Overview
Comment:Fix string / int comparison for plugins in menu, fix [3297bef8b194f715]
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk | stable
Files: files | file ages | folders
SHA3-256: 39a754321d9b9e2dd167679da5fe72f5eaa28063e78df4f168c166b61189f968
User & Date: bohwaz on 2021-05-10 13:58:35
Other Links: manifest | tags
References
2021-05-10
14:00 Ticket [3297bef8b1] Plugins visibles dans le menu Garradin alors que droits insuffisants ? status still Open with 5 other changes artifact: 2c67e68b10 user: bohwaz
Context
2021-05-10
14:16
New stable release check-in: 9396f02f3d user: bohwaz tags: trunk, stable, 1.1.5
13:58
Fix string / int comparison for plugins in menu, fix [3297bef8b194f715] check-in: 39a754321d user: bohwaz tags: trunk, stable
12:19
Re-add missing merges before [93aeaacac6] check-in: 561aebe80c user: bohwaz tags: trunk, stable
Changes

Modified src/include/lib/Garradin/Plugin.php from [1f8c21a59a] to [2c3e05e869].

486
487
488
489
490
491
492

493








494
495
496
497
498
499
500
				$db->update('plugins', ['menu_condition' => $new_condition], 'id = :id', ['id' => $id]);
				$row->menu_condition = $new_condition;
			}

			$condition = strtr($row->menu_condition, $permissions);

			$condition = preg_replace_callback('/\{\$user\.(\w+)\}/', function ($m) use ($user, $db) {

				return property_exists($user, $m[1]) ? $db->quote($user->{$m[1]}) : 'NULL';








			}, $condition);

			$query = 'SELECT 1 WHERE ' . $condition . ';';

			$res = $db->protectSelect(['membres' => []], $query);

			if (!$db->firstColumn($query))







>
|
>
>
>
>
>
>
>
>







486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
				$db->update('plugins', ['menu_condition' => $new_condition], 'id = :id', ['id' => $id]);
				$row->menu_condition = $new_condition;
			}

			$condition = strtr($row->menu_condition, $permissions);

			$condition = preg_replace_callback('/\{\$user\.(\w+)\}/', function ($m) use ($user, $db) {
				$prop = $m[1];
				if (!property_exists($user, $prop)) {
					return 'NULL';
				}

				if (substr($prop, 0, 5) == 'perm_') {
					return (int) $user->$prop;
				}

				return $db->quote($user->$prop);
			}, $condition);

			$query = 'SELECT 1 WHERE ' . $condition . ';';

			$res = $db->protectSelect(['membres' => []], $query);

			if (!$db->firstColumn($query))