Manage.php'; require_once ROOT . 'libraries/Perms/Site.php'; // Include database extensions diff --git a/templates/misaki/global/master.tpl b/templates/misaki/global/master.tpl index 3a68be7..3ed293e 100644 --- a/templates/misaki/global/master.tpl +++ b/templates/misaki/global/master.tpl @@ -61,7 +61,7 @@ // Space for things that need to happen onload window.addEventListener("load", function() { - {% if php.self == '/profile.php' ? (profile.userData.profileBackground and not profile.optionFields.disableProfileParallax) : (user.checkPermission('SITE', 'CREATE_BACKGROUND') and user.optionFields.profileBackgroundSiteWide and user.userData.profileBackground and not user.optionFields.disableProfileParallax) %} + {% if php.self == '/profile.php' ? (profile.userData.profileBackground and not profile.optionFields.disableProfileParallax) : (user.permission(constant('Sakura\\Perms\\Site::CREATE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.userData.profileBackground and not user.optionFields.disableProfileParallax) %} initialiseParallax('userBackground'); {% endif %} @@ -76,7 +76,7 @@