From 503b596a7103488f61c5e36c6f837f3003a93708 Mon Sep 17 00:00:00 2001
From: Imran Hussain <imranh@sucs.org>
Date: Thu, 25 Dec 2014 20:19:31 +0000
Subject: [PATCH] Security. Menu items that have a non null permission value in
 the menu table will now only be visiable to people with that permission,
 unlike before where it kinda half worked and everybody could see everything.

---
 components/menu.php | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/components/menu.php b/components/menu.php
index f4b1975..1677708 100644
--- a/components/menu.php
+++ b/components/menu.php
@@ -7,7 +7,7 @@ function getPageID($name) {
 
 function translate($word) {
 	global $language, $DB;
-	
+
 	if ($language['code']!="en") {
 		$query=$DB->GetRow("select title, title".$language['db']." from menu where title='".$word."'");
 		if ($query['title'.$language['db']]!="") return $query['title'.$language['db']];
@@ -60,9 +60,25 @@ $res = $DB->GetAll($query);
 $menu = parseMenu($res);
 
 // this needs to choose the actual current one
-$res = $DB->GetAll("select * from menu where parent=".getPageID($pagename)." order by menuorder");
-if (count($res)>0) {
-	$submenu = parseMenu($res);
+// subpages/submenu items can have permissions attached to them as well!
+
+$query2  = "select * from menu where parent=";
+$query2 .= "'";
+$query2 .= getPageID($pagename);
+$query2 .= "'";
+$query2 .= " and (permission is NULL";
+
+if ($session->loggedin) $query2 .= " or permission='users'";
+
+foreach ($session->groups as $group => $value) {
+        $query2 .= " or permission='$group'";
+        }
+
+$query2 .= ") order by menuorder";
+
+$res2 = $DB->GetAll($query2);
+if (count($res2)>0) {
+	$submenu = parseMenu($res2);
 	$menu[translate($pagename)] = $submenu;
 }
 
-- 
GitLab