345 rework permission

upload/403.php

@@ -7,7 +7,7 @@
     template_files('403.html');
 } else {
     $data = '403_error';
-    if (has_access('admin_access')) {
+    if ( User::getInstance()->hasAdminAccess()) {
         e(lang('err_warning', ['403', 'http://docs.clip-bucket.com/?p=154']), 'w');
     }
     e(lang($data));

upload/404.php

@@ -6,7 +6,7 @@
     template_files('404.html');
 } else {
     $data = '404_error';
-    if (has_access('admin_access')) {
+    if (User::getInstance()->hasAdminAccess()) {
         e(lang('err_warning', ['404', 'http://docs.clip-bucket.com/?p=154']), 'w');
     }
     e(lang($data));

upload/actions/admin.php

@@ -3,7 +3,12 @@
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
 global $myquery, $cbvid, $eh;
-userquery::getInstance()->admin_login_check();
+
+if (!User::getInstance()->hasAdminAccess()) {
+    e(lang('insufisant_privilege'));
+    echo json_encode(['err'=>$eh->get_error()]);
+    die;
+}
 
 $mode = $_POST['mode'];
 switch ($mode) {

upload/actions/admin_check_timezone.php

@@ -3,7 +3,7 @@
 define('THIS_PAGE', 'check_timezone');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 $success = true;
 if (empty($_POST['timezone'])) {
     $success = false;

upload/actions/admin_check_update.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'admin_check_update');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 $return = [];
 if( config('enable_update_checker') == '1' ){
     $return = ['status'=> Update::getInstance()->getCoreUpdateStatus(), 'html'=>Update::getInstance()->getUpdateHTML()];

upload/actions/admin_comment_delete.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'admin_comment_delete');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $success = true;
 if (empty($_POST['comment_id'])) {

upload/actions/admin_delete_social_network.php

@@ -2,7 +2,9 @@
 define('THIS_PAGE', 'update_phrase');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+if (!User::getInstance()->hasAdminAccess()) {
+    return false;
+}
 
 $id_social_networks_link = $_POST['id_social_networks_link'];
 

upload/actions/admin_import_tmdb.php

@@ -2,8 +2,7 @@
 define('THIS_PAGE', 'admin_import_tmdb');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
-
+User::getInstance()->hasPermissionAjax('admin_access');
 Tmdb::getInstance()->importDataFromTmdb($_POST['videoid'], $_POST['tmdb_video_id'], $_POST['type']);
 
 if (errorhandler::getInstance()->get_error() ) {

upload/actions/admin_info_tmdb.php

@@ -2,7 +2,9 @@
 define('THIS_PAGE', 'admin_info_tmdb');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+if (!User::getInstance()->hasAdminAccess()) {
+    return false;
+}
 
 if (config('enable_tmdb') != 'yes' || config('tmdb_token') == '') {
     return false;

upload/actions/admin_launch_update.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'admin_launch_update');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 $core_tool = new AdminTool();
 $db_tool = new AdminTool();
 $error_init = [];

upload/actions/admin_launch_wip.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'admin_import_tmdb');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $success = true;
 if( Update::getInstance()->isWIPFile() ){

upload/actions/admin_update_social_network.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'update_phrase');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $success = true;
 if (!isset($_POST['id_social_networks_link']) || !isset($_POST['title']) || !isset($_POST['url']) || !isset($_POST['social_network_link_order']) || !isset($_POST['id_fontawesome_icon'])) {

upload/actions/delete_thumbs.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'delete_thumbs');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 # Generating more thumbs
 $data = Video::getInstance()->getOne(['videoid'=>$_POST['videoid']]);

upload/actions/edit_comment.php

@@ -2,7 +2,9 @@
 define('THIS_PAGE', 'edit_comment');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+if (!User::getInstance()->hasAdminAccess()) {
+    return false;
+}
 
 $cid = $_POST['id'];
 $value = $_POST['value'];

upload/actions/file_uploader.php

@@ -4,7 +4,7 @@
 include('../includes/config.inc.php');
 require_once(dirname(__FILE__, 2) . '/includes/classes/sLog.php');
 
-if( !has_access('allow_video_upload') ){
+if( !User::getInstance()->hasPermission('allow_video_upload') ){
     upload_error(lang('insufficient_privileges_loggin'));
     die();
 }

upload/actions/force_tool_to_error.php

@@ -3,7 +3,7 @@
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 require_once('../includes/classes/admin_tool.class.php');
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 $tool = new AdminTool();
 $tool->initById($_POST['id_tool']);
 $tool->setToolError($tool->getId(), true);

upload/actions/form_category.php

@@ -2,8 +2,7 @@
 define('THIS_PAGE', 'form_category');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
-pages::getInstance()->page_redir();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $type = mysql_clean($_POST['type'] ?? '');
 

upload/actions/getVideoDetails.php

@@ -7,7 +7,7 @@
     die();
 }
 
-if (!userquery::getInstance()->perm_check('view_video', true)) {
+if (!User::getInstance()->hasPermission('view_video')) {
     echo json_encode(['video' => false]);
     die();
 }

upload/actions/language_add.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'language_add');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 Language::add_lang($_POST);
 

upload/actions/language_delete.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'language_delete');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 Language::delete_lang($_POST['language_id']);
 display_language_list();

upload/actions/language_make_default.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'language_make_default');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 if (!empty($_POST['make_default'])) {
     Language::getInstance()->make_default($_POST['make_default']);

upload/actions/language_restorable_list.php

@@ -2,6 +2,6 @@
 define('THIS_PAGE', 'language_restorable_list');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 display_restorable_language_list();

upload/actions/language_restore.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'language_restore');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 Language::restore_lang($_POST['code']);
 

upload/actions/language_update.php

@@ -1,7 +1,7 @@
 <?php
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 Language::update_lang($_POST);
 

upload/actions/launch_tool.php

@@ -41,7 +41,7 @@
 
     $tool->setToolInProgress();
 } else {
-    userquery::getInstance()->admin_login_check();
+    User::getInstance()->hasPermissionAjax('admin_access');
 
     if($tool->initById($_POST['id_tool']) === false) {
         e(lang('tool_not_found'));

upload/actions/photo_uploader.php

@@ -3,7 +3,7 @@
 define('THIS_PAGE', 'photo_uploader');
 include('../includes/config.inc.php');
 
-if( !has_access('allow_photo_upload') ){
+if( !User::getInstance()->hasPermission('allow_photo_upload') ){
     upload_error(lang('insufficient_privileges_loggin'));
     die();
 }

upload/actions/regenerate_thumbs.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'regenerate_thumbs');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 # Generating more thumbs
 $data = get_video_details($_POST['videoid']);

upload/actions/resolution_delete.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'resolution_delete');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $resolution = $_POST['resolution'];
 

upload/actions/show_tool_log.php

@@ -2,7 +2,8 @@
 define('THIS_PAGE', 'show_tool_log');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
+
 $tool = new AdminTool();
 $tool->initById($_POST['id_tool']);
 

upload/actions/stop_tool.php

@@ -3,7 +3,7 @@
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 require_once('../includes/classes/admin_tool.class.php');
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 $tool = new AdminTool();
 $tool->initById($_POST['id_tool']);
 $tool->stop();

upload/actions/subtitle_delete.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'subtitle_delete');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $video = $_POST['videoid'];
 $number = $_POST['number'];

upload/actions/subtitle_edit.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'subtitle_edit');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $video = $_POST['videoid'];
 $number = $_POST['number'];

upload/actions/tag_delete.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'tag_delete');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $id_tag = $_POST['id_tag'];
 

upload/actions/tag_update.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'tag_update');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $id_tag = $_POST['id_tag'];
 $tag = $_POST['tag'];

upload/actions/test_tmdb.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'test_tmdb');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 try {
     $tmdb = new TMdb();

upload/actions/update_frequency_disabled_tool.php

@@ -8,7 +8,7 @@
 
 try {
     $tool = new AdminTool();
-    userquery::getInstance()->admin_login_check();
+    User::getInstance()->hasPermissionAjax('admin_access');
     if($tool->initById($_POST['id_tool']) === false) {
         throw new Exception('tool not found');
     }

upload/actions/update_frequency_tool.php

@@ -9,7 +9,7 @@
 
 try {
     $tool = new AdminTool();
-    userquery::getInstance()->admin_login_check();
+    User::getInstance()->hasPermissionAjax('admin_access');
     if($tool->initById($_POST['id_tool']) === false) {
         throw new Exception('tool not found');
     }

upload/actions/update_phrase.php

@@ -2,7 +2,7 @@
 define('THIS_PAGE', 'update_phrase');
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionAjax('admin_access');
 
 $id_language_key = $_POST['id_language_key'];
 $translation = $_POST['translation'];

upload/actions/upgrade_db.php

@@ -55,7 +55,7 @@
     }
 
 } else {
-    userquery::getInstance()->admin_login_check();
+    User::getInstance()->hasPermissionAjax('admin_access');
     if (empty($_REQUEST['version']) || empty($_REQUEST['revision'])) {
         error_lang_cli('Version or revision is missing');
         $error = true;

upload/admin_area/action_logs.php

@@ -3,7 +3,7 @@
 
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
+User::getInstance()->hasPermissionOrRedirect('admin_access', true);
 pages::getInstance()->page_redir();
 
 /* Generating breadcrumb */

upload/admin_area/add_member.php

@@ -3,8 +3,7 @@
 
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
-userquery::getInstance()->login_check('member_moderation');
+User::getInstance()->hasPermissionOrRedirect('member_moderation', true);
 pages::getInstance()->page_redir();
 
 /* Generating breadcrumb */

upload/admin_area/admin_tool.php

@@ -3,8 +3,7 @@
 
 require_once dirname(__FILE__, 2) . '/includes/admin_config.php';
 
-userquery::getInstance()->admin_login_check();
-userquery::getInstance()->login_check('web_config_access');
+User::getInstance()->hasPermissionOrRedirect('web_config_access',true);
 pages::getInstance()->page_redir();
 
 /* Generating breadcrumb */