<?php
-if(preg_match('/36$/', $event) || preg_match('/36$/', $_POST['event'])) {
+if(preg_match('/36$/', $event) || (!empty($_POST['event']) && preg_match('/36$/', $_POST['event']))) {
$event = preg_replace('/36$/', '', $event);
$_POST['event'] = preg_replace('/36$/', '', $_POST['event']);
$_POST['nodeshell_id'] = base_convert($_POST['nodeshell_id'], 36, 10); //put36
$_POST['new_parent'] = base_convert($_POST['new_parent'], 36, 10); //set_parent36
}
-if($event=='delete' || $_POST['event']=='delete') { //XXX TODO FIXME UglyFuckingHack - should go to delete.inc (but something is broken)
+if($event=='delete' || (!empty($_POST['event']) && $_POST['event']=='delete')) {
+//XXX TODO FIXME UglyFuckingHack - should go to delete.inc (but something is broken)
$event='set_parent';
$_POST['event']=$event;
$_POST['new_parent']=123456; //XXX TODO FIXME Hardcoded
}
//do not make a permission check if an event was executed before
-if ($_SESSION['eventz'][$event]) {
+if (!empty($_SESSION['eventz'][$event]) && ($_SESSION['eventz'][$event])) {
include_once(INCLUDE_DIR."eventz/$event.inc");
$status=$event();
}
elseif (is_file(INCLUDE_DIR."eventz/$event.inc")) {
$event_id=nodes::getNodeIdByName($event,"event://$event");
- $event_node=nodes::getNodeById($event_id,$_SESSION['user_id']);
+ $event_node=nodes::getNodeById($event_id,isset($_SESSION['user_id']) ? $_SESSION['user_id'] : "");
if (
($event_node['node_system_access']=='public')
- || ($event_node['node_creator']==$_SESSION['user_id'])
+ || (!empty($_SESSION['user_id']) && ($event_node['node_creator']==$_SESSION['user_id']))
|| ($event_node['node_permission']=='op')
|| ($event_node['node_permission']=='execute')
|| ($event_node['node_permission']=='master')
GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff