aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/actions.php28
1 files changed, 17 insertions, 11 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 07b52933d..682e13b55 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -48,15 +48,20 @@
$forwarder = substr($forwarder,1);
}
- if (isset($CONFIG->actions[$action])) {
- if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {
- if (@include($CONFIG->actions[$action]['file'])) {
+ if (isset($CONFIG->actions[$action])) {
+ if (
+ (isadminloggedin()) ||
+ (!$CONFIG->actions[$action]['admin'])
+ ) {
+ if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {
+ if (@include($CONFIG->actions[$action]['file'])) {
+ } else {
+ register_error(sprintf(elgg_echo('actionundefined'),$action));
+ }
} else {
- register_error(sprintf(elgg_echo('actionundefined'),$action));
- }
- } else {
- register_error(elgg_echo('actionloggedout'));
- }
+ register_error(elgg_echo('actionloggedout'));
+ }
+ }
} else {
register_error(sprintf(elgg_echo('actionundefined'),$action));
}
@@ -69,10 +74,11 @@
*
* @param string $action The name of the action (eg "register", "account/settings/save")
* @param boolean $public Can this action be accessed by people not logged into the system?
- * @param string $filename Optionally, the filename where this action is located
+ * @param string $filename Optionally, the filename where this action is located
+ * @param boolean $admin_only Whether this action is only available to admin users.
*/
- function register_action($action, $public = false, $filename = "") {
+ function register_action($action, $public = false, $filename = "", $admin_only = false) {
global $CONFIG;
if (!isset($CONFIG->actions)) {
@@ -86,7 +92,7 @@
$filename = $path . "actions/" . $action . ".php";
}
- $CONFIG->actions[$action] = array('file' => $filename, 'public' => $public);
+ $CONFIG->actions[$action] = array('file' => $filename, 'public' => $public, 'admin' => $admin_only);
return true;
}