github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 06:13:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #567 from torrentpier/added-optional-param-in-valid-actions-ajax

Browse source 
Added optional parament in $valid_actions [AJAX]
This commit is contained in:
Roman Kelesidis 2023-03-07 12:09:01 +07:00 committed by GitHub
commit 59aa4f069f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

13
ajax.php
View file

@ -13,21 +13,11 @@ define('IN_AJAX', true);
require __DIR__ . '/common.php'; require __DIR__ . '/common.php';
$ajax = new TorrentPier\Legacy\Ajax(); $ajax = new TorrentPier\Legacy\Ajax();
$ajax->init(); $ajax->init();
// Init userdata // Init userdata
$user->session_start(); $user->session_start();
// Exit if board is disabled via ON/OFF trigger or by admin
if ($ajax->action != 'manage_admin') {
if ($bb_cfg['board_disable']) {
$ajax->ajax_die($lang['BOARD_DISABLE']);
} elseif (file_exists(BB_DISABLED)) {
$ajax->ajax_die($lang['BOARD_DISABLE_CRON']);
}
}
// Load actions required modules // Load actions required modules
switch ($ajax->action) { switch ($ajax->action) {
case 'view_post': case 'view_post':
@ -45,9 +35,6 @@ switch ($ajax->action) {
break; break;
} }
// Position in $ajax->valid_actions['xxx']
define('AJAX_AUTH', 0); // 'guest', 'user', 'mod', 'admin', 'super_admin'
$ajax->exec(); $ajax->exec();
/** /**

22
src/Legacy/Ajax.php
View file

@ -19,13 +19,13 @@ class Ajax
public $response = []; public $response = [];
public $valid_actions = [ public $valid_actions = [
// ACTION NAME AJAX_AUTH // ACTION NAME => [AJAX_AUTH, IN_ADMIN_CP (optional)]
'edit_user_profile' => ['admin'], 'edit_user_profile' => ['admin'],
'change_user_rank' => ['admin'], 'change_user_rank' => ['admin'],
'change_user_opt' => ['admin'], 'change_user_opt' => ['admin'],
'manage_user' => ['admin'], 'manage_user' => ['admin'],
'manage_admin' => ['admin'], 'manage_admin' => ['admin', true],
'sitemap' => ['admin'], 'sitemap' => ['admin', true],
'mod_action' => ['mod'], 'mod_action' => ['mod'],
'topic_tpl' => ['mod'], 'topic_tpl' => ['mod'],
@ -61,7 +61,7 @@ class Ajax
*/ */
public function exec() public function exec()
{ {
global $lang; global $lang, $bb_cfg;
// Exit if we already have errors // Exit if we already have errors
if (!empty($this->response['error_code'])) { if (!empty($this->response['error_code'])) {
@ -71,14 +71,26 @@ class Ajax
// Check that requested action is valid // Check that requested action is valid
$action = $this->action; $action = $this->action;
// Action params
$action_params = null;
if (!$action || !\is_string($action)) { if (!$action || !\is_string($action)) {
$this->ajax_die('no action specified'); $this->ajax_die('no action specified');
} elseif (!$action_params =& $this->valid_actions[$action]) { } elseif (!$action_params =& $this->valid_actions[$action]) {
$this->ajax_die('invalid action: ' . $action); $this->ajax_die('invalid action: ' . $action);
} }
// Exit if board is disabled via ON/OFF trigger or by admin
if ($action_params[1] !== true) {
if ($bb_cfg['board_disable']) {
$this->ajax_die($lang['BOARD_DISABLE']);
} elseif (file_exists(BB_DISABLED)) {
$this->ajax_die($lang['BOARD_DISABLE_CRON']);
}
}
// Auth check // Auth check
switch ($action_params[AJAX_AUTH]) { switch ($action_params[0]) {
// GUEST // GUEST
case 'guest': case 'guest':
break; break;