X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Fpermissions.inc;h=e6c2eb95ce7322c4b33d88a5589811dd3f5b1cbf;hb=bde5bc7a912775cd1c3da7f095980944afe70522;hp=ed921704e82585be25ab6c42c5131829799283b6;hpb=8dabb29b22afd3659e4df7cedacb8df593fc8ba4;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/inc/permissions.inc b/wwwroot/inc/permissions.inc
index ed92170..e6c2eb9 100644
--- a/wwwroot/inc/permissions.inc
+++ b/wwwroot/inc/permissions.inc
@@ -5,8 +5,13 @@ class permissions {
 function isHierarch($node) {
 
 	global $db;
-	$user_id=$_SESSION['user_id'];
+	if (IsSet($_SESSION['user_id'])) {
+	        $user_id=$_SESSION['user_id'];
+	} else {
+	        $user_id=0;
+	}
 	if (!$user_id) return false;
+
 	$node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
 	$hierarchy=explode(';',$node_vector);
 	foreach ($hierarchy as $hierarch) {
@@ -29,7 +34,11 @@ function isHierarch($node) {
 
 function checkPermissions($node) {
 global $db;
-$user_id=$_SESSION['user_id'];
+if (IsSet($_SESSION['user_id'])) {
+	$user_id=$_SESSION['user_id'];
+} else {
+	$user_id=0;
+}
 
 /*
 thousand lights   // OMGto Hierarchy!
@@ -55,10 +64,10 @@ if (($node['node_system_access']!='public' and $node['node_system_access']!='cry
 		elseif ($result->getString('node_permission')!='') {
 			array_pop($hierarchy_bounce);
 			$node['node_permission']=$result->getString('node_permission');
-				$q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$user_id"'";
+				$q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
 				$updated=$db->update($q);
 				if (!$updated && IsSet($_SESSION['user_id'])) {
-					$q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'";
+					$q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$user_id."'";
 					$db->query($q);
 				}
 			break;
@@ -68,10 +77,10 @@ if (($node['node_system_access']!='public' and $node['node_system_access']!='cry
 		elseif ($result->getString('node_creator')==$user_id) {
 			array_pop($hierarchy_bounce);
 			$node['node_permission']='access';
-				$q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
+				$q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
 				$updated=$db->update($q);
 				if (!$updated && IsSet($_SESSION['user_id'])) {
-					$q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'";
+					$q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$user_id."'";
 					$db->query($q);
 				}
 			break;
@@ -85,12 +94,12 @@ if (($node['node_system_access']!='public' and $node['node_system_access']!='cry
 
 
 //setting permissions for not logged in users
-if ($_SESSION['user_id']==$node['node_creator']) {
-		$permissions['r']=true;
-		$permissions['w']=true;
+if ($user_id==$node['node_creator']) {
+	$permissions['r']=true;
+	$permissions['w']=true;
 }
 
-elseif (!$_SESSION['user_id']) {
+elseif (!$user_id) {
 
 	if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) {
 		$permissions['r']=true;