* Fixed bug #0000527: Title tag is added even if the page title was empty. Thanks...
[Packages/TYPO3.CMS.git] / typo3 / wizard_rte.php
index 80e063e..2063b89 100755 (executable)
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 1999-2004 Kasper Skaarhoj (kasper@typo3.com)
+*  (c) 1999-2004 Kasper Skaarhoj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
  * Revised for TYPO3 3.6 November/2003 by Kasper Skaarhoj
  * XHTML compliant
  *
- * @author     Kasper Skaarhoj <kasper@typo3.com>
+ * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
  */
 /**
  * [CLASS/FUNCTION INDEX of SCRIPT]
  *
  *
  *
- *   80: class SC_wizard_rte
- *   98:     function init()
- *  122:     function main()
- *  273:     function printContent()
+ *   81: class SC_wizard_rte
+ *   99:     function init()
+ *  123:     function main()
+ *  279:     function printContent()
+ *  290:     function checkEditAccess($table,$uid)
  *
- * TOTAL FUNCTIONS: 3
+ * TOTAL FUNCTIONS: 4
  * (This index is automatically created/updated by the extension "extdeveval")
  *
  */
@@ -73,7 +74,7 @@ t3lib_BEfunc::lockRecords();
 /**
  * Script Class for rendering the full screen RTE display
  *
- * @author     Kasper Skaarhoj <kasper@typo3.com>
+ * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
  * @package TYPO3
  * @subpackage core
  */
@@ -123,7 +124,7 @@ class SC_wizard_rte {
                global $BE_USER,$LANG;
 
                        // If all parameters are available:
-               if ($this->P['table'] && $this->P['field'] && $this->P['uid'])  {
+               if ($this->P['table'] && $this->P['field'] && $this->P['uid'] && $this->checkEditAccess($this->P['table'],$this->P['uid']))     {
 
                                // Getting the raw record (we need only the pid-value from here...)
                        $rawRec = t3lib_BEfunc::getRecord($this->P['table'],$this->P['uid']);
@@ -278,6 +279,36 @@ class SC_wizard_rte {
        function printContent() {
                echo $this->content;
        }
+
+       /**
+        * Checks access for element
+        *
+        * @param       string          Table name
+        * @param       integer         Record uid
+        * @return      void
+        */
+       function checkEditAccess($table,$uid)   {
+               global $BE_USER;
+
+               $calcPRec = t3lib_BEfunc::getRecord($table,$uid);
+               t3lib_BEfunc::fixVersioningPid($table,$uid);
+               if (is_array($calcPRec))        {
+                       if ($table=='pages')    {       // If pages:
+                               $CALC_PERMS = $BE_USER->calcPerms($calcPRec);
+                               $hasAccess = $CALC_PERMS&2 ? TRUE : FALSE;
+                       } else {
+                               $CALC_PERMS = $BE_USER->calcPerms(t3lib_BEfunc::getRecord('pages',$calcPRec['pid']));   // Fetching pid-record first.
+                               $hasAccess = $CALC_PERMS&16 ? TRUE : FALSE;
+                       }
+
+                               // Check internals regarding access:
+                       if ($hasAccess) {
+                               $hasAccess = $BE_USER->recordEditAccessInternals($table, $calcPRec);
+                       }
+               } else $hasAccess = FALSE;
+
+               return $hasAccess;
+       }
 }
 
 // Include extension?