블로그/게시판등 모듈에 상관없이 문서의 출력을 위한 권한을 처리하기 위해 document.item.php의 isAccessible()추가 및 레이아웃 처리를 Context를 이용하여 보이지 않도록 수정

git-svn-id: http://xe-core.googlecode.com/svn/trunk@1913 201d5d3c-b55e-5fd7-737f-ddc643e51545
2026-01-23 21:29:58 +09:00 · 2007-07-12 09:50:50 +00:00 · 2007-07-12 09:50:50 +00:00 · f4f44da48d
commit f4f44da48d
parent d0c8f54ed8
6 changed files with 39 additions and 18 deletions
--- a/modules/document/document.item.php
+++ b/modules/document/document.item.php
@ -67,6 +67,10 @@
            $_SESSION['own_document'][$this->document_srl] = true;
        }

+        function isAccessible() {
+            return $_SESSION['accessible'][$this->document_srl]==true?true:false;
+        }
+
        function allowComment() {
            return $this->get('allow_comment') == 'Y' || !$this->isExists() ? true : false;
        }
@ -119,12 +123,14 @@
        function getContentText() {
            if($this->isSecret() && !$this->isGranted()) return Context::getLang('msg_is_secret');

+            $_SESSION['accessible'][$this->document_srl] = true;
            return htmlspecialchars($this->get('content'));
        }

        function getContent() {
            if($this->isSecret() && !$this->isGranted()) return Context::getLang('msg_is_secret');

+            $_SESSION['accessible'][$this->document_srl] = true;
            return sprintf('<!--BeforeDocument(%d,%d)-->%s<!--AfterDocument(%d,%d)-->', $this->document_srl, $this->get('member_srl'), $this->get('content'), $this->document_srl, $this->get('member_srl'));
        }

--- a/modules/document/document.view.php
+++ b/modules/document/document.view.php
@ -18,9 +18,6 @@
         * 해당 글만 찾아서 그냥 출력해버린다;;
         **/
        function dispDocumentPrint() {
-            // 권한 체크
-            if(!$this->grant->view) return new Object(-1,'msg_not_permitted');
-
            // 목록 구현에 필요한 변수들을 가져온다
            $document_srl = Context::get('document_srl');

@ -31,12 +28,15 @@
            $oDocument = $oDocumentModel->getDocument($document_srl, $this->grant->manager);
            if(!$oDocument->isExists()) return new Object(-1,'msg_invalid_request');

+            // 권한 체크
+            if(!$oDocument->isAccessible()) return new Object(-1,'msg_not_permitted');
+
            // 브라우저 타이틀 설정
            Context::setBrowserTitle($oDocument->getTitleText());

            Context::set('oDocument', $oDocument);

-            $this->module_info->layout_srl = null;
+            Context::set('layout','none');
            $this->setTemplatePath($this->module_path.'tpl');
            $this->setTemplateFile('print_page');
        }
--- a/modules/document/tpl/print_page.html
+++ b/modules/document/tpl/print_page.html
@ -1,8 +1,15 @@
 <!--%import("./css/document.css")-->
 <!--%import("./css/document.css")-->

-<h1>{$oDocument->getTitleText()}</h1><br />
-{$oDocument->getContent()}
+<div><h1>{$oDocument->getTitleText()}</h1></div>
+
+<div class="member_{$oDocument->get('member_srl')} gap1 fl">{$oDocument->get('nick_name')}</div>
+<div class="gap1 fr">{$oDocument->getRegdate()}</div>
+
+<div class="clear"></div>
+
+<div class="gap1">{$oDocument->getContent()}</div>
+

 <script type="text/javascript">//<![CDATA[
    xAddEventListener(window,'load',function() { window.print(); } );