Enforce admin privileges
This commit is contained in:
73
index.php
73
index.php
@@ -39,39 +39,9 @@ if($sAction!='')
|
||||
case 'feed':
|
||||
$sResult = $oSpot->getNewsFeed($iChunk);
|
||||
break;
|
||||
case 'update_project':
|
||||
$sResult = $oSpot->updateProject();
|
||||
break;
|
||||
case 'upload':
|
||||
$sResult = $oSpot->upload();
|
||||
break;
|
||||
case 'add_comment':
|
||||
$sResult = $oSpot->addComment($iId, $sContent);
|
||||
break;
|
||||
case 'add_post':
|
||||
$sResult = $oSpot->addPost($sName, $sContent);
|
||||
break;
|
||||
/*case 'sql':
|
||||
$sResult = $oSpot->getDbBuildScript();
|
||||
break;*/
|
||||
case 'sync_pics':
|
||||
$sResult = $oSpot->syncPics();
|
||||
break;
|
||||
case 'admin_new':
|
||||
$sResult = $oSpot->createProject();
|
||||
break;
|
||||
case 'admin_get':
|
||||
$sResult = $oSpot->getAdminSettings();
|
||||
break;
|
||||
case 'admin_set':
|
||||
$sResult = $oSpot->setAdminSettings($sType, $iId, $sField, $oValue);
|
||||
break;
|
||||
case 'admin_del':
|
||||
$sResult = $oSpot->delAdminSettings($sType, $iId);
|
||||
break;
|
||||
case 'build_geojson':
|
||||
$sResult = $oSpot->convertGpxToGeojson($sName);
|
||||
break;
|
||||
case 'subscribe':
|
||||
$sResult = $oSpot->subscribe($sEmail);
|
||||
break;
|
||||
@@ -81,14 +51,49 @@ if($sAction!='')
|
||||
case 'unsubscribe_email':
|
||||
$sResult = $oSpot->unsubscribeFromEmail($iId);
|
||||
break;
|
||||
case 'generate_cron':
|
||||
$sResult = $oSpot->genCronFile();
|
||||
case 'update_project':
|
||||
$sResult = $oSpot->updateProject();
|
||||
break;
|
||||
default:
|
||||
$sResult = Main::getJsonResult(false, Main::NOT_FOUND);
|
||||
if($oSpot->checkUserClearance(User::CLEARANCE_ADMIN))
|
||||
{
|
||||
switch($sAction)
|
||||
{
|
||||
case 'upload':
|
||||
$sResult = $oSpot->upload();
|
||||
break;
|
||||
case 'add_comment':
|
||||
$sResult = $oSpot->addComment($iId, $sContent);
|
||||
break;
|
||||
case 'admin_new':
|
||||
$sResult = $oSpot->createProject();
|
||||
break;
|
||||
case 'admin_get':
|
||||
$sResult = $oSpot->getAdminSettings();
|
||||
break;
|
||||
case 'admin_set':
|
||||
$sResult = $oSpot->setAdminSettings($sType, $iId, $sField, $oValue);
|
||||
break;
|
||||
case 'admin_del':
|
||||
$sResult = $oSpot->delAdminSettings($sType, $iId);
|
||||
break;
|
||||
case 'sync_pics':
|
||||
$sResult = $oSpot->syncPics();
|
||||
break;
|
||||
case 'generate_cron':
|
||||
$sResult = $oSpot->genCronFile();
|
||||
break;
|
||||
case 'sql':
|
||||
$sResult = $oSpot->getDbBuildScript();
|
||||
break;
|
||||
default:
|
||||
$sResult = Main::getJsonResult(false, Main::NOT_FOUND);
|
||||
}
|
||||
}
|
||||
else $sResult = Main::getJsonResult(false, Main::NOT_FOUND);
|
||||
}
|
||||
}
|
||||
else $sResult = $oSpot->getMainPage();
|
||||
else $sResult = $oSpot->getAppMainPage();
|
||||
|
||||
$sDebug = ob_get_clean();
|
||||
if(Settings::DEBUG && $sDebug!='') $oSpot->addUncaughtError($sDebug);
|
||||
|
||||
Reference in New Issue
Block a user