diff --git a/inc/auth.php b/inc/auth.php
index 7449fd63557182ffb7be1dbb65654ccbdb501ffd..164ad3df9b533ff6ac05fa5ba7bd84e274b60357 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -686,9 +686,8 @@ function register(){
global $conf;
global $auth;
- if (!$auth) return false;
if(!$_POST['save']) return false;
- if(!$auth->canDo('addUser')) return false;
+ if(!actionOK('register')) return false;
//clean username
$_POST['login'] = trim($auth->cleanUser($_POST['login']));
@@ -764,12 +763,10 @@ function updateprofile() {
global $lang;
global $auth;
- if (!$auth) return false;
if(empty($_POST['save'])) return false;
if(!checkSecurityToken()) return false;
- // should not be able to get here without Profile being possible...
- if(!$auth->canDo('Profile')) {
+ if(!actionOK('profile')) {
msg($lang['profna'],-1);
return false;
}
@@ -840,11 +837,7 @@ function act_resendpwd(){
global $conf;
global $auth;
- if(!actionOK('resendpwd')) return false;
- if (!$auth) return false;
-
- // should not be able to get here without modPass being possible...
- if(!$auth->canDo('modPass')) {
+ if(!actionOK('resendpwd')) {
msg($lang['resendna'],-1);
return false;
}
diff --git a/inc/confutils.php b/inc/confutils.php
index 26ed4f08712dfbe5ae12321891e15760aeae220d..b2d25fb6532f56ec1945f9ccbabdf01e833d1543 100644
--- a/inc/confutils.php
+++ b/inc/confutils.php
@@ -241,17 +241,24 @@ function actionOK($action){
// prepare disabled actions array and handle legacy options
$disabled = explode(',',$conf['disableactions']);
$disabled = array_map('trim',$disabled);
- if(isset($conf['openregister']) && !$conf['openregister']) $disabled[] = 'register';
- if(isset($conf['resendpasswd']) && !$conf['resendpasswd']) $disabled[] = 'resendpwd';
- if(isset($conf['subscribers']) && !$conf['subscribers']) {
- $disabled[] = 'subscribe';
- }
- if (is_null($auth) || !$auth->canDo('addUser')) {
+ if(!empty($conf['openregister']) || is_null($auth) || !$auth->canDo('addUser')) {
$disabled[] = 'register';
}
- if (is_null($auth) || !$auth->canDo('modPass')) {
+ if(!empty($conf['resendpasswd']) || is_null($auth) || !$auth->canDo('modPass')) {
$disabled[] = 'resendpwd';
}
+ if(!empty($conf['subscribers']) || is_null($auth)) {
+ $disabled[] = 'subscribe';
+ }
+ if (is_null($auth) || !$auth->canDo('Profile')) {
+ $disabled[] = 'profile';
+ }
+ if (is_null($auth)) {
+ $disabled[] = 'login';
+ }
+ if (is_null($auth) || !$auth->canDo('logout')) {
+ $disabled[] = 'logout';
+ }
$disabled = array_unique($disabled);
}
diff --git a/inc/template.php b/inc/template.php
index b873d818fbad7580139bdbfbf355ea7b6f03a985..d29e3e779ee79b618d4e515821f0b552e2aa40cd 100644
--- a/inc/template.php
+++ b/inc/template.php
@@ -581,12 +581,9 @@ function tpl_get_action($type) {
$accesskey = 'b';
break;
case 'login':
- if(!$conf['useacl'] || !$auth){
- return false;
- }
$params['sectok'] = getSecurityToken();
if(isset($_SERVER['REMOTE_USER'])){
- if (!$auth->canDo('logout')) {
+ if (!actionOK('logout')) {
return false;
}
$params['do'] = 'logout';
@@ -619,20 +616,19 @@ function tpl_get_action($type) {
$type = 'subscribe';
$params['do'] = 'subscribe';
case 'subscribe':
- if(!$conf['useacl'] || !$auth || !$conf['subscribers'] || !$_SERVER['REMOTE_USER']){
+ if(!$_SERVER['REMOTE_USER']){
return false;
}
break;
case 'backlink':
break;
case 'profile':
- if(!$conf['useacl'] || !$auth || !isset($_SERVER['REMOTE_USER']) ||
- !$auth->canDo('Profile')){
+ if(!isset($_SERVER['REMOTE_USER'])){
return false;
}
break;
case 'subscribens':
- // Superseeded by subscribe/subscription
+ // Superseded by subscribe/subscription
return '';
break;
default: