1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

no logic in XenForo_ControllerHelper_Admin

Discussion in 'XenForo Development Discussions' started by ragtek, Jan 21, 2011.

  1. ragtek

    ragtek Guest

    I'm not sure if it's because of the yesterdays alcohol, or because i worked too much, but this makes no sense for me:

    PHP:
    XenForo_ControllerHelper_Admin extends XenForo_ControllerHelper_Abstract
    {
        public function 
    checkSuperAdminEdit(array $user)
        {
            if (
    $user['is_admin'] && !XenForo_Visitor::getInstance()->isSuperAdmin())
            {
                
    $superAdmins preg_split(
                    
    '#\s*,\s*#'XenForo_Application::get('config')->superAdmins,
                    -
    1PREG_SPLIT_NO_EMPTY
                
    );
                if (
    in_array($user['user_id'], $superAdmins))
                {
                    throw 
    $this->_controller->responseException(
                        
    $this->_controller->responseError(new XenForo_Phrase('you_must_be_super_administrator_to_edit_user'))
                    );
                }
            }
        }
    XenForo_Visitor::getInstance()->isSuperAdmin()
    PHP:
        public function isSuperAdmin()
        {
            if (
    $this->_isSuperAdmin === null)
            {
                
    $superAdmins preg_split(
                    
    '#\s*,\s*#'XenForo_Application::get('config')->superAdmins,
                    -
    1PREG_SPLIT_NO_EMPTY
                
    );
                
    $this->_isSuperAdmin in_array($this->_user['user_id'], $superAdmins);
            }

            return 
    $this->_isSuperAdmin;
        }
    So, you check the same thing twice.
    It's unneccessery.
    If the first check is false, the second will also be false.
    BUT

    for example:
    user is not superadmin
    then: visitor->getInstance()->isSuperAdmin()
    PHP:
    $this->_isSuperAdmin in_array($this->_user['user_id'], $superAdmins);
    will return false and the helper will make the same check once again.

    And it will find nothing once again!
    The second strange thing is, it throws the exception ONLY if it founds the element!
    Right?
    if not sorryyyyyyyyyy
     
  2. Mike

    Mike XenForo Developer Staff Member

    It's because of the alcohol. :)

    That function throws an error if the passed user (not the visitor!) is a super admin and the visitor is not. Look at the error message thrown.
     
  3. ragtek

    ragtek Guest

    nevermind
    i've saw that the second check is NOT for the current user:D

    oh mike was faster
     
  4. a legacy reborn

    a legacy reborn Well-Known Member

    I think we should just allow everyone into the ACP :D
     

Share This Page