Backport

[platal.git] / classes / platal.php

diff --git a/classes/platal.php b/classes/platal.php
index 7bd94ff..5cf0d75 100644 (file)
--- a/classes/platal.php
+++ b/classes/platal.php
@@ -98,11 +98,19 @@ class Platal
         $args    = $this->argv;
         $args[0] = &$page;
 
-        if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) {
-            global $globals;
+        if (strlen($hook['perms']) && $hook['perms'] != Session::v('perms')) {
+            return PL_FORBIDDEN;
+        }
 
-            if (!call_user_func(array($globals->session, 'doAuth'))) {
-                $this->force_login($page);
+        if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) {
+            if ($hook['type'] == DO_AUTH) {
+                global $globals;
+    
+                if (!call_user_func(array($globals->session, 'doAuth'))) {
+                    $this->force_login($page);
+                }
+            } else {
+                return PL_FORBIDDEN;
             }
         }
 
@@ -131,7 +139,7 @@ class Platal
             $this->path = 'index';
         }
 
-        $page->assign_by_ref('platal', $this);
+        $page->assign('platal', $this);
         switch ($this->call_hook($page)) {
           case PL_FORBIDDEN:
             $this->__mods['core']->handler_403($page);
@@ -141,6 +149,8 @@ class Platal
             $this->__mods['core']->handler_404($page);
             break;
         }
+
+        $page->assign('platal', $this);
         $page->run();
     }