Révision 6eb8d15f
Ajouté par Assos Assos il y a presque 10 ans
| drupal7/sites/all/modules/imce/inc/imce.admin.inc | ||
|---|---|---|
| 35 | 35 |
'#attributes' => array('id' => 'imce-profiles-list'),
|
| 36 | 36 |
); |
| 37 | 37 |
$output['form'] = drupal_get_form('imce_admin_form');
|
| 38 |
|
|
| 39 |
// Display security warnings |
|
| 40 |
if (empty($_POST)) {
|
|
| 41 |
$roles = variable_get('imce_roles_profiles', array());
|
|
| 42 |
if (!empty($roles[DRUPAL_ANONYMOUS_RID]['public_pid']) || !empty($roles[DRUPAL_ANONYMOUS_RID]['private_pid'])) {
|
|
| 43 |
drupal_set_message(t('Anonymous user role has access to IMCE.') . ' ' . t('Make sure this is not a misconfiguration.'), 'warning');
|
|
| 44 |
} |
|
| 45 |
if (imce_admin_check_wildcard_upload(DRUPAL_AUTHENTICATED_RID, $roles)) {
|
|
| 46 |
drupal_set_message(t('Authenticated user role is assigned a configuration profile with unrestricted file extensions.') . ' ' . t('Make sure this is not a misconfiguration.'), 'warning');
|
|
| 47 |
} |
|
| 48 |
} |
|
| 49 |
|
|
| 38 | 50 |
return $output; |
| 39 | 51 |
} |
| 40 | 52 |
|
| ... | ... | |
| 146 | 158 |
return $output; |
| 147 | 159 |
} |
| 148 | 160 |
|
| 161 |
/** |
|
| 162 |
* Validate admin form. |
|
| 163 |
*/ |
|
| 164 |
function imce_admin_form_validate($form, &$form_state) {
|
|
| 165 |
$roles = $form_state['values']['roles']; |
|
| 166 |
// Check anonymous profile. Do not allow wildcard upload. |
|
| 167 |
if ($key = imce_admin_check_wildcard_upload(DRUPAL_ANONYMOUS_RID, $roles)) {
|
|
| 168 |
form_error($form['roles'][DRUPAL_ANONYMOUS_RID][$key], t('Anonymous user role can not have a configuration profile with unrestricted file extensions.'));
|
|
| 169 |
} |
|
| 170 |
} |
|
| 171 |
|
|
| 149 | 172 |
/** |
| 150 | 173 |
* Submit admin form. |
| 151 | 174 |
*/ |
| ... | ... | |
| 173 | 196 |
return drupal_get_form('imce_profile_delete_form', $pid);
|
| 174 | 197 |
} |
| 175 | 198 |
//add-edit |
| 176 |
if ($pid != 1 || $GLOBALS['user']->uid == 1) {
|
|
| 199 |
if ($op === 'add' || $op === 'edit') {
|
|
| 177 | 200 |
return drupal_get_form('imce_profile_form', $pid);
|
| 178 | 201 |
} |
| 179 | 202 |
drupal_access_denied(); |
| ... | ... | |
| 688 | 711 |
return $r1['weight']-$r2['weight']; |
| 689 | 712 |
} |
| 690 | 713 |
|
| 714 |
/** |
|
| 715 |
* Checks if the given role can upload all extensions. |
|
| 716 |
*/ |
|
| 717 |
function imce_admin_check_wildcard_upload($rid, $conf = NULL) {
|
|
| 718 |
if (!isset($conf)) {
|
|
| 719 |
$conf = variable_get('imce_roles_profiles', array());
|
|
| 720 |
} |
|
| 721 |
if (!empty($conf[$rid])) {
|
|
| 722 |
foreach ($conf[$rid] as $key => $pid) {
|
|
| 723 |
if ($pid && substr($key, -4) == '_pid') {
|
|
| 724 |
if ($profile = imce_load_profile($pid)) {
|
|
| 725 |
if ($profile['extensions'] === '*' && !empty($profile['directories'])) {
|
|
| 726 |
foreach ($profile['directories'] as $dirconf) {
|
|
| 727 |
if (!empty($dirconf['upload'])) {
|
|
| 728 |
return $key; |
|
| 729 |
} |
|
| 730 |
} |
|
| 731 |
} |
|
| 732 |
} |
|
| 733 |
} |
|
| 734 |
} |
|
| 735 |
} |
|
| 736 |
return FALSE; |
|
| 737 |
} |
|
| 738 |
|
|
| 691 | 739 |
//Include core profile functions. |
| 692 | 740 |
include_once DRUPAL_ROOT . '/' . drupal_get_path('module', 'imce') . '/inc/imce.core.profiles.inc';
|
Formats disponibles : Unified diff
Weekly update of contrib modules