page: apply admin restrictions from .private contents

author Mischa POSLAWSKY <perl@shiar.org>

Wed, 22 Sep 2021 12:59:30 +0000 (14:59 +0200)

committer Mischa POSLAWSKY <perl@shiar.org>

Wed, 22 Sep 2021 15:01:08 +0000 (17:01 +0200)
author Mischa POSLAWSKY <perl@shiar.org>
Wed, 22 Sep 2021 12:59:30 +0000 (14:59 +0200)
committer Mischa POSLAWSKY <perl@shiar.org>
Wed, 22 Sep 2021 15:01:08 +0000 (17:01 +0200)
diff --git a/article.inc.php b/article.inc.php

index 8b01699ea8c453b48d26b837cc84c5b13902558d..093852f96753e712014e0f07961f6c8a34cb8552 100644 (file)
--- a/article.inc.php
+++ b/article.inc.php
@@ -48,7 +48,7 @@ class ArchiveArticle
                 $this->path = '';
                 $this->restricted = FALSE;
                 while (TRUE) {
-                       if (file_exists("$path/.private")) {
+                       if (file_exists("$path/.private") and !$this->restricted) {
                                 $this->restricted = $path;
                         }
  
diff --git a/page.php b/page.php

index e634a3891896f120d67a75792c799cca45107609..30f0e3c59c2e645bd492b1b6f900b50d82a60f8c 100644 (file)
--- a/page.php
+++ b/page.php
@@ -40,6 +40,11 @@ if ($Page->restricted) {
                 $target = urlencode($Page->link);
                 abort("/login?goto=$target", '303 Eerst inloggen');
         }
+       elseif ($check = file_get_contents("{$Page->restricted}/.private")
+       and !$User->admin(trim($check))) {
+               http_response_code(403);
+               $Page->raw('403.inc.html');
+       }
  }
  
  # prepare page contents
author	Mischa POSLAWSKY <perl@shiar.org>
	Wed, 22 Sep 2021 12:59:30 +0000 (14:59 +0200)
committer	Mischa POSLAWSKY <perl@shiar.org>
	Wed, 22 Sep 2021 15:01:08 +0000 (17:01 +0200)
article.inc.php		patch \| blob \| history
page.php		patch \| blob \| history