Changeset 502 for trunk/lib/ACL.inc.php

Timestamp:

Dec 30, 2014 10:24:51 PM (9 years ago)

Author:

anonymous

Message:

Many minor fixes during pulso development

File:

• trunk/lib/ACL.inc.php (modified) (6 diffs)

trunk/lib/ACL.inc.php

@@ -37 +37 @@
 require_once dirname(__FILE__) . '/Cache.inc.php';
 
-class ACL {
+class ACL
+{
 
     // A place to keep an object instance for the singleton pattern.
@@ -49 +50 @@
         // Automatically create table and verify columns. Better set to false after site launch.
         'create_table' => false,
+
+        // Maximum allowed length of names.
+        // This value can be increased only if {aro,aco,axo}_tbl.name VARCHAR length is increased.
+        'name_max_length' => 32.
     );
 
@@ -149 +154 @@
             $db->query("
                 CREATE TABLE IF NOT EXISTS acl_tbl (
-                    aro_id SMALLINT(11) UNSIGNED NOT NULL DEFAULT '0',
-                    aco_id SMALLINT(11) UNSIGNED NOT NULL DEFAULT '0',
-                    axo_id SMALLINT(11) UNSIGNED NOT NULL DEFAULT '0',
+                    aro_id SMALLINT UNSIGNED NOT NULL DEFAULT '0',
+                    aco_id SMALLINT UNSIGNED NOT NULL DEFAULT '0',
+                    axo_id SMALLINT UNSIGNED NOT NULL DEFAULT '0',
                     access ENUM('allow', 'deny') DEFAULT NULL,
                     added_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
@@ -180 +185 @@
                     CREATE TABLE IF NOT EXISTS {$a_o}_tbl (
                         {$a_o}_id SMALLINT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
-                        name VARCHAR(32) NOT NULL DEFAULT '',
-                        lft MEDIUMINT(9) UNSIGNED NOT NULL DEFAULT '0',
-                        rgt MEDIUMINT(9) UNSIGNED NOT NULL DEFAULT '0',
+                        name VARCHAR(" . $this->getParam('name_max_length') . ") NOT NULL DEFAULT '',
+                        lft MEDIUMINT UNSIGNED NOT NULL DEFAULT '0',
+                        rgt MEDIUMINT UNSIGNED NOT NULL DEFAULT '0',
                         added_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
                         UNIQUE KEY name (name(15)),
@@ -255 +260 @@
         if ('' == trim($name) || '' == trim($parent)) {
             $app->logMsg(sprintf('Cannot add node, parent (%s) or name (%s) missing.', $name, $parent), LOG_WARNING, __FILE__, __LINE__);
+            return false;
+        }
+
+        // Ensure node node name fits in the column size.
+        // This value can be increased if {aro,aco.axo}_tbl.name VARCHAR length is increased.
+        if (strlen(trim($name)) > $this->getParam('name_max_length')) {
+            $app->logMsg(sprintf('Cannot add node, %s character limit exceeded for name "%s"', $this->getParam('name_max_length'), $name, $parent), LOG_WARNING, __FILE__, __LINE__);
             return false;
         }
@@ -718 +730 @@
 
         if (!$this->check($aro, $aco, $axo)) {
-            $message = '' == trim($message) ? sprintf(_("You have insufficient privileges to view <em>%s %s</em>"), $aco, $axo) : $message;
+            $message = '' == trim($message) ? sprintf(_("Sorry, you have insufficient privileges for <em>%s %s</em>."), $aco, $axo) : $message;
             $app->raiseMsg($message, $type, $file, $line);
             $app->dieBoomerangURL();