mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-30 00:47:22 +08:00
improve user_can()
This commit is contained in:
xiaomlove
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.2');
|
||||
defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-05-06');
|
||||
defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-05-08');
|
||||
defined('IN_TRACKER') || define('IN_TRACKER', false);
|
||||
defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
|
||||
defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");
|
||||
|
||||
@@ -1088,7 +1088,10 @@ function user_can($permission, $fail = false, $uid = 0): bool
|
||||
$uid = get_user_id();
|
||||
$log .= ", set current uid: $uid";
|
||||
}
|
||||
if (!$fail && $uid <= 0) {
|
||||
if ($uid <= 0) {
|
||||
if ($fail) {
|
||||
goto FAIL;
|
||||
}
|
||||
do_log("$log, unauthenticated, false");
|
||||
return false;
|
||||
}
|
||||
@@ -1115,6 +1118,7 @@ function user_can($permission, $fail = false, $uid = 0): bool
|
||||
$userCanCached[$permission][$uid] = $result;
|
||||
return $result;
|
||||
}
|
||||
FAIL:
|
||||
do_log("$log, [FAIL]");
|
||||
if (IN_NEXUS && !IN_TRACKER) {
|
||||
global $lang_functions;
|
||||
@@ -1128,6 +1132,8 @@ function user_can($permission, $fail = false, $uid = 0): bool
|
||||
throw new \App\Exceptions\InsufficientPermissionException();
|
||||
}
|
||||
|
||||
|
||||
|
||||
function is_donor(array $userInfo): bool
|
||||
{
|
||||
return $userInfo['donor'] == 'yes' && ($userInfo['donoruntil'] === null || $userInfo['donoruntil'] == '0000-00-00 00:00:00' || $userInfo['donoruntil'] >= date('Y-m-d H:i:s'));
|
||||
|
||||
+4
-4
@@ -3,7 +3,7 @@ require "../include/bittorrent.php";
|
||||
dbconn();
|
||||
loggedinorreturn();
|
||||
|
||||
$action = $_POST['action'] ?? 'noAction';
|
||||
$action = $_POST['action'] ?? '';
|
||||
$params = $_POST['params'] ?? [];
|
||||
|
||||
class AjaxInterface{
|
||||
@@ -153,15 +153,15 @@ class AjaxInterface{
|
||||
}
|
||||
|
||||
$class = 'AjaxInterface';
|
||||
$reflection = new ReflectionClass($class);
|
||||
$reflection = new \ReflectionClass($class);
|
||||
|
||||
try {
|
||||
if($reflection->hasMethod($action)&&$reflection->getMethod($action)->isStatic()) {
|
||||
if($reflection->hasMethod($action) && $reflection->getMethod($action)->isStatic()) {
|
||||
$result = $class::$action($params);
|
||||
exit(json_encode(success($result)));
|
||||
} else {
|
||||
do_log("hacking attempt made by {$CURUSER['username']},uid {$CURUSER['id']}", 'error');
|
||||
throw new \RuntimeException("no Action");
|
||||
throw new \RuntimeException("Invalid action: $action");
|
||||
}
|
||||
}catch(\Throwable $exception){
|
||||
exit(json_encode(fail($exception->getMessage(), $_POST)));
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
exit(0);
|
||||
require "../include/bittorrent.php";
|
||||
dbconn();
|
||||
$id = intval($_GET["id"] ?? 0);
|
||||
|
||||
Reference in New Issue
Block a user