Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- cleaning up the access checks in node.module. 

- reverting a taxonomy patch that added $context checking to node/comments.
4.0.x
Kjartan Mannes 2002-05-29 17:16:27 +00:00
parent 9a4a9befac
commit 000ee5d162
4 changed files with 10 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/comment.module
View File

@ -145,11 +145,9 @@ function comment_edit($cid) {
}
function comment_reply($pid, $nid) {
global $theme, $node;
global $theme;
// we must provide a taxonomy context for user_access()
$context->nid = $nid;
if (user_access("access comments", $context)) {
if (user_access("access comments")) {
if ($pid) {
$comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '%s'", $pid));
comment_view($comment, t("reply to this comment"));

6
modules/comment/comment.module
View File

@ -145,11 +145,9 @@ function comment_edit($cid) {
}
function comment_reply($pid, $nid) {
global $theme, $node;
global $theme;
// we must provide a taxonomy context for user_access()
$context->nid = $nid;
if (user_access("access comments", $context)) {
if (user_access("access comments")) {
if ($pid) {
$comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '%s'", $pid));
comment_view($comment, t("reply to this comment"));

12
modules/node.module
View File

@ -1007,15 +1007,9 @@ function node_preview($node, $error = NULL) {
}
function node_submit($node) {
global $theme, $user, $tid;
if (!user_access("post content")) {
return message_access();
}
$context->tid = $tid;
if (user_access("post content", $context)) {
global $user, $theme;
if (user_access("post content")) {
/*
** Fixup the node when required:

12
modules/node/node.module
View File

@ -1007,15 +1007,9 @@ function node_preview($node, $error = NULL) {
}
function node_submit($node) {
global $theme, $user, $tid;
if (!user_access("post content")) {
return message_access();
}
$context->tid = $tid;
if (user_access("post content", $context)) {
global $user, $theme;
if (user_access("post content")) {
/*
** Fixup the node when required: