diff options
Diffstat (limited to 'phpBB/includes/functions_module.php')
| -rw-r--r-- | phpBB/includes/functions_module.php | 89 |
1 files changed, 81 insertions, 8 deletions
diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index e1259eba12..04efcb7b2e 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -80,7 +80,7 @@ class p_master function list_modules($p_class) { global $auth, $db, $user, $cache; - global $config, $phpbb_root_path, $phpEx; + global $config, $phpbb_root_path, $phpEx, $phpbb_dispatcher; // Sanitise for future path use, it's escaped as appropriate for queries $this->p_class = str_replace(array('.', '/', '\\'), '', basename($p_class)); @@ -125,8 +125,17 @@ class p_master // Clean up module cache array to only let survive modules the user can access $right_id = false; + + $hide_categories = array(); foreach ($this->module_cache['modules'] as $key => $row) { + // When the module has no mode (category) we check whether it has visible children + // before listing it as well. + if (!$row['module_mode']) + { + $hide_categories[(int) $row['module_id']] = $key; + } + // Not allowed to view module? if (!$this->module_auth_self($row['module_auth'])) { @@ -161,6 +170,22 @@ class p_master $right_id = $row['right_id']; continue; } + + if ($row['module_mode']) + { + // The parent category has a visible child + // So remove it and all its parents from the hide array + unset($hide_categories[(int) $row['parent_id']]); + foreach ($this->module_cache['parents'][$row['module_id']] as $module_id => $row_id) + { + unset($hide_categories[$module_id]); + } + } + } + + foreach ($hide_categories as $module_id => $row_id) + { + unset($this->module_cache['modules'][$row_id]); } // Re-index (this is needed, else we are not able to array_slice later) @@ -259,6 +284,20 @@ class p_master $custom_func($row['module_mode'], $module_row); } + /** + * This event allows to modify parameters for building modules list + * + * @event core.modify_module_row + * @var string url_func Function for building 'url_extra' + * @var string lang_func Function for building the language name + * @var string custom_func Custom function for calling parameters on module init + * @var array row Array holding the basic module data + * @var array module_row Array holding the module display parameters + * @since 3.1.0-b3 + */ + $vars = array('url_func', 'lang_func', 'custom_func', 'row', 'module_row'); + extract($phpbb_dispatcher->trigger_event('core.modify_module_row', compact($vars))); + $this->module_ary[] = $module_row; } @@ -334,7 +373,7 @@ class p_master static function module_auth($module_auth, $forum_id) { global $auth, $config; - global $request; + global $request, $phpbb_extension_manager, $phpbb_dispatcher; $module_auth = trim($module_auth); @@ -351,6 +390,31 @@ class p_master [(),] | [^\s(),]+)/x', $module_auth, $match); + // Valid tokens for auth and their replacements + $valid_tokens = array( + 'acl_([a-z0-9_]+)(,\$id)?' => '(int) $auth->acl_get(\'\\1\'\\2)', + '\$id' => '(int) $forum_id', + 'aclf_([a-z0-9_]+)' => '(int) $auth->acl_getf_global(\'\\1\')', + 'cfg_([a-z0-9_]+)' => '(int) $config[\'\\1\']', + 'request_([a-zA-Z0-9_]+)' => '$request->variable(\'\\1\', false)', + 'ext_([a-zA-Z0-9_/]+)' => 'array_key_exists(\'\\1\', $phpbb_extension_manager->all_enabled())', + 'authmethod_([a-z0-9_\\\\]+)' => '($config[\'auth_method\'] === \'\\1\')', + ); + + /** + * Alter tokens for module authorisation check + * + * @event core.module_auth + * @var array valid_tokens Valid tokens and their auth check + * replacements + * @var string module_auth The module_auth of the current + * module + * @var int forum_id The current forum_id + * @since 3.1.0-a3 + */ + $vars = array('valid_tokens', 'module_auth', 'forum_id'); + extract($phpbb_dispatcher->trigger_event('core.module_auth', compact($vars))); + $tokens = $match[0]; for ($i = 0, $size = sizeof($tokens); $i < $size; $i++) { @@ -366,7 +430,7 @@ class p_master break; default: - if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token)) + if (!preg_match('#(?:' . implode(array_keys($valid_tokens), ')|(?:') . ')#', $token)) { $token = ''; } @@ -379,8 +443,17 @@ class p_master // Make sure $id separation is working fine $module_auth = str_replace(' , ', ',', $module_auth); + $module_auth = preg_replace( + // Array keys with # prepended/appended + array_map(function($value) { + return '#' . $value . '#'; + }, array_keys($valid_tokens)), + array_values($valid_tokens), + $module_auth + ); + $is_auth = false; - eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');'); + eval('$is_auth = (int) (' . $module_auth . ');'); return $is_auth; } @@ -462,7 +535,7 @@ class p_master if ($this->active_module === false) { - trigger_error('Module not accessible', E_USER_ERROR); + trigger_error('MODULE_NOT_ACCESS', E_USER_ERROR); } // new modules use the full class names, old ones are always called <type>_<name>, e.g. acp_board @@ -470,14 +543,14 @@ class p_master { if (!file_exists("$module_path/{$this->p_name}.$phpEx")) { - trigger_error("Cannot find module $module_path/{$this->p_name}.$phpEx", E_USER_ERROR); + trigger_error($user->lang('MODULE_NOT_FIND', "$module_path/{$this->p_name}.$phpEx"), E_USER_ERROR); } include("$module_path/{$this->p_name}.$phpEx"); if (!class_exists($this->p_name)) { - trigger_error("Module file $module_path/{$this->p_name}.$phpEx does not contain correct class [{$this->p_name}]", E_USER_ERROR); + trigger_error($user->lang('MODULE_FILE_INCORRECT_CLASS', "$module_path/{$this->p_name}.$phpEx", $this->p_name), E_USER_ERROR); } } @@ -898,7 +971,7 @@ class p_master /** * Display module */ - function display($page_title, $display_online_list = true) + function display($page_title, $display_online_list = false) { global $template, $user; |