From 60e6b550b60672fe78cdfeb0abafa4c16b1451c5 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 7 Mar 2006 17:51:27 +0100
Subject: [PATCH] disable ACL commands if ACL is disabled FS#732

darcs-hash:20060307165127-7ad00-b11a8cab6d904745998d5648911bee9fcd55af61.gz
---
 inc/actions.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/inc/actions.php b/inc/actions.php
index eaf0c268e..e92e366d0 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -114,6 +114,7 @@ function act_dispatch(){
  */
 function act_clean($act){
   global $lang;
+  global $conf;
 
   //handle localized buttons
   if($act == $lang['btn_save']) $act = 'save';
@@ -127,6 +128,14 @@ function act_clean($act){
   if($act == 'export_html') $act = 'export_xhtml';
   if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
 
+  //disable all acl related commands if ACL is disabled
+  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
+                                             'subscribe','unsubscribe','profile',
+                                             'resendpwd',))){
+    msg('Command unavailable: '.htmlspecialchars($act),-1);
+    return 'show';
+  }
+
   if(array_search($act,array('login','logout','register','save','edit',
                              'preview','search','show','check','index','revisions',
                              'diff','recent','backlink','admin','subscribe',
-- 
GitLab