From 16f0dcc2d7cbfa736889306fa0faef1592cc64d6 Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Mon, 28 Sep 2009 20:29:04 +0000 Subject: [PATCH] Fixed modules/plugins security extensions inclusion. --- includes/access_levels.inc | 14 ++++---------- includes/session.inc | 8 +++++++- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/includes/access_levels.inc b/includes/access_levels.inc index a61d4b3b..7eccf93d 100644 --- a/includes/access_levels.inc +++ b/includes/access_levels.inc @@ -235,21 +235,15 @@ $security_areas =array( 'SA_BANKREP' => array(SS_GL_A|3, _("Bank reports and inquiries")), 'SA_GLREP' => array(SS_GL_A|4, _("GL reports and inquiries")), ); -/* - This function should be called whenever we want to extend core access level system - with new security areas and/or sections i.e.: - . on any page with non-standard security areas - . in security roles editor -*/ + function add_access_extensions() { - global $path_to_root, $security_areas, $security_sections; - - // Add extension private access levels - include($path_to_root.'/company/'.user_company().'/installed_extensions.php'); + global $path_to_root, $security_areas, $security_sections, $installed_extensions; + foreach($installed_extensions as $ext) { if (@$ext['active'] && isset($ext['acc_file'])) include($path_to_root.($ext['type'] == 'plugin' ? '/modules/':'/').$ext['path'].'/'.$ext['acc_file']); } } + ?> \ No newline at end of file diff --git a/includes/session.inc b/includes/session.inc index 19a0e4a6..89d8c333 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -236,7 +236,13 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ $_SESSION["App"]->init(); } -//---------------------------------------------------------------------------------------- + /* + This call is necessary only at: + . on any page with non-standard security areas + . in security roles editor + To be optmized after. + */ + add_access_extensions(); check_page_security($page_security); } -- 2.30.2