fix YOURLS_USER issue (again)

This commit is contained in:
Joshua P Panter 2019-09-26 21:24:12 -04:00
parent 7e2aba130d
commit d8cbbfb9d3
No known key found for this signature in database
GPG Key ID: 59903022E9AC64FC

View File

@ -3,7 +3,7 @@
Plugin Name: Auth Manager Plus Plugin Name: Auth Manager Plus
Plugin URI: https://github.com/joshp23/YOURLS-AuthMgrPlus Plugin URI: https://github.com/joshp23/YOURLS-AuthMgrPlus
Description: Role Based Access Controlls with seperated user data for authenticated users Description: Role Based Access Controlls with seperated user data for authenticated users
Version: 1.0.4 Version: 1.0.5
Author: Josh Panter, nicwaller, Ian Barber <ian.barber@gmail.com> Author: Josh Panter, nicwaller, Ian Barber <ian.barber@gmail.com>
Author URI: https://unfettered.net Author URI: https://unfettered.net
*/ */
@ -223,7 +223,7 @@ function amp_have_capability( $capability ) {
return false; return false;
// List capabilities of particular user role // List capabilities of particular user role
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
$user_caps = array(); $user_caps = array();
foreach ( $amp_role_capabilities as $rolename => $rolecaps ) { foreach ( $amp_role_capabilities as $rolename => $rolecaps ) {
if ( amp_user_has_role( $user, $rolename ) ) { if ( amp_user_has_role( $user, $rolename ) ) {
@ -280,7 +280,7 @@ function amp_admin_list_where($where) {
if ( amp_have_capability( ampCap::ViewAll ) ) if ( amp_have_capability( ampCap::ViewAll ) )
return $where; // Allow admin/editor users to see the lot. return $where; // Allow admin/editor users to see the lot.
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) { if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) {
$where['sql'] = $where['sql'] . " AND (`user` = :user OR `user` IS NULL) "; $where['sql'] = $where['sql'] . " AND (`user` = :user OR `user` IS NULL) ";
$where['binds']['user'] = $user; $where['binds']['user'] = $user;
@ -324,7 +324,7 @@ function amp_get_db_stats( $return, $where ) {
// or... filter results // or... filter results
global $ydb; global $ydb;
$table_url = YOURLS_DB_TABLE_URL; $table_url = YOURLS_DB_TABLE_URL;
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) { if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) {
$where['sql'] = $where['sql'] . " AND (`user` = :user OR `user` IS NULL) "; $where['sql'] = $where['sql'] . " AND (`user` = :user OR `user` IS NULL) ";
$where['binds']['user'] = $user; $where['binds']['user'] = $user;
@ -508,7 +508,7 @@ function amp_access_keyword( $keyword ) {
return true; return true;
$table = YOURLS_DB_TABLE_URL; $table = YOURLS_DB_TABLE_URL;
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) { if (version_compare(YOURLS_VERSION, '1.7.3') >= 0) {
$binds = array( 'keyword' => $keyword, 'user' => $user); $binds = array( 'keyword' => $keyword, 'user' => $user);
$sql = "SELECT 1 FROM `$table` WHERE (`user` IS NULL OR `user` = :user) AND `keyword` = :keyword"; $sql = "SELECT 1 FROM `$table` WHERE (`user` IS NULL OR `user` = :user) AND `keyword` = :keyword";
@ -537,7 +537,7 @@ function amp_manage_keyword( $keyword, $capability ) {
} }
} }
// Self Edit? // Self Edit?
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
if ( $owner === $user ) { if ( $owner === $user ) {
if ( amp_have_capability( $capability ) ) { if ( amp_have_capability( $capability ) ) {
return true; return true;
@ -569,7 +569,7 @@ function amp_insert_link($actions) {
global $ydb; global $ydb;
$keyword = $actions[2]; $keyword = $actions[2];
$user = defined( YOURLS_USER ) ? YOURLS_USER : NULL; $user = YOURLS_USER !== false ? YOURLS_USER : NULL;
$table = YOURLS_DB_TABLE_URL; $table = YOURLS_DB_TABLE_URL;
// Insert $keyword against $username // Insert $keyword against $username