Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /var/www/html/administrator/components/com_komento/includes/acl/acl.php

ÐÐ°Ð·Ð°Ð´
<?php /** * @package Komento * @copyright Copyright (C) Stack Ideas Sdn Bhd. All rights reserved. * @license GNU/GPL, see LICENSE.php * Komento is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. / defined('_JEXEC') or die('Unauthorized Access'); class KomentoAcl { protected static $rules = []; public function allow($type, $comment = '', $component = '', $cid = '') { // for complicated acl situations // $type = ['edit', 'delete', 'publish', 'unpublish', 'stick', 'delete_attachment']; if (!empty($comment) && (empty($component) \|\| empty($cid))) { if (!is_object($comment)) { $comment = KT::comment($comment); } $component = $comment->component; $cid = $comment->cid; } if (empty($component) \|\| empty($cid)) { return false; } $profile = KT::user(); $application = KT::loadApplication($component)->load($cid); KT::setCurrentComponent($component); switch ($type) { case 'minimize': if ($profile->id != 0 && $profile->allow('minimize_comment')) { return true; } break; case 'edit': if ($profile->id != 0 && ($profile->allow('edit_all_comment') \|\| ($profile->id == $application->getAuthorId() && $profile->allow('author_edit_comment') ) \|\| ($profile->id == $comment->created_by && $profile->allow('edit_own_comment')))) { return true; } break; case 'delete': if( $profile->id != 0 && ($profile->allow('delete_all_comment') \|\| ($profile->id == $application->getAuthorId() && $profile->allow('author_delete_comment')) \|\| ($profile->id == $comment->created_by && $profile->allow('delete_own_comment')))) { return true; } break; case 'publish': if ($profile->allow('publish_all_comment') \|\| ($profile->id == $application->getAuthorId() && $profile->allow('author_publish_comment'))) { return true; } break; case 'unpublish': if( $profile->allow( 'unpublish_all_comment' ) \|\| ( $profile->id == $application->getAuthorId() && $profile->allow( 'author_unpublish_comment' ) ) ) { return true; } break; case 'stick': if ($profile->allow('stick_all_comment') \|\| ($profile->id == $application->getAuthorId() && $profile->allow('author_stick_comment'))) { return true; } break; case 'like': if ($profile->allow('like_comment')) { return true; } break; case 'report': if ($profile->allow('report_comment')) { return true; } break; case 'delete_attachment': if ($profile->allow('delete_all_attachment') \|\| ($profile->id == $application->getAuthorId() && $profile->allow('author_delete_attachment')) \|\| ($profile->id == $comment->created_by && $profile->allow('delete_own_attachment'))) { return true; } break; } return false; } public function check($action, $userId) { $userId = (int) $userId; $result = false; $rules = $this->getRules($userId); if (isset($rules[$action])) { $result = (bool) $rules[$action]; } return $result; } public function getRules($userId) { $signature = serialize(array($userId)); if (empty(self::$rules[$signature])) { $profile = KT::user($userId); $model = KT::model('Acl'); $data = []; // check user group specific rules $gids = $profile->getUsergroups(); foreach ($gids as $gid) { $data[] = $model->getAclObject($gid, 'usergroup'); } // check user specific rules $data[] = $model->getAclObject($userId, 'user'); // remove empty set foreach ($data as $key => $value) { if (empty($value)) { unset($data[$key]); } } if (count($data) < 1) { $data[] = KT::acl()->getEmptySet(true); } self::$rules[$signature] = $this->merge($data); } return self::$rules[$signature]; } private function merge($data) { $result = []; foreach ($data as $ruleset) { if (!empty($ruleset)) { foreach ($ruleset as $key => $value) { if (isset($result[$key])) { // This logics prioritizes TRUE if (!(bool) $result[$key]) { $result[$key] = $value; } } else { $result[$key] = $value; } } } } return $result; } /* * Get Default ACL set * * @since 3.0 * @access public */ public function getEmptySet($flat = false) { static $acl = null; if (empty($acl)) { $rulesFile = KOMENTO_ADMIN_ROOT . '/defaults/acl.json'; if (!JFile::exists($rulesFile)) { return false; } $contents = file_get_contents($rulesFile); $acl = json_decode($contents); } if ($flat === false) { return $acl; } $data = new stdClass(); foreach ($acl as $section => $rules) { foreach($rules as $key => $value) { $data->$key = $value; } } return $data; } }

| ver. 1.1 | | . | PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°