From 83209975037c6fadba1fd0555e37e95c17fe6099 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Wed, 22 Sep 2021 14:59:30 +0200
Subject: [PATCH] page: apply admin restrictions from .private contents

---
 article.inc.php | 2 +-
 page.php        | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/article.inc.php b/article.inc.php
index 8b01699..093852f 100644
--- a/article.inc.php
+++ b/article.inc.php
@@ -48,7 +48,7 @@ class ArchiveArticle
 		$this->path = '';
 		$this->restricted = FALSE;
 		while (TRUE) {
-			if (file_exists("$path/.private")) {
+			if (file_exists("$path/.private") and !$this->restricted) {
 				$this->restricted = $path;
 			}
 
diff --git a/page.php b/page.php
index e634a38..30f0e3c 100644
--- a/page.php
+++ b/page.php
@@ -40,6 +40,11 @@ if ($Page->restricted) {
 		$target = urlencode($Page->link);
 		abort("/login?goto=$target", '303 Eerst inloggen');
 	}
+	elseif ($check = file_get_contents("{$Page->restricted}/.private")
+	and !$User->admin(trim($check))) {
+		http_response_code(403);
+		$Page->raw('403.inc.html');
+	}
 }
 
 # prepare page contents
-- 
2.30.0