Ticket #1630: admin_access.patch

admin/includes/column_left.php

@@ -17 +17 @@
    --------------------------------------------------------------*/
 defined( '_VALID_XTC' ) or die( 'Direct Access to this location is not allowed.' );
 
+// Some plugins such as magnalister render the admin html inside of a function.
+// So variables that are expected to have a global scope will have a local scope instead,
+// if the file is included inside of a function.
+// Annotate variables that are required to have a global scope as global even if they're
+// usually included in a procedual fashion. This has no effect if the file is included
+// in a global scope but fixes missing initialisations if the file is included inside
+// of a function.
+global $admin_access;
 $admin_access = array();
 if (($_SESSION['customers_status']['customers_status_id'] == '0')) {
   $admin_access_query = xtc_db_query("SELECT * FROM " . TABLE_ADMIN_ACCESS . " WHERE customers_id = ".(int)$_SESSION['customer_id']);

admin/includes/extra_menu.php

@@ -25 +25 @@
     function subMenue($admin_access_name = '', $filename = '', $linktext= '', $parameters = '', $ssl = 'NONSSL'){
         global $admin_access;
 
-        ## magnalister
-        if (!is_array($admin_access) || count($admin_access) < 1) {
-          $admin_access = array();
-          if (($_SESSION['customers_status']['customers_status_id'] == '0')) {
-            $admin_access_query = xtc_db_query("SELECT * FROM " . TABLE_ADMIN_ACCESS . " WHERE customers_id = ".(int)$_SESSION['customer_id']);
-            $admin_access = xtc_db_fetch_array($admin_access_query);
-          }
-        }
-        ## magnalister
-
         $html = '';
         if (isset($admin_access[$admin_access_name]) && $admin_access[$admin_access_name] == '1') {