Skip to content

Commit 9100936

Browse files
tbrehmtbrehm
committed
- Modified pages to use a global module aurhentification function
- Changed shell of website linux user to /bin/false
1 parent ee0e1cc commit 9100936

File tree

125 files changed

+952
-1312
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

125 files changed

+952
-1312
lines changed

interface/lib/classes/auth.inc.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,16 @@ public function remove_group_from_user($userid,$groupid) {
9090
return false;
9191
}
9292
}
93+
94+
public function check_module_permissions($module) {
95+
// Check if the current user has the permissions to access this module
96+
if(!stristr($_SESSION["s"]["user"]["modules"],$module)) {
97+
header("Location: ../index.php");
98+
exit;
99+
}
100+
}
101+
102+
93103
}
94104

95105
?>

interface/web/admin/dbsync_del.php

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,7 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
$app->auth->check_module_permissions('admin');
4743

4844
include_once($list_def_file);
4945

interface/web/admin/dbsync_edit.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,8 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
//* Check permissions for module
43+
$app->auth->check_module_permissions('admin');
4744

4845
// Lade Template
4946
$app->uses('tpl,tform');

interface/web/admin/dbsync_list.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,8 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
//* Check permissions for module
43+
$app->auth->check_module_permissions('admin');
4744

4845
$app->uses('tpl,listform');
4946

interface/web/admin/filesync_del.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,8 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
//* Check permissions for module
43+
$app->auth->check_module_permissions('admin');
4744

4845
include_once($list_def_file);
4946

interface/web/admin/filesync_edit.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,8 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
//* Check permissions for module
43+
$app->auth->check_module_permissions('admin');
4744

4845
// Lade Template
4946
$app->uses('tpl,tform');

interface/web/admin/filesync_list.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,8 @@
3939
* End Form configuration
4040
******************************************/
4141

42-
// Checke Berechtigungen für Modul
43-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
44-
header("Location: ../index.php");
45-
exit;
46-
}
42+
//* Check permissions for module
43+
$app->auth->check_module_permissions('admin');
4744

4845
$app->uses('tpl,listform');
4946

interface/web/admin/groups_del.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -42,11 +42,8 @@
4242
require_once('../../lib/config.inc.php');
4343
require_once('../../lib/app.inc.php');
4444

45-
// Checke Berechtigungen für Modul
46-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
47-
header("Location: ../index.php");
48-
exit;
49-
}
45+
//* Check permissions for module
46+
$app->auth->check_module_permissions('admin');
5047

5148
$app->uses("tform_actions");
5249
$app->tform_actions->onDelete();

interface/web/admin/groups_edit.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,11 +41,8 @@
4141
require_once('../../lib/config.inc.php');
4242
require_once('../../lib/app.inc.php');
4343

44-
// Checking module permissions
45-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
46-
header("Location: ../index.php");
47-
exit;
48-
}
44+
//* Check permissions for module
45+
$app->auth->check_module_permissions('admin');
4946

5047
// Loading classes
5148
$app->uses('tpl,tform,tform_actions');

interface/web/admin/groups_list.php

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,11 +41,8 @@
4141
* End Form configuration
4242
******************************************/
4343

44-
// Checking module permissions
45-
if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
46-
header("Location: ../index.php");
47-
exit;
48-
}
44+
//* Check permissions for module
45+
$app->auth->check_module_permissions('admin');
4946

5047
$app->uses('listform_actions');
5148
$app->listform_actions->onLoad();

0 commit comments

Comments
 (0)