mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merged revisions 48360 via svnmerge from
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq ........ r48360 | ischommer | 2008-01-21 21:04:56 +1300 (Mon, 21 Jan 2008) | 1 line escaping $code, documentation ........ git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@52404 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
32677d71ce
commit
051e1bc68b
@ -116,7 +116,7 @@ class Permission extends DataObject {
|
|||||||
* Check that the given member has the given permission
|
* Check that the given member has the given permission
|
||||||
* @param int memberID The ID of the member to check. Leave blank for the
|
* @param int memberID The ID of the member to check. Leave blank for the
|
||||||
* current member
|
* current member
|
||||||
* @param string $code Code of the permission to check
|
* @param string|array $code Code of the permission to check
|
||||||
* @param string $arg Optional argument (e.g. a permissions for a specific
|
* @param string $arg Optional argument (e.g. a permissions for a specific
|
||||||
* page)
|
* page)
|
||||||
* @param bool $strict Use "strict" checking (which means a permission
|
* @param bool $strict Use "strict" checking (which means a permission
|
||||||
@ -160,7 +160,8 @@ class Permission extends DataObject {
|
|||||||
if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
|
if(is_array($code)) $SQL_codeList = "'" . implode("', '", Convert::raw2sql($code)) . "'";
|
||||||
else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
|
else $SQL_codeList = "'" . Convert::raw2sql($code) . "'";
|
||||||
|
|
||||||
|
$SQL_code = Convert::raw2sql($code);
|
||||||
|
|
||||||
$adminFilter = (self::$admin_implies_all)
|
$adminFilter = (self::$admin_implies_all)
|
||||||
? ",'ADMIN'"
|
? ",'ADMIN'"
|
||||||
: '';
|
: '';
|
||||||
@ -187,7 +188,7 @@ class Permission extends DataObject {
|
|||||||
SELECT COUNT(*)
|
SELECT COUNT(*)
|
||||||
FROM Permission
|
FROM Permission
|
||||||
WHERE (
|
WHERE (
|
||||||
(Code IN '$code')'
|
(Code IN '$SQL_code')'
|
||||||
AND (Type = " . self::GRANT_PERMISSION . ")
|
AND (Type = " . self::GRANT_PERMISSION . ")
|
||||||
)
|
)
|
||||||
")->value();
|
")->value();
|
||||||
|
Loading…
Reference in New Issue
Block a user