lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-03 14:10:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring user permissions

Browse Source
This commit is contained in:
xiaomlove
2022-08-20 19:11:28 +08:00
parent 3046837576
commit b79762686a
73 changed files with 945 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
public/comment.php
View File

@@ -26,7 +26,7 @@ if ($action == "add")
{
// Anti Flood Code
// This code ensures that a member can only send one comment per minute.
if (get_user_class() < $commanage_class) {
if (!user_can('commanage')) {
if (strtotime($CURUSER['last_comment']) > (TIMENOW - 10))
{
$secs = 10 - (TIMENOW - strtotime($CURUSER['last_comment']));
@@ -165,7 +165,7 @@ elseif ($action == "edit")
if (!$arr)
stderr($lang_comment['std_error'], $lang_comment['std_invalid_id']);
if ($arr["user"] != $CURUSER["id"] && get_user_class() < $commanage_class)
if ($arr["user"] != $CURUSER["id"] && !user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
if ($_SERVER["REQUEST_METHOD"] == "POST")
@@ -208,7 +208,7 @@ elseif ($action == "edit")
}
elseif ($action == "delete")
{
if (get_user_class() < $commanage_class)
if (!user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = intval($_GET["cid"] ?? 0);
@@ -265,7 +265,7 @@ elseif ($action == "delete")
}
elseif ($action == "vieworiginal")
{
if (get_user_class() < $commanage_class)
if (!user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = intval($_GET["cid"] ?? 0);