File "plugmaccess.php"
Full Path: /home/asmplong/www/ancien-site-2019/integ/plugins/system/plugmaccess.php
File size: 3.12 KB
MIME-type: text/x-php
Charset: utf-8
<?php
// Ensure this file is being included by a parent file
defined('_JEXEC') or die( 'Restricted access' );
// Import library dependencies
jimport('joomla.event.plugin');
/**
* Plugin
*/
class plgSystemPlugmaccess extends JPlugin {
/**
* Constructor
*
* For php4 compatability we must not use the __constructor as a constructor for
* plugins because func_get_args ( void ) returns a copy of all passed arguments
* NOT references. This causes problems with cross-referencing necessary for the
* observer design pattern.
*/
function plgSystemPlugmaccess( &$subject ) {
parent::__construct( $subject );
require_once(dirname(__FILE__).DS.'plugmaccess'.DS.'gmaccessclass.php');
}
function onAfterDispatch() {
global $mainframe;
JHTML::script('gmaccessjs.js', 'plugins/system/plugmaccess/');
return true;
}
function onAfterRoute()
{
global $mainframe;
if ($mainframe->isAdmin()) {
return;
}
$db =& JFactory::getDBO();
$user = &JFactory::getUser();
$optiongm = JRequest::getCmd('option');
if ($optiongm == 'com_content' || !$optiongm) {
return;
} else {
$query = "SELECT `option` "
. "\n FROM #__components"
. "\n WHERE `option`='".$optiongm."' AND `parent`=0"
;
$db->setQuery($query);
$optioncomp = $db->loadResult();
$accesscomp = fonctionGmaccess::checkgmaccess4($optiongm,'read','users',$user->gmid,'','');
$accesscompnul = fonctionGmaccess::checkgmcomp($optiongm,'read','users',$user->gmid,'','');
if (!$accesscomp && !$accesscompnul && $optioncomp) {
JError::raiseError(403, JText::_("ALERTNOTAUTH"));
} else {
$query2 = "SELECT * FROM #__gmaccess WHERE `acosection` = '".$optiongm."' AND `aco` <> 'read' AND `aco` <> 'manage'";
$db->setQuery( $query2);
$urls = $db->loadObjectList();
if ( is_array( $urls ) && count( $urls ) > 0 ){
foreach ($urls as $url) {
if ($url->variable) {
$variable = JRequest::getCmd($url->variable);
$accessvar = fonctionGmaccess::checkgmaccess4($optiongm,$variable,'users',$user->gmid,'','');
$accessvarnul = fonctionGmaccess::checkgmcomp($optiongm,$variable,'users',$user->gmid,'','');
if (!$accessvar && !$accessvarnul && $optioncomp) {
JError::raiseError(403, JText::_("ALERTNOTAUTH"));
//JError::raiseWarning(403, JText::_("ALERTNOTAUTH"));
}
if ($url->axosection) {
//$variable2 = JRequest::getCmd($url->axosection);
$variable2 = JRequest::getInt( $url->axosection);
$accessvar2 = fonctionGmaccess::checkgmaccess4($optiongm,$variable,'users',$user->gmid,$url->axosection,$variable2);
$accessvar2nul = fonctionGmaccess::checkgmcomp($optiongm,$variable,'users',$user->gmid,$url->axosection,$variable2);
if (!$accessvar2 && !$accessvar2nul && $optioncomp) {
JError::raiseError(403, JText::_("ALERTNOTAUTH"));
//JError::raiseWarning(403, JText::_("ALERTNOTAUTH"));
}
}
}
}
}
return;
}
}
}
}