From a563d594aeb6f9d6553bfb9ed10aff5ffdd20d10 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Wed, 15 Apr 2015 09:02:14 -0400
Subject: [PATCH] - ported some patches

---
 interface/lib/classes/auth.inc.php |   29 +++++++++++++++++++++++++----
 1 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/interface/lib/classes/auth.inc.php b/interface/lib/classes/auth.inc.php
index 562cf40..56e53ee 100644
--- a/interface/lib/classes/auth.inc.php
+++ b/interface/lib/classes/auth.inc.php
@@ -129,11 +129,32 @@
 
 	public function check_module_permissions($module) {
 		// Check if the current user has the permissions to access this module
+		$module = trim(preg_replace('@\s+@', '', $module));
 		$user_modules = explode(',',$_SESSION["s"]["user"]["modules"]);
-		if(!in_array($module,$user_modules)) {
-			// echo "LOGIN_REDIRECT:/index.php";
-			header("Location: /index.php");
-			exit;
+		if(strpos($module, ',') !== false){
+			$can_use_module = false;
+			$tmp_modules = explode(',', $module);
+			if(is_array($tmp_modules) && !empty($tmp_modules)){
+				foreach($tmp_modules as $tmp_module){
+					if($tmp_module != ''){
+						if(in_array($tmp_module,$user_modules)) {
+							$can_use_module = true;
+							break;
+						}
+					}
+				}
+			}
+			if(!$can_use_module){
+				// echo "LOGIN_REDIRECT:/index.php";
+				header("Location: /index.php");
+				exit;
+			}
+		} else {
+			if(!in_array($module,$user_modules)) {
+				// echo "LOGIN_REDIRECT:/index.php";
+				header("Location: /index.php");
+				exit;
+			}
 		}
 	}
 	

--
Gitblit v1.9.1