Mercurial Mercurial > repos > enano-1.1 / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/pageprocess.php
changeset 511 f88c8c79d784
parent 507 586fd7d3202d
child 536 218a627eb53e 
--- a/includes/pageprocess.php	Wed Mar 26 16:51:42 2008 -0400
+++ b/includes/pageprocess.php	Wed Mar 26 20:20:22 2008 -0400
@@ -176,9 +176,19 @@
     
     if ( !$this->perms->get_permissions('read') )
     {
-      $this->err_access_denied();
-      profiler_log("PageProcessor [{$this->namespace}:{$this->page_id}]: Finished send process");
-      return false;
+      // Permission denied to read page. Is this one of our core pages that must always be allowed?
+      // NOTE: Not even the administration panel will work if ACLs deny access to it.
+      if ( $this->namespace == 'Special' && in_array($this->page_id, array('Login', 'Logout', 'LangExportJSON', 'CSS')) )
+      {
+        // Do nothing; allow execution to continue
+      }
+      else
+      {
+        // Page isn't whitelisted, behave as normal
+        $this->err_access_denied();
+        profiler_log("PageProcessor [{$this->namespace}:{$this->page_id}]: Finished send process");
+        return false;
+      }
     }
     $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
     $strict_no_headers = false;
Enano CMS (1.1.x)