Create New Item
Item Type
File
Folder
Item Name
Search file in folder and subfolders...
Are you sure want to rename?
File Manager
/
JAVA
/
system
:
checkPermissions.php
Advanced Search
Upload
New Item
Settings
Back
Back Up
Advanced Editor
Save
<?php /*************************************************************** * Copyright notice * * (c) 2003-2004 Tobias Bender (tobias@phpXplorer.org) * All rights reserved * * This script is part of the phpXplorer project. The phpXplorer project is * free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * The GNU General Public License can be found at * http://www.gnu.org/copyleft/gpl.html. * A copy is found in the textfile GPL.txt distributed with these scripts. * * This script is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * This copyright notice MUST APPEAR in all copies of the script! ***************************************************************/ if(!isset($shareId)) die("Missing Parameter shareId!"); require(dirname(__FILE__) . "/checkSharePermission.php"); if(!checkSharePermission()) die($PXP_languages[$PXP_language]['accessDenied'] . " (805)"); # arrays for rights per user/group $PXP_rightsOpen_byName_inherit = Array(); $PXP_rightsOpen_byName = Array(); $PXP_rightsOpen_byTypekey_inherit = Array(); $PXP_rightsOpen_byTypekey = Array(); $PXP_rightsOpen_byPath_invert = Array(); $PXP_rightsOpen_byPath = Array(); $PXP_rightsEdit_byName_inherit = Array(); $PXP_rightsEdit_byName = Array(); $PXP_rightsEdit_byTypekey_inherit = Array(); $PXP_rightsEdit_byTypekey = Array(); $PXP_rightsEdit_byPath_invert = Array(); $PXP_rightsEdit_byPath = Array(); # arrays for added rights (rights for current user + rights for all assigned roles + rights for everybody) $PXP_user_rightsOpen_byName = Array(); $PXP_user_rightsOpen_byTypekey = Array(); $PXP_user_rightsEdit_byName = Array(); $PXP_user_rightsEdit_byTypekey = Array(); $members = Array(); # include system right files ($PXP_dir/rights.pxrf) first if(is_dir($PXP_dir . "/rights.pxrf")){ $d = dir($PXP_dir . "/rights.pxrf"); while($file = $d->read()) if($file != "." AND $file != "..") if(!is_dir($PXP_dir . "/rights.pxrf/" . $file)){ # is there a right file for everybody ? if(file_exists($PXP_dir . "/rights.pxrf/%.pxr.php")) require($PXP_dir . "/rights.pxrf/%.pxr.php"); # are there right files for all roles of the current user ? foreach($PXP_user_roles as $role) if(file_exists($PXP_dir . "/rights.pxrf/" . $role . ".pxr.php")) require($PXP_dir . "/rights.pxrf/" . $role . ".pxr.php"); # is there a right file for the current user ? if(file_exists($PXP_dir . "/rights.pxrf/" . $PXP_user . ".pxr.php")) require($PXP_dir . "/rights.pxrf/" . $PXP_user . ".pxr.php"); } } # includes all right files starting with the base dir down to current dir # each right file controls itself if parent rights are inherited function rightFilesLookup($dir, $subDir){ GLOBAL $currentDir, $PXP_authentication; GLOBAL $PXP_basedir, $PXP_rights_dir, $PXP_user_roles, $PXP_user; GLOBAL $PXP_user_rightsOpen_byName, $PXP_user_rightsOpen_byTypekey, $PXP_user_rightsEdit_byName, $PXP_user_rightsEdit_byTypekey; GLOBAL $PXP_rightsOpen_byName, $PXP_rightsOpen_byTypekey, $PXP_rightsEdit_byName, $PXP_rightsEdit_byTypekey; GLOBAL $PXP_rightsOpen_byPath_invert, $PXP_rightsOpen_byPath, $PXP_rightsEdit_byPath_invert, $PXP_rightsEdit_byPath; GLOBAL $PXP_languages, $PXP_language; if($dir != $PXP_basedir or $dir == $PXP_basedir){ if($dir != $PXP_basedir) rightFilesLookup(dirname($dir), basename($dir)); $pxrf = $dir . "/" . $PXP_rights_dir; if(is_dir($pxrf)){ $bCheckPath = true; # is there a right file for everybody ? if(file_exists($pxrf . "/%.pxr.php")){ require($pxrf . "/%.pxr.php"); $bCheckPath = checkPath($dir, $subDir, "%"); } # are there right files for all roles of the current user ? foreach($PXP_user_roles as $role) if(file_exists($pxrf . "/" . $role . ".pxr.php")){ require($pxrf . "/" . $role . ".pxr.php"); $bCheckPath = checkPath($dir, $subDir, $role); } # is there a right file for the current user ? if(file_exists($pxrf . "/" . $PXP_user . ".pxr.php")){ require($pxrf . "/" . $PXP_user . ".pxr.php"); $bCheckPath = checkPath($dir, $subDir, $PXP_user); } if(!$bCheckPath) die($PXP_languages[$PXP_language]['accessDenied'] . " (806)"); if($dir != $currentDir){ $PXP_rightsOpen_byPath_invert = Array(); $PXP_rightsOpen_byPath = Array(); $PXP_rightsEdit_byPath_invert = Array(); $PXP_rightsEdit_byPath = Array(); } } } } # check byPath rights for path parts function checkPath($dir, $subDir, $member){ GLOBAL $PXP_rightsOpen_byPath, $PXP_rightsOpen_byPath_invert, $currentDir; if($subDir != ""){ if(is_array($PXP_rightsOpen_byPath[$member])){ if($PXP_rightsOpen_byPath_invert[$member]){ if(!in_array($subDir, $PXP_rightsOpen_byPath[$member])) return false; }else{ if(in_array($subDir, $PXP_rightsOpen_byPath[$member])) return false; } } } return true; } # lookup for right folders if($PXP_user != "root") rightFilesLookup($currentDir, ""); # add rights which are defined for everybody if(is_array($PXP_rightsOpen_byName)) if(isset($PXP_rightsOpen_byName["%"])) array_push($members, "%"); $members = array_merge($members, $PXP_user_roles); # if there are rights for the current user if(is_array($PXP_rightsOpen_byName)) if(isset($PXP_rightsOpen_byName[$PXP_user])) array_push($members, $PXP_user); $byPathMembers = Array(); # merge all rights concering the current user to one array foreach($members as $member){ if(!isset($PXP_rightsOpen_byName[$member])) continue; if(sizeof($PXP_rightsOpen_byPath[$member]) > 0 or sizeof($PXP_rightsEdit_byPath[$member]) > 0) array_push($byPathMembers, $member); $PXP_user_rightsOpen_byName = array_merge($PXP_user_rightsOpen_byName, $PXP_rightsOpen_byName[$member]); $PXP_user_rightsOpen_byTypekey = array_merge($PXP_user_rightsOpen_byTypekey, $PXP_rightsOpen_byTypekey[$member]); $PXP_user_rightsEdit_byName = array_merge($PXP_user_rightsEdit_byName, $PXP_rightsEdit_byName[$member]); $PXP_user_rightsEdit_byTypekey = array_merge($PXP_user_rightsEdit_byTypekey, $PXP_rightsEdit_byTypekey[$member]); } $dirParts = explode("/", $currentDir); if($PXP_user != "root") foreach($dirParts as $part) if(in_array($part, $PXP_user_rightsOpen_byName)) die($PXP_languages[$PXP_language]['accessDenied'] . " (808)"); ?>