[geeklog-cvs] geeklog-1.3/system/classes search.class.php,1.8,1.9
geeklog-cvs-admin at lists.geeklog.net
geeklog-cvs-admin at lists.geeklog.net
Wed Jul 23 13:13:53 EDT 2003
Update of /usr/cvs/geeklog/geeklog-1.3/system/classes
In directory internal.geeklog.net:/tmp/cvs-serv22954
Modified Files:
search.class.php
Log Message:
Fix to disallow access to the extended search for anonymous users (as in pre-1.3.8 search).
Index: search.class.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/system/classes/search.class.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** search.class.php 20 Jul 2003 16:03:19 -0000 1.8
--- search.class.php 23 Jul 2003 17:13:51 -0000 1.9
***************
*** 808,812 ****
{
global $_USER, $_CONF;
!
if (empty($_USER['username']) AND (($_CONF['loginrequired'] == 1) OR ($_CONF['searchloginrequired'] == 2))) {
return false;
--- 808,812 ----
{
global $_USER, $_CONF;
!
if (empty($_USER['username']) AND (($_CONF['loginrequired'] == 1) OR ($_CONF['searchloginrequired'] == 2))) {
return false;
***************
*** 819,823 ****
return true;
}
!
function _getSummary($query,$fullText)
{
--- 819,846 ----
return true;
}
!
! /**
! * Determines if user is allowed to use the search form
! *
! * Geeklog has a number of settings that may prevent
! * the access anonymous users have to the search engine.
! * This performs those checks
! *
! * @author Dirk Haun <Dirk AT haun-online DOT de>
! * @access private
! * @return boolean True if form usage is allowed, otherwise false
! *
! */
! function _isFormAllowed ()
! {
! global $_USER, $_CONF;
!
! if (empty($_USER['username']) AND (($_CONF['loginrequired'] == 1) OR ($_CONF['searchloginrequired'] >= 1))) {
! return false;
! }
!
! return true;
! }
!
function _getSummary($query,$fullText)
{
***************
*** 892,895 ****
--- 915,923 ----
{
global $_TABLES, $LANG09, $_CONF;
+
+ // Verify current user my use the search form
+ if (!$this->_isFormAllowed()) {
+ return $this->_getAccessDeniedMessage();
+ }
$retval .= COM_startBlock($LANG09[1],'advancedsearch.html');
More information about the geeklog-cvs
mailing list